Secure personal computing in an insecure network

Lecture Notes in Computer Science

This paper describes the key management method which allows secure communication channels between devices in home networks. Home network technologies have developed to enable various kinds of home devices to access the digital information between the devices. Without security framework, however, the digital information including a user's private data may be exposed to a malicious attacker. Although conventional public key cryptosystems generally provide security features such as confidentiality and integrity, the distribution of the keys is vulnerable to man-in-the-middle attack without a trusted third party. In general home networks are dynamically set up without relying on any pre-existing infrastructure or central administration. Therefore, we must implement key distribution schemes without the assumption of a trusted third party. In this paper, we present self-authorized public key management for home networks. Our idea is to bind the device owner's authorization information to the public key of a device. Our protocol enables the distribution of the authenticated public key using an identity-based encryption scheme. We also provide heuristic analysis of various security properties.

ACM SIGOPS Operating Systems Review, 1990

We present some practical security protocols that use private-key encryption in the public-key style. Our system combines a new notion of private-key certificates , a simple key-translation protocol, and key-distribution. These certificates can be administered and used much as public-key certificates are, so that users can communicate securely while sharing neither an encryption key nor a network connection.

In this paper we describe the adopted and implemented solution to provide secure communications over the extended area Ethernet network of the Polytechnic University of Catalonia (U.P.C.). The developed solution is not adapted to the current standards about security on local networks (IEEE-802.]O, ISO 7498-2, etc.). This solution is based on the construction of a set of ciphering devices (CRYPTONETS), whose function is similar to the one carried out by a classic bridge, but incorporating ciphering facilities. Moreover, there is a Supervision and Administration Center (SAC), which takes care of the key renewal and System Management. The cryptographic algorithms used are the D.E.S, for the Ethernet frames ciphering, and the R.S.A., for key-management. Finally, we evaluate the degroda_tion of the network performances due to the introduction of security services within an already working network. The prototype shown here is a second version of the one described in [16]. Although the measures carried out are only partial, it can be asserted that they substantially improve the performances obtained with the first prototype, reaching the desired values. that copying is by permission of the Association for Computing Machinery. To copy otherwise, or to republish, requires m foe end/or specific permission.

The Personal Distributed Environment (PDE) is a new concept being developed by Mobile VCE allowing future mobile users flexible access to their information and services. Unlike traditional mobile communications, the PDE user no longer needs to establish his or her personal communication link solely through one subscribing network but rather a diversity of disparate devices and access technologies whenever and wherever he or she requires. Depending on the services' availability and coverage in the location, the PDE communication configuration could be, for instance, via a mobile radio system and a wireless ad hoc network or a digital broadcast system and a fixed telephone network. This new form of communication configuration inherently imposes newer and higher security challenges relating to identity and authorising issues especially when the number of involved entities, accessible network nodes and service providers, builds up. These also include the issue of how the subscribed service and the user's personal information can be securely and seamlessly handed over via multiple networks, all of which can be changing dynamically. Without such security, users and operators will not be prepared to trust their information to other networks.

International Journal for Recent Development in Science & Technology, 2020

Network Security & Cryptography is a concept to protect network and data transmission over wireless network. Data Security is the main aspect of secure data transmission over unreliable network. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. In this paper we also studied cryptography along with its principles. Cryptographic systems with ciphers are described. The cryptographic models and algorithms are outlined.

2019

Start Network devices are generally programmed over the serial ports (COM-RS232) or over the network via telnet protocol or ssh protocol. The communication process via the Telnet protocol and COM port is done unencrypted. Therefore, there is a possibility to listen and change the communication by an intervening hacker. In order to prevent this, the hardware is designed described below. With this developed system, serial communication has been encrypted by adding RSA encryption using hardware between network devices which needs configuration with PC.

In recent days, the wide use of computer networks has been marked its sign to the modern civilization. Almost in all the organizations, various types of computer networks, namely, LAN, MAN, WAN, PAN, CAN, SAN etc. are used. While using a computer network, the main factors, which arise are, 1. Construction of the network, 2. Type of the network, 3. Good features of the network for smooth computing, and 4. Security of the network. In this theoretical paper, a different concept, " Private Area Network " is designed which should be implemented in the university or college campuses for cost effective, smooth and secured routing. This paper is basically a combinational implementation of " Cisco EIGRP " , " ACL mechanism " and a different " CAN (Campus Area Network) " with Networking Security Concept. In this system, the higher authority can directly contact to the desired department with secured and hassle-free computing. The network should be implemented with the help of construction plans mentioned in this paper. Protocols must be maintained according to the guidelines and then the security concept will prevent the network from various attacks.

Wireless Personal Communications, 2014

Securely sharing and managing personal content is a challenging task in multi-device environments. In this paper, we design and implement a new platform called Personal Content Networking (PCN). Our work is inspired by Content-Centric Networking (CCN) because we aim to enable access to personal content using its name instead of its location. The unique challenge of PCN is to support secure file operations such as replication, updates, and access control over distributed untrusted devices. The primary contribution of this work is the design and implementation of a secure content management platform that supports secure updates, replications, and fine-grained content-centric access control of files. Furthermore, we demonstrate its feasibility through a prototype implementation on the CCNx skeleton.

The rapid growth and widespread use of electronic data processing and electronic business conducted through the Internet, along with numerous occurrences of international terrorism, fuelled the need for better methods of protecting the computers and the information they store, process and transmit. The academic disciplines of computer security, information security and information assurance emerged along with numerous professional organizations – all sharing the common goals of ensuring the security and reliability of information systems. The security requirements of the Network environment are not unlike those of other distributed computing systems. Thus, having an internal control mechanism to assure the confidentiality, integrity and availability of data in a distributed environment is of paramount importance.

International Journal

This paper presents the implementation of a secure application for an academic institution that offers numerous services to both students and the faculty. The primary focus of this paper is to provide a technical implementation of a new architecture for encrypting the database. The scope of this paper mainly includes but is not limited to symmetric and public-key cryptography, authentication, key management, and digital signatures. The final results of this paper demonstrate that what security features one should implement in order to achieve a highly secured application. This paper presents the implementation of a stand alone system that can be implemented on any legacy systems, and still operates effectively. In other words, it is self sufficient in terms of the data that it stores.