Computers and Security

Near field communication (NFC) is a short-range wireless communication technology envisioned to support a large gamut of smart-device applications, such as payment and ticketing. Although two NFC devices need to be in close proximity to communicate (up ...

We model a decentralised security credential revocation and replacement scheme.We utilise leverage of common friends trust concepts for trust transferral on keys.We propose a revocation scheme to provide entity confidence and trust transferral.We ...

Hackers pose a continuous and unrelenting threat. Industry and academic researchers alike can benefit from a greater understanding of how hackers engage in criminal behavior. A limiting factor of hacker research is the inability to verify that self-...

The traditional role-based access control (RBAC) model is typically static, i.e., permissions are granted based on a policy that seldom changes. A more flexible support for access control is needed in certain scenarios (such as disaster management). The ...

The lack of precise directives in 3GPP specifications allows mobile operators to configure and deploy security mechanisms at their sole discretion. This may lead to the adoption of bad security practices and insecure configurations. Based on this ...

Many of today's access control policies are associated with temporal restrictions. Under temporal role-based access control (TRBAC), roles have an associated temporal component, which allows them to better encapsulate such temporal access control ...

CAPTCHAs are challenge-response tests that aim at preventing unwanted machines, including bots, from accessing web services while providing easy access for humans. Recent advances in artificial-intelligence based attacks show that the level of security ...

The assurance technique is a fundamental component of the assurance ecosystem; it is the mechanism by which we assess security to derive a measure of assurance. Despite this importance, the characteristics of these assurance techniques have not been ...

With the increasing number of activities being performed using computers, there is an ever growing need for advanced authentication mechanisms like biometrics. One efficient and low cost biometric modality is keystroke dynamics, which attempts to ...

The Internet threat landscape is fundamentally changing. A major shift away from hobby hacking toward well-organized cyber crime can be observed. These attacks are typically carried out for commercial reasons in a sophisticated and targeted manner, and ...

Network intrusion detection systems (NIDSs) have been developed for over twenty years and have been widely deployed in computer networks to detect a variety of network attacks. But one of the major limitations is that these systems would generate a ...

Privacy-preservation is of paramount importance for the emerging Intelligent Transportation System (ITS) applications, such as traffic monitoring and road safety. These applications require regular transmission of messages among vehicles or between ...

SQL injection attacks have been predominant on web databases since the last 15 years. Exploiting input validation flaws, attackers inject SQL code through the front-end of websites and steal data from the back-end databases. Detection of SQL injection ...