By Topic

2008 The Fourth International Conference on Information Assurance and Security

8-10 Sept. 2008

Filter Results

Displaying Results 1 - 25 of 68
  • [Front cover]

    Publication Year: 2008, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (1791 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2008, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (34 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2008, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (168 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2008, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (49 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2008, Page(s):v - viii
    Request permission for commercial reuse | PDF file iconPDF (147 KB)
    Freely Available from IEEE
  • Message from General Chair(s)

    Publication Year: 2008, Page(s):ix - x
    Request permission for commercial reuse | PDF file iconPDF (140 KB) | HTML iconHTML
    Freely Available from IEEE
  • Committee Lists

    Publication Year: 2008, Page(s):xi - xii
    Request permission for commercial reuse | PDF file iconPDF (129 KB)
    Freely Available from IEEE
  • Plenary Abstracts

    Publication Year: 2008, Page(s):xiii - xvi
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (89 KB)

    Wireless Mesh Networks (WMNs) have revolutionized the provisioning of broadband wireless Internet service to a community of users. A group of static mesh router automatically interconnect themselves to form a Web of connection and employ multi-hop forwarding to connect to the Internet Gateway (IGW). Thus, we see that is critical to establish and ensure a collaborative framework at the MRs. All exi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Formal Comparison of the Bell & LaPadula and RBAC Models

    Publication Year: 2008, Page(s):3 - 8
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (215 KB) | HTML iconHTML

    In this paper we address the problem of comparing access control models. Indeed, many access control models can be found in the literature and in order to choose one model for a particular context, some tools helping such a choice are needed. We develop here a complete example allowing to compare (in a formal way) the Bell and LaPadula (BLP) model and the role-based (RBAC) model. In order to achie... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Threshold Proxy Signature Scheme with Strong Real-Time Efficiency

    Publication Year: 2008, Page(s):9 - 14
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (253 KB) | HTML iconHTML

    The threshold proxy signature scheme with strong real-time efficiency is proposed based on a trapdoor hash function and the sharing secret technology. In the scheme, the procedure of generating threshold proxy signature is performed in two phases. The off-line phase generates a threshold proxy pre-signature before the message to be signed is even known. The pre-signature is independent of the part... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Purchase Protocol with Live Cardholder Authentication for Online Credit Card Payment

    Publication Year: 2008, Page(s):15 - 20
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (147 KB) | HTML iconHTML

    While online shopping are becoming more accepted by people in modern life, cardholders are more concerned about card fraud and the lack of cardholder authentication in the current online credit card payment. This paper proposes a purchase protocol with live cardholder authentication for online transaction which combines telephone banking and online banking together. The order information and payme... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Comparison and Evaluation of Identity Management in Three Architectures for Virtual Organizations

    Publication Year: 2008, Page(s):21 - 26
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (815 KB) | HTML iconHTML

    This paper compares and contrasts authentication mechanisms used in three VO architectures: the first reflects ad-hoc connections among several organizations, the second uses a centrally managed database and the third is based on public key infrastructure (PKI). The reason for studying these particular three architectures is that they cover a large class of currently operating VOs (i.e. supply cha... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Speaker Identification by Multi-Frame Generative Models

    Publication Year: 2008, Page(s):27 - 32
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (318 KB) | HTML iconHTML

    In this paper an approach called multi-frame speaker models (MFS) is proposed, in order to cope with performance degradation generally observed over (short and medium) time and trials in speaker identification's task. The approach, based on generative models, uses multiple frame's length for speech processing in training and testing phase. A complete multi-expert system is also presented which is ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrating Delegation with the Formal Core RBAC Model

    Publication Year: 2008, Page(s):33 - 36
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (142 KB) | HTML iconHTML

    Role-based access control (RBAC) models are a powerful tool for describing and managing authorization, particularly, in large organizations. The benefits of using formal methods to describe RBAC models in a clear, consistent and rigorous manner have been recognized. Notable exemplars, that have been formulated in the formal specification notation Z, include NIST's reference RBAC model and the mini... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Analysis of Temporal-RBAC Using Timed Automata

    Publication Year: 2008, Page(s):37 - 40
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (177 KB) | HTML iconHTML

    Role Based Access Control (RBAC) is arguably the most common access control mechanism today due to its applicability at various levels of authorization in a system. Time varying nature of access control in RBAC administered systems is often implemented through Temporal-RBAC - an extension of RBAC in the temporal domain. In this paper, we propose an initial approach towards verification of security... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure Hybrid Group Key Management for Hierarchical Self-Organizing Sensor Network

    Publication Year: 2008, Page(s):43 - 49
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (335 KB) | HTML iconHTML

    Key management is deemed as the fundamental essential part of any secure communication. A secure sensor network communication protocol relies on the substantial secure, robust and efficient key management system. We put forward a new hybrid group key management scheme for hierarchical self organizing wireless sensor network architecture. By using this approach, multi-level security can be achieved... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • PHAL-256 – Parameterized Hash Algorithm

    Publication Year: 2008, Page(s):50 - 55
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (291 KB) | HTML iconHTML

    PHAL-256 (parameterized hash algorithm) is a proposal of a new dedicated hash algorithm designed as an answer to weaknesses of MD/SHA family. Recently proposed attacks on well-known and widely used hash functions motivate a design of new hash functions. In this paper new approach is presented, where a few elements of hash function are parameterized. This approach makes the hash algorithm more secu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Steganography in Textiles

    Publication Year: 2008, Page(s):56 - 61
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (911 KB) | HTML iconHTML

    Covert exchange of information has been long a significant and highlighted affair. Numerous methods have been devised for the matter of which steganography is a popular one. Already applied in the past, the method has been massive used following the invention of computer. This paper discusses a new application of steganography in textiles in which information is hidden in the images on the clothes... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Persian/Arabic Unicode Text Steganography

    Publication Year: 2008, Page(s):62 - 66
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (222 KB) | HTML iconHTML

    Sending information secretly and communicating covertly have been of great interest for ages. On the other hand, text documents have been widely used and consequently various methods for hiding information in texts (text steganography) have been developed so far. In this paper a new method is proposed to hide information in digital Persian and Arabic Unicode texts.In Persian and Arabic, each lette... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient Hierarchical Group-Oriented Key Establishment and Decryption

    Publication Year: 2008, Page(s):67 - 72
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (153 KB) | HTML iconHTML

    In this paper, we present three related and efficient cryptographic schemes for secure communication for hierarchically composed user groups. In such a group, each user is associated with a hierarchical level, so that the group members are divided into two or more hierarchical security classes. Most existing hierarchical cryptographic schemes provide hierarchical deduction of hierarchically arrang... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Forward-Secure Proxy Signature Scheme for Multiple Proxy Signers Using Bellare-Miner Scheme with Proxy Revocation

    Publication Year: 2008, Page(s):73 - 78
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (215 KB) | HTML iconHTML

    A proxy signature scheme allows one user to delegate his/her signing capability to another user called a proxy signer in such a way that the latter can sign messages on behalf of the former. After verification the verifier is convinced of the original signer's agreement on the signed message. Forward-secure signatures enable the signer to guarantee the security of messages signed in the past even ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Data Hiding in Non-Expansion Visual Cryptography Based on Edge Enhancement Multitoning

    Publication Year: 2008, Page(s):79 - 82
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (607 KB) | HTML iconHTML

    This paper proposes a scheme to hide some extra confidential data in transparencies during secret image encryption in visual cryptography. The secret image is multitoned into several levels first. An extended non-expansion visual secret sharing model is employed, i.e. size of transparencies is equal to that of the secret image. Thus less time and space are needed for transparencies transmission an... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Skin Segmentation Using Color Distance Map and Water-Flow Property

    Publication Year: 2008, Page(s):83 - 88
    Cited by:  Papers (5)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1973 KB) | HTML iconHTML

    A new approach for skin region segmentation is proposed. It uses color distance map (CDM) and an algorithm based on the property of flow of water. The CDM itself is a grayscale image, which makes the algorithm very simple. However, it is still capable of providing color information based on which some skin and non-skin seed regions can be determined reliably. Then a water-flow based procedure dete... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Implementation Infrastructure for Server-Passive Timed-Release Cryptography

    Publication Year: 2008, Page(s):89 - 94
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (281 KB) | HTML iconHTML

    As online transactions become increasingly practical, a broad range of industrial and e-government applications have emerged which depend on time-based protection of confidential data. Despite theoretical progress in timed-release cryptography (TRC), there is still no implementation infrastructure that takes advantage of the latest TRC algorithms. The purpose of this paper is to propose such an in... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Group Key Agreement Scheme Revisited

    Publication Year: 2008, Page(s):95 - 98
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (188 KB) | HTML iconHTML

    In PKC'2004, a constant-round group key exchange protocol is proposed. It takes advantage of the properties of the ElGamal encryption scheme combined with the standard secret sharing technique. In this paper, we show that the scheme can be greatly simplified because the standard secret sharing technique does not work well. Based on the observation, we present a revisited scheme. It saves about 4/5... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.