Suchergebnisse

Intro -- Preface -- Organization -- Contents -- Web Scanner Detection Based on Behavioral Differences -- 1 Introduction -- 2 Related Work -- 3 Overview of Detection Model -- 3.1 Behavior Analysis on Scanners -- 3.2 Behavioral Difference Modeling -- 4 Overview of Dome -- 5 Experiments -- 5.1 Setting -- 5.2 Experimental Design -- 5.3 Experimental Result -- 6 Conclusion and Future Work -- A Fingerprint Information of Common Scanners -- B Testing Results of Scanners -- References -- DMU-ABSE: Dynamic Multi-user Attribute-Based Searchable Encryption with File Deletion and User Revocation -- 1 Introduction -- 2 System Model -- 2.1 System Roles -- 2.2 Application Scenario -- 2.3 Definition -- 2.4 System Adversarial Model -- 3 Preliminaries -- 3.1 Access Structure -- 3.2 Bilinear Maps -- 3.3 Generic Group Model -- 4 DMU-ABSE -- 4.1 Construction -- 4.2 Correctness -- 5 Security Analysis -- 6 Comparison and Experiments -- 7 Conclusion -- References -- A Novel Lattice-Based Ciphertext-Policy Attribute-Based Proxy Re-encryption for Cloud Sharing -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 Gaussian Distributions and the LWE Hardness Assumption -- 2.3 Attribute and Access Structure -- 2.4 Definition and Security Model of CP-ABPRE -- 3 A CP-ABPRE Scheme -- 3.1 Concrete Scheme -- 3.2 Correctness and Parameters -- 3.3 Security -- 3.4 Comparison -- 4 Conclusion -- References -- Blockchain-Based Asymmetric Group Key Agreement Protocol for Mobile Ad Hoc Network -- 1 Introduction -- 1.1 Contributions -- 2 Basic Knowledge -- 2.1 Bilinear Mapping -- 2.2 Computational Complexity Problems -- 2.3 Initialization -- 2.4 Computation of Group Key -- 2.5 Group Secure Communication Among Group Nodes -- 3 Security Analysis -- 3.1 Performance Analysis -- 4 Conclusions -- References.

In 2015, the European Union passed the PSD2 regulation, with the aim of transferring ownership of bank accounts to the private person. As a result, Open Banking has become an emerging concept, which provides third-party financial service providers open access to bank APIs, including consumer banking, transaction, and other financial data. However, such openness may also incur many security issues, especially when the data can be exposed by an API to a third party. Focused on this challenge, the primary goal of this work is to develop one innovative web solution to the market. We advocate that the solution should be able to trigger transactions based on goals and actions, allowing users to save up money while encouraging positive habits. In particular, we propose a solution with an architectural model that ensures clear separation of concern and easy integration with Nordea's (the largest bank in the Nordics) Open Banking APIs (sandbox version), and a technological stack with the microframework Flask, the cloud application platform Heroku, and persistent data storage layer using Postgres. We analyze and map the web application's security threats and determine whether or not the technological frame can provide suitable security level, based on the OWASP Top 10 threats and threat modelling methodology. The results indicate that many of these security measures are either handled automatically by the components offered by the technical stack or are easily preventable through included packages of the Flask Framework. Our findings can support future developers and industries working with web applications for Open Banking towards improving security by choosing the right frameworks and considering the most important vulnerabilities.

Is Blockchain a hype or a trend that is here to stay? Based on the increasing interest of blockchain in industry, governments and academia, one might tend to be inclined to think that blockchain has moved beyond a hype and a buzzword to something that is here to stay, somewhat analogous to cloud computing and Internet of Things (IoT) in their early days. While there are many (potential) applications of blockchain including in industrial IoT (IIoT), there are a number of ongoing challenges. In this special issue, we present existing state-of-the-art advances reported by the nine accepted papers. We then conclude the special issue with a number of potential research agenda.