El estudio que se presenta a continuación aporta las reflexiones necesarias
para empezar a trabajar en la consecución de un sistema de información que
permita recopilar los datos estadísticos necesarios para extraer el
conocimiento sobre la evolución del sistema universitario español. Demuestra
la viabilidad legal, académica y técnica del sistema sin dudas ni lagunas.
Aporta las especificaciones necesarias para su implementación. Y, finalmente,
pone en manos de la voluntad la necesidad de su creación.
Recently, Li and Lee proposed a new remote user authentication scheme using smart card. However, their scheme requires a verification table and the user’s identity is not protected. Moreover, users cannot change their password off-line. In order to overcome the security flaws, we propose a new scheme which provides more security without affecting the merits of the original scheme
Recently, Chen-Hsiang-Shih proposed a new dynamic ID-based remote user authentication scheme. The authors claimed that their scheme was more secure than previous works. However, this paper demonstrates that their scheme is still unsecured against different kinds of attacks. In order to enhance the security of the scheme proposed by Chen-Hsiang-Shih, a new scheme is proposed. The scheme achieves the following security goals: without verification table, each user chooses and changes the password freely, each user keeps the password secret, mutual authentication, the scheme establishes a session key after successful authentication, and the scheme maintains the user's anonymity. Security analysis and comparison demonstrate that the proposed scheme is more secure than Das-Saxena-Gulati's scheme, Wang et al.'s scheme and Chen-Hsiang-Shih.
Recently, Chen-Hsiang-Shih proposed a new dynamic ID-based remote user authentication scheme. The authors claimed that their scheme was more secure than previous works. However, this paper demonstrates that theirscheme is still unsecured against different kinds of attacks. In order to enhance the security of the scheme proposed by Chen-Hsiang-Shih, a new scheme is proposed. The scheme achieves the following security goals: without verification table, each user chooses and changes the password freely, each user keeps the password secret, mutual authentication, the scheme establishes a session key after successful authentication, and the scheme maintains the user's anonymity. Security analysis and comparison demonstrate that the proposed scheme is more secure than Das-Saxena-Gulati's scheme, Wang et al.'s scheme and Chen-Hsiang-Shih.
In 2010, Sood-Sarje-Singh proposed two dynamic ID-based remote user authentication schemes. The first scheme
is a security improvement of Liao et al.’s scheme and the second scheme is a security improvement of Wang et
al.’s scheme. In both cases, the authors claimed that their schemes can resist many attacks. However, we find that
both schemes have security flaws. In addition, their schemes require a verification table and time-synchronization,
making the schemes unfeasible and unsecured for electronic services. In order to remedy the security flaws of
Sood et al.’s schemes, we propose a robust scheme which resists the well-known attacks and achieves all the
desirable security goals.
SET es un protocolo seguro de pago, con tarjeta de crédito, que proporciona un modelo robusto de seguridad para entregar información personal y financiera a través de Internet, basado en la integridad de los datos, su confidencialidad y la autenticación mutua. Sin embargo, las partes involucradas en una transacción deben llevar a cabo diversas operaciones criptográficas, lo que puede ser un problema cuando se usan dispositivos móviles con baja capacidad de almacenamiento y procesamiento. Este artículo muestra como se puede reducir el coste computacional de SET, mediante el uso de otro protocolo llamado TRUTHC en conjunto con una Infraestructura de Clave Pública (PKI). Los resultados muestran que, usando TRUTHC, el tiempo total de ejecución puede ser reducido un 3% desde el punto de vista del cliente. Esta reducción se mantiene aunque aumente la longitud del camino de certificación.
Martínez, R.; Rico, F.; Satizábal, I. International journal of information technology and decision making Vol. 9, num. 3, p. 337-356 DOI: 10.1504/IJITM.2010.030948 Data de publicació: 2009 Article en revista
Pegueroles, J.; Fernandez, M.; Rico, F.; Soriano, M. International journal of business data communications and networking Vol. 2, num. 2, p. 55-67 DOI: 10.4018/jbdcn.2006040104 Data de publicació: 2006-04 Article en revista
de la Cruz Llopis, Luis J.; Soriano, M.; Aguilar, M.; Esparza, O.; Pegueroles, J.; Fernandez, M.; Rico, F.; Mata, J.; Forga, J.; Alins, J.; Muñoz, J.; Martin, I.V.; Hernández-Serrano, J. Projecte R+D+I competitiu
Usually multimedia services can be divided into two different phases: access to the service and content distribution. The first phase usually takes place over reliable transport protocols and unicast connections. The second one is often performed over unreliable transport protocols and multicast communications.
Adding security to the first phase only needs a straight application of well known unicast security techniques. On the contrary, adding security to IP multicast requires the study of a new problem because traditional unicast solutions do not fit the new environment.
This Doctoral Thesis deals with the arising problems when security is added to multicast environments and proposes different practical solutions.
Among all the attacks to the distribution phase, eavesdropping is probably the most significant. Ciphering is the security service against eavesdropping. Multicast encryption introduces the Key Management problem in multicast.
If Perfect Forward and Backward secrecy is required the session key must be updated every time a member joins or leaves the multicast group. In huge and highly dynamic groups the unicast distribution of the session key is completely unfeasible
The contributions of this Thesis consist in different logical key tree based updating algorithms for multicast. Our proposals take advantage of pseudo-random functions and modular reduction in order to reduce required bandwidth for updating and total amount of bytes stored in the Key Server.
In many scenarios it is not worth to update the key every time a change in the membership occurs. Services as Web-TV permit a decrease in security in order to reduce bandwidth requirements for key management. In such case batch rekeying algorithms are used. This kind of algorithm process periodically all joining and leaving requests produced since the last rekeying process at once. Batch rekeying algorithms are efficient if and only if the logical tree is maintained balanced. This Thesis also proposes a batch-rekeying algorithm that leads to completely balanced trees for the whole group lifetime. Batch processing techniques are also combined with the former contributions in order to increase efficiency.
The proposals of this Thesis are not supported by the IETF standard on Key Management for multicast secure communications (GDOI). This is mainly because this standard does not allow members to change their position in the tree while they are members of the group. Finally, an adaptation of GDOI allowing the performance of our contributions is proposed.