Catálogo de publicaciones - libros

Devising public key cryptosystems that are secure against chosen ciphertext attacks has been the subject of investigation by many researchers. However, there are actually very few secure and efficient systems in the literature.

In this paper, we introduce a secure and efficient public key cryptosystem. The main advantage of our schemes is that we employ a problem , and thus our schemes do not rely on conjectures or unproven claims. Therefore, the resulting schemes are as secure as the RSA system.

We propose an effective approach for partial image encryption with pseudo random sequences (PRS). It is known that an image can be considered as a combination of correlated and uncorrelated data as well as most of the perceptual information are present in the correlated data rather than the uncorrelated data. Hence, the amount of residual intelligence present in an encrypted image depends on the correlated data. It is, therefore, sufficient to encrypt the correlated data instead of encrypting the entire image in order to speed up the entire operation. From the perception point of view, the most significant bit (MSB) planes have high adjacent correlation between the pixels whereas the least significant bit (LSB) planes contain comparatively more uncorrelated data. PRS with simple hardware like -sequences and Gold sequences have less correlation between the adjacent bits. These can therefore serve as a good alternative for partially encrypting the MSB planes with low complexity to provide security against casual listeners. It is observed from the results that the new approach is able to reduce the residual intelligence as would have been obtained by encrypting the entire image.

Most data embedding techniques proposed so far lead to distortions in the original image. These distortions create problems in some areas such as medical, astronomical, and military imagery. Lossless data hiding is an exact restoration approach for recovering the original image from the stego image. In this paper, we present a lossless data embedding technique with a higher embedding capacity. We propose two lossless data embedding methods; first, a part of the unusable groups U are changed into the usable groups. Secondly, a discrimination function f is modified to improve the embedding capacity. We provide experimental results to demonstrate the effectiveness of our proposed algorithm.

The threat of loss of privacy of data due to the theft of hard disks requires that the data in hard disks is protected by means of encryption. In this paper we propose an implementation of a disk-driver-based sector level encryption for windows platforms. The implementation provides for strong security to the data at the sector-level, independent of the mounted file-system. The encryption of data is done at the granularity of partitions, leaving aside the boot partition, thus not affecting system boot-up process. Adapting a scheme proposed in the literature, the initialization vector is kept different for different sectors and is changed every time the sector is written into. The complete implementation is tested and evaluated using standard benchmark suites. The paper ends with a discussion on the usability of the implementation and future directions of its development.

Two-dimensional contingency tables are central products of many information organizations such as statistical agencies, census bureaus, and health insurance information agencies. In a contingency table, any sensitive information about individuals must be protected, while some aggregated information can be released. The disclosure risk is that the aggregated information can be used to infer some sensitive information about individuals. Since the disclosure of sensitive information may compromise privacy, confidentiality, and national interests, one needs to carefully assess the latent risk of disclosure and take effective methods to protect the data.

In this short survey, we provide an overview of obfuscation and then shift our focus to outlining various non-trivial control-flow obfuscation techniques. Along the way, we highlight two transforms having provable security properties: the dispatcher model and opaque predicates. We comment on the strength and weaknesses of these transforms and outline difficulties associated in generating generalised classes of these.

This paper presents a novel context-based approach to filter out unfair recommendations for trust model in ubiquitous environments. Context is used in our approach to analyze the user’s activity, state and intention. Incremental learning based neural network is used to dispose the context in order to find doubtful recommendations. This approach has distinct advantages when dealing with randomly given irresponsible recommendations, individual unfair recommendations as well as unfair recommendations flooding.

Mobile agent system raises significant security concerns and requires a thorough security framework, with a wide range of strategies and mechanisms, for the protection of both agents and agent hosts, against possibly malicious behavior. Researchers have identi?ed several security attacks. In general, the behavior of mobile agents is often prescribed by the set of tasks represented in an itinerary. The design and implementation of an itinerary can be a complex, time intensive task. A mobile agent running on a host may attacks, if the host is malicious. The attacks may be on the agent’s static data, its collected information (dynamic data) and its itinerary. Hence itineraries must be made secure, in order to get secure agent behavior. In this paper, we propose the development of protocols, which provide security and robustness to different kinds of agent itineraries and present a comparison of the performance of these protocols with some existing ones.

In the past few years there has been an increased focus on privacy issues for Information Systems. This has resulted in concerted systematic work focused on regulations, tools and enforcement. Despite this, privacy violations still do take place. Therefore there is an increased need to develop efficient methods to detect privacy violations. After a privacy violation has taken place, the post-event diagnostics should make use of any post-event information which might be available. This information (malafide intention) might play a decisive role in determining violations. In this paper we propose one such framework which makes use of malafide intentions. The framework is based on the hypothesis that any intrusion/unauthorized access has a malafide intention always associated with it and is available in a post-event scenario. We hereby propose that by analyzing the privacy policies and the available malafide intention, it is possible to detect probable privacy violations.

In the past few years there has been an increased focus on privacy issues for Information Systems which has resulted in concerted systematic work focused on regulations, tools and enforcement. Despite this, privacy violations still do take place. Therefore there is an increased need to develop efficient methods to detect privacy violations. We propose one such framework which uses malafide intensions (post-event information) and privacy policy to detect probable privacy violations. The framework is based on the hypothesis that every privacy violation has a malafide intension associated with it which is available in a post-event scenario.