Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
2
2010
06
02
Authorization models for secure information sharing: a survey and research agenda
69
87
EN
F.
Salim
farzad@isi.qut.edu.au
J.
Reid
reid@isi.qut.edu.au
E.
Dawson
e.dawson@isi.qut.edu.au
10.22042/isecure.2015.2.2.2
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerging business models based on the concept of a 'virtual organization'. The article argues that present authorization models are inflexible and poorly scalable in such dynamic environments due to their assumption that the future needs of the system can be predicted, which in turn justifies the use of persistent authorization policies. The article outlines the motivation and requirement for a new flexible authorization model that addresses the needs of information sharing. It proposes that a flexible and scalable authorization model must allow an <em>explicit </em>specification of the objectives of the system and access decisions must be made based on a late trade-off analysis between these explicit objectives. A research agenda for the proposed Objective-Based Access Control concept is presented.
Security,Access Control,Authorization Model,Multi Objective Decision Making,Secure Information Sharing,Dynamic Environment
https://www.isecure-journal.com/article_39178.html
https://www.isecure-journal.com/article_39178_dbeb81a125d615af7351ff3d748404c8.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
2
2010
07
24
An efficient symmetric polynomial-based key establishment protocol for wireless sensor networks
89
105
EN
A.
Fanian
fanian@ec.iut.ac.ir
M.
Berenjkoub
brnjkb@cc.iut.ac.ir
H.
Saidi
hsaidi@cc.iut.ac.ir
T.
A.
Gulliver
agullive@ece.uvic.ca
10.22042/isecure.2015.2.2.3
An essential requirement for providing secure services in wireless sensor networks is the ability to establish pairwise keys among sensors. Due to resource constraints on the sensors, the key establishment scheme should not create significant overhead. To date, several key establishment schemes have been proposed. Some of these have appropriate connectivity and resistance against key exposure, but the resources needed in the sensors are substantial. Others are appropriate from the resource consumption perspective, but have weak performance. This paper proposes a key establishment protocol based on symmetric polynomials. To improve performance, the protocol uses a new model to distribute polynomial shares to the sensors. A key feature of the proposed protocol is the trade-off between performance, security and resource consumption. Analysis shows that our solution has good performance compared to other approaches.
Key Management,Sensor Networks,Probabilistic Key Sharing,Symmetric Polynomial
https://www.isecure-journal.com/article_39179.html
https://www.isecure-journal.com/article_39179_4e9f17cf0c10c0f2b714ff9486a9907f.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
2
2010
07
13
High capacity steganography tool for Arabic text using 'Kashida'
107
118
EN
A.
Abdul-Aziz
Gutub
aagutub@uqu.edu.sa
A.
A.
Al-Nazer
ahmed.nazer@aramco.com
10.22042/isecure.2015.2.2.4
Steganography is the ability to hide secret information in a cover-media such as sound, pictures and text. A new approach is proposed to hide a secret into Arabic text cover media using "Kashida", an Arabic extension character. The proposed approach is an attempt to maximize the use of "Kashida" to hide more information in Arabic text cover-media. To approach this, some algorithms have been designed and implemented in a system, called MSCUKAT (Maximizing Steganography Capacity Using "Kashida" in Arabic Text). The improvements of this attempt include increasing the capacity of cover media to hide more secret information, reducing the file size increase after hiding the secret and enhancing the security of the encoded cover media. This proposed work has been tested outperforming previous work showing promising results.
Arabic E-Text,Text Steganography,Text Watermarking,Text Hiding,Kashida,Feature Coding
https://www.isecure-journal.com/article_39180.html
https://www.isecure-journal.com/article_39180_eb03ba0076cf43b35b809cde972b2f68.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
2
2010
07
13
Detection of perturbed quantization (PQ) steganography based on empirical matrix
119
128
EN
M.
Abolghasemi
mo_abolghasemi@aut.ac.ir
H.
Aghaeinia
aghaeini@aut.ac.ir
K.
Faez
kfaez@aut.ac.ir
10.22042/isecure.2015.2.2.5
Perturbed Quantization (PQ) steganography scheme is almost undetectable with the current steganalysis methods. We present a new steganalysis method for detection of this data hiding algorithm. We show that the PQ method distorts the dependencies of DCT coefficient values; especially changes much lower than significant bit planes. For steganalysis of PQ, we propose features extraction from the empirical matrix. The proposed features can be exploited within an empirical matrix of DCT coefficients which some most significant bit planes were deleted. We obtain four empirical matrices and fuse resulted features from these matrices which have been employed for steganalysis. This technique can detect PQ embedding on stego images with 77 percent detection accuracy on mixed embedding rates between 0.05 _ 0.4 bits per non-zero DCT AC coefficients (BPNZC). Comparing the results, we also show that the detection rates are effectively comparable with respect to current steganalysis techniques for PQ steganography.
Empirical Matrix,Perturbed Quantization (PQ),Steganalysis,Steganography
https://www.isecure-journal.com/article_39181.html
https://www.isecure-journal.com/article_39181_47f4f81eb7a8ae497d34bc375e50dc54.pdf