Posts filed under: Security Engineering

What is open source software? Open source software is a solution where not only the complied version of the product is provided, but also the source code So advanced users can have a look on the source of the software...
Continue Reading →
Internet has opened new market ways and gave a new vision and new methods of selling products PayPal micropayment is an example of many other platforms of micropayment, and the same challenges apply to all these systems: Micropayments revisited ...
Continue Reading →
Protecting images is not obvious, considering the wide spread of images especially after the appearance of Internet Images are used in different areas (products, banners, logos …etc.) and sometimes it’s crucial to protect images from illegal usage same as audio...
Continue Reading →
Previously suggested digital content copyright protection systems (e.g., Pay-TV, DVD) are generally all broken Do you think it is possible to protect the copyright of digital contents The goals of DRM technics have evolved since the first versions, initially it...
Continue Reading →
Since the appearance of ARPANET and the interconnection of networks, security was in most debates for new network design, existing networks audit or systems design Some of the tools are very robust and provided a very acceptable and hard to...
Continue Reading →
Different kind of attacks exist nowadays, such the viruses, spams, phishing, DOS or DDOS …etc. If we think about phishing in another context rather than computing, the first image I get in mind is the fish phishing using a hook...
Continue Reading →
OS hardening To protect against misconfiguration-based attacks, install the very good hardening utility Bastille (http://sourceforge.net) Bastille essentially closes all the doors left open in a default installation. Network services access control Secure Remote Access ...
Continue Reading →
0-    Introduction to physical tamper-resistant devices Anti-tamper device contains tamper detection, tamper resistance, tamper response and tamper detection (Rannenberg et.al, 2010). Different types of physical tamper-resistant devices exist Physical Tamper Resistance Tamper resistant devices ...
Continue Reading →
Another method or implementation of cryptography is the Identity based which derives from the public-key cryptography If we deploy Identity Based Cryptosystem, do we still need password? Will identity based cryptosystem replace PKI? ...
Continue Reading →
One of the interesting aspects of security is the tamper resistance, which are couple of technics and approaches aiming to avoid data, software or devices getting changed or altered by unauthorized persons or processes Tamper resistance can be used to...
Continue Reading →
One of the security concerns is the access control, which consists in managing who (person or system) could access which object and how (operation) In the context of multi users and multi applications, the Role based access control is a...
Continue Reading →
Authentication code In a military system, authentication should be secure unconditionally In order for Alice to send an authenticated message m to Bob (we assume that m is also an element from the same finite field), Alice could send the...
Continue Reading →
The Clark-Wilson Model The Clark-Wilson (CW) model consists of subject/program/object triples and rules about data, application programs and triples Data modified by transformational procedures are called constrained data items (CDI) ...
Continue Reading →
Different applications have been used to secure data, most of them have been cracked after some time. Hard drives and USB drives can holds very sensitive and confidential data, loosing them or a laptop can put us at risk, this...
Continue Reading →
Microsoft plays a major role in the computing domain and is considered one of the leaders in term of solutions and software development Microsoft has developed couple of protocols and techniques for password using (Authentication) and changing The Microsoft ...
Continue Reading →
Security as a major concern can be addressed from different angles, even the security specialists might have different definitions and visions In the past, data was stored locally, no inter-connexion,  no door from/to the external word, getting access to that...
Continue Reading →
One of the most used attacks targeting the systems and applications using TCP protocol is known as the MITM (Man in the middle) or bucket-brigade attack and sometimes Janus attack. Is the attack realistic? ...
Continue Reading →
We have noticed in the last tens or twenty years a wide use and spread of computer based systems, everywhere, in the airport, bank, restaurant, shops…etc Later and in parallel of the development process, some advanced professionals started focusing on...
Continue Reading →
Nowadays, most of the communications are done over the Internet, which are all based upon IP (internet protocol), though it is worth looking at methods to secure at TCP IP protocol’s level. IPSec operates at the network layer and does...
Continue Reading →
Show Buttons
Hide Buttons