4 sonuçlar
Arama Sonuçları
Listeleniyor 1 - 4 / 4
Yayın SIMSec: A key exchange protocol between SIM card and service provider(Springer New York LLC, 2016-08-01) Ok, Kerem; Coşkun, Vedat; Yarman, Bekir Sıddık Binboğa; Çevikbaş, Cem; Özdenizci Köse, BüşraMobile technology is so popular and overdosed adoption is inevitable in today’s world. As the mobile technologies have advanced, Service Providers (SP) have offered services via Smartphones and some of them required secure data communication between the Subscriber Identity Module (SIM) cards on Smartphones and the servers of SP. The latest SIM cards comply with recent specifications including secure domain generation, mobile signatures, pre-installed encryption keys, and other useful security services. Nevertheless, un-keyed SIM cards do not satisfy such requirements, thus end-to-end encryption between the SIM card and SP cannot be provided. In this paper, we provide a key exchange protocol, which creates a symmetric key through the collaborative work of the SIM card and the SP server. After a successful protocol performance, the SIM card and SP can perform end-to-end data encryption. After defining the protocol, we also discuss the security issues and provide a formal security analysis of the protocol using the Casper/FDR tool.Yayın NFC loyal: A Beneficial model to promote loyalty on smart cards of mobile devices(IEEE, 2010) Özdenizci Köse, Büşra; Coşkun, Vedat; Aydın, Mehmet Nafiz; Ok, KeremNear Field Communication (NFC) as a new emerging technology currently tries to find a suitable ecosystem. Development of new standards such as secure element, secure channel, as well as Java Card enables creating new ecosystems using a concurrent multi application platform based on Global Platform. We proposed NFC Loyal, which maintains data interaction and data sharing among payment and loyalty applications through our proposed structure, called as Secure Common Domain Management System (SCDM). SCDM as a centralized database management system on the smart card stores valuable iriformation provided by payment applications and shares them with loyalty applications. The direct outcome of using NFC Loyal is the increase in repeat purchases of customers; as well as a business plan among the payment firms, loyalty firms, and the smart card owner. We fully describe the technical including security architectures and background for the SCDM, and explain the details of the proposed model.Yayın Design of a key exchange protocol between SIM card and service provider(Institute of Electrical and Electronics Engineers Inc., 2015-11-05) Ok, Kerem; Coşkun, Vedat; Çevikbaş, Cem; Özdenizci Köse, BüşraCurrent capabilities of smart cards, Smartphones, and cellular network provoke companies to provide vast amount of services to the mobile users. Some of those services require end-to-end encryption between a Service Provider and a SIM card. Keyed SIM cards already contain the required structure for secure key generation and upload, whereas un-keyed SIM cards do not have the required capability for this. In this paper, we provide a key exchange protocol, which creates a symmetric key by the collaborative work of SIM card and the Service Provider server. After a successful protocol run, SIM card and Service Provider can perform end-to-end data encryption.Yayın Quarantine region scheme to mitigate spam attacks in wireless sensor networks(IEEE, 2006-08) Coşkun, Vedat; Çayırcı, Erdal; Levi, Albert; Sancak, SerdarThe Quarantine Region Scheme (QRS) is introduced to defend against spam attacks in wireless sensor networks where malicious antinodes frequently generate dummy spam messages to be relayed toward the sink. The aim of the attacker is the exhaustion of the sensor node batteries and the extra delay caused by processing the spam messages. Network-wide message authentication may solve this problem with a cost of cryptographic operations to be performed over all messages. QRS is designed to reduce this cost by applying authentication only whenever and wherever necessary. In QRS, the nodes that detect a nearby spam attack assume themselves to be in a quarantine region. This detection is performed by intermittent authentication checks. Once quarantined, a node continuously applies authentication measures until the spam attack ceases. In the QRS scheme, there is a trade-off between the resilience against spam attacks and the number of authentications. Our experiments show that, in the worst-case scenario that we considered, a not quarantined node catches 80 percent of the spam messages by authenticating only 50 percent of all messages that it processes.
