Change search
Refine search result
1 - 34 of 34
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the 'Create feeds' function.
  • 1. Abbasi, A. G.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Schmölzer, Gernot
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    A model and design of a security provider for Java applications2009In: International Conference for Internet Technology and Secured Transactions, ICITST 2009, 2009, 5402592- p.Conference paper (Refereed)
    Abstract [en]

    The model and design of a generic security provider provides a comprehensive set of security services, mechanisms, encapsulation methods, and security protocols for Java applications. The model is structured in four layers; each layer provides services to the upper layer and the top layer provide services to applications. The services reflect security requirements derived from a wide range of applications; from small desktop applications to large distributed enterprise environments. Based on the abstract model, this paper describes design and implementation of an instance of the provider comprising various generic security modules: symmetric key cryptography, asymmetric key cryptography, hashing, encapsulation, certificates management, creation and verification of signatures, and various network security protocols. This paper also describes the properties extensibility, flexibility, abstraction, and compatibility of the Java Security Provider.

  • 2. Abbasi, A. G.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Schmölzer, Gernot
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    CryptoNET: A model of generic security provider2010In: International Journal of Internet Technology and Secured Transactions, ISSN 1748-569X, E-ISSN 1748-5703, Vol. 2, no 3-4, 321-335 p.Article in journal (Refereed)
    Abstract [en]

    The model and design of a generic security provider provides a comprehensive set of security services, mechanisms, encapsulation methods, and security protocols for Java applications. The model is structured in four layers; each layer provides services to the upper layer and the top layer provide services to applications. The services reflect security requirements derived from a wide range of applications; from small desktop applications to large distributed enterprise environments. Based on the abstract model, this paper describes design and implementation of an instance of the provider comprising various generic security modules: symmetric key cryptography, asymmetric key cryptography, hashing, encapsulation, certificates management, creation and verification of signatures, and various network security protocols. This paper also describes the properties for extensibility, flexibility, abstraction, and compatibility of the Java security provider.

  • 3. Abbasi, A. G.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Schmölzer, Gernot
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    CryptoNET: Secure federation protocol and authorization policies for SMI2009In: Post-Proceedings of the 4th International Conference on Risks and Security of Internet and Systems, CRiSIS 2009, 2009, 19-25 p.Conference paper (Refereed)
    Abstract [en]

    The paper describes a protocol for Secure E-Mail Infrastructure for establishing trust between different domains in order to protect mail servers from spam messages. The protocol uses messages for trusted interactions between intra and inter E-mail domain components, Secure E-mail (SEM) servers and Secure Mail Infrastructure (SMI) servers. In addition, the protocol validates E-mail addresses thus guaranteeing to the recipient that the E-mail is coming from a trusted domain. We also use XACML-based authorization policies at the sending and receiving servers, enforced by associated Policy Enforcement Point (PEP) servers at SEM servers, in order to provide a complete protection against spam.

  • 4.
    Abbasi, Abdul Ghafoor
    et al.
    KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Machine Elements.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    CryptoNET: Security Management Protocols2010In: ADVANCES IN DATA NETWORKS, COMMUNICATIONS, COMPUTERS / [ed] Mastorakis, NE; Mladenov, V, ATHENS: WORLD SCIENTIFIC AND ENGINEERING ACAD AND SOC , 2010, 15-20 p.Conference paper (Refereed)
    Abstract [en]

    In this paper we describe several network security protocols used by various components of CryptoNET architecture. The protocols are based on the concept of generic security objects and on well-established security standards and technologies. Distinctive features of our security protocols are: (1) they are complete in terms of their functionality, (2) they are easy to integrate with applications, (3) they transparently handle security credentials and protocol-specific attributes using FIPS 201 (PIV) smart cards, and (4) they are based on generic security objects. These protocols are: remote user authentication protocol, single-sign-on protocol, SAML authorization protocol, and secure sessions protocol. Security protocols use our Security Provider as a collection of cryptographic engines implemented either in software or using FIPS 201 (NV) smart cards. It also manages protocols' attributes using security applets stored in Ply smart card.

  • 5.
    Abbasi, Abdul Ghafoor
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Hotamov, I.
    Web contents protection, secure execution and authorized distribution2010In: Proceedings - 5th International Multi-Conference on Computing in the Global Information Technology, ICCGI 2010, 2010, 157-162 p.Conference paper (Refereed)
    Abstract [en]

    This paper describes the design and implementation of a comprehensive system for protection of Web contents. In this design, new security components and extended security features are introduced in order to protect Web contents ageist various Web attacks. Components and extended security features are: protection of Web pages using strong encryption techniques, encapsulation of Web contents and resources in PKCS#7, extended secure execution environment for Java Web Server, eXtensible Access Control Markup Language (XACML) based authorization policies, and secure Web proxy. Design and implementation of our system is based on the concepts of generic security objects and component-based architecture that makes it compatible with exiting Web infrastructures without any modification.

  • 6.
    Abbasi, Abdul Ghafoor
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Mumtaz, Shahzad Ahmed
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Security extensions of windows environment based on FIPS 201 (PIV) smart card2011In: World Congr. Internet Secur., WorldCIS, 2011, 86-92 p.Conference paper (Refereed)
    Abstract [en]

    This paper describes security extensions of various Windows components based on usage of FIPS 201 (PIV) smart cards. Compared to some other similar solutions, this system has two significant advantages: first, smart cards are based on FIPS 201 standard and not on some proprietary technology; second, smart card security extensions represent an integrated solution, so the same card is used for security of several Microsoft products. Furthermore, our smart card system uses FIPS 201 applet and middleware with smart card APIs, so it can also be used by other developers to extend their own applications with smart card functions in a Windows environment. We support the following security features with smart cards: start-up authentication (based on PIN and/or fingerprint), certificate-based domain authentication, strong authentication, and protection of local resources. We also integrated our middleware and smart cards with MS Outlook and MS Internet Explorer.

  • 7.
    Abdullah, Nazri
    et al.
    Universiti Tun Hussien Onn Malaysia, Malaysia .
    Kounelis, Ioannis
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Security Extensions for Mobile Commerce Objects2014In: SECURWARE 2014, The Eighth International Conference on Emerging Security Information, Systems and Technologies, 2014Conference paper (Refereed)
    Abstract [en]

    Electronic commerce and its variance mobile commerce have tremendously increased their popularity in the last several years. As mobile devices have become the most popular mean to access and use the Internet, mobile commerce and its security are timely and very hot topics. Yet, today there is still no consistent model of various m–commerce applications and transactions, even less clear specification of their security. In order to address and solve those issues, in this paper, we first establish the concept of mobile commerce objects, an equivalent of virtual currencies, used for m–commerce transactions. We describe functionalities and unique characteristics of these objects; we follow with security requirements, and then offer some solutions – security extensions of these objects. All solutions are treated within the complete lifecycle of creation and use of the m–commerce objects.

  • 8. Alhammouri, M.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    A design of an access control model for multilevel-security documents2008Conference paper (Refereed)
    Abstract [en]

    In this paper we describe an access control model for multilevel-security documents, those structured into multiple sections based on certain security classifications. Our access control system uses XACML policies to allow documents, whose contents have varying sensitivity levels, to be created, viewed, and edited by groups that have members with varying clearance levels, while enforcing the required security constraints.

  • 9. Alhammouri, M.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Management of groups and group keys in multi-level security environments2007In: Computer Safety, Reliability, and Security, Proceedings, Springer Berlin/Heidelberg, 2007, 75-80 p.Conference paper (Refereed)
    Abstract [en]

    This paper describes techniques and solutions for management of groups and cryptographic keys when sharing secure documents protected at different classification levels. Such access control environment enforces access to documents at multiple security classification levels, starting from the membership in the group, then access to particular group applications, then access to individual documents and finally even their sections.

  • 10. Ghafoor, A.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Schmölzer, Gernot
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    CryptoNET: Design and implementation of the secure email system2010In: 2009 Proceedings of the 1st International Workshop on Security and Communication Networks, IWSCN 2009, 2010, 5683054- p.Conference paper (Refereed)
    Abstract [en]

    This paper describes the design and implementation of a secure, high assurance and very reliable Email system. The system handles standard Email security services - signing and encryption of Email letters and, in addition, provides a number of extended and innovative security features. These new features are: transparent handling of certificates, strong authentication between Secure Email client and Secure Email server, archiving and recovery of encrypted address books, simple and secure handling of cryptographic keys, security sessions management, tracking of Email letters using confirmation message, elimination of SPAM messages, prevention of fraudulent and infected attachments, and usage of smart cards. The system is structured in the form of security objects organized in the form of a large-scale security architecture based on proxy servers. The system uses hierarchical certification infrastructure for management and verification of certificates.

  • 11. Giambruno, A.
    et al.
    Shibli, Muhammad Awais
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. National University of Sciences and Technology, Pakistan .
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Lioy, A.
    MagicNET: XACML authorization policies for mobile agents2009In: International Conference for Internet Technology and Secured Transactions, ICITST 2009, 2009, 5402600- p.Conference paper (Refereed)
    Abstract [en]

    One approach to authorization of mobile agents is to use XACML policies by assigning roles to agents and then enforcing role-based authorization. In this paper we show how traditional XACML polices, used for user access control in distributed environments, can be used for mobile agents' access control. We use such polices to manage delegation of access rights from users to agents while at the same time following the core principles of the XACML standard. We also propose a combination of policies that map users to their mobile agents and make access control decisions for mobile agents by evaluating complex policy sets.

  • 12. Hembroff, G. C.
    et al.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    SAMSON: Secure Access for Medical Smart cards Over Networks2010In: 2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks", WoWMoM 2010 - Digital Proceedings, IEEE , 2010, 5534982- p.Conference paper (Refereed)
    Abstract [en]

    This paper presents several smart card security extensions to the FIPS 201 PIV standard of security and authentication of mobile health. Our contributions are designed to better protect the patient's data and to increase the functionality and interoperability of smart cards in health care. Our solution, called SAMSON, consists of two types of smart cards. The first, a security card, is issued to all personnel within any medical organization, while the second, the medical card, is issued to patients and used to securely store and retrieve health care information. These smart cards are being tested within a 14 hospital federated consortium in Michigan's Upper Peninsula.

  • 13. Karunanayake, A.
    et al.
    De Zoysa, K.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Mobile ATM for developing countries2008Conference paper (Refereed)
    Abstract [en]

    Society benefits from M-Commerce applications to a greater extent. The most attractive benefit of M-Commerce applications is the mobility. Even though users have a poor computer literacy, they will be able to use the M-Commerce applications easily. Additionally, the M-Commerce applications have the potential of reducing the distance barriers. In developing countries, especially in rural areas, accessing financial and banking services is a critical issue. This paper proposes a system called Mobile-ATM to address this problem by incorporating the mobile technology. Also it discusses the limitations of traditional ATM systems, the need of a new M-Commerce application to overcome the limitations and security related issues. In the proposed solution, people can withdraw money from a Mobile-ATM without going to a traditional ATM. The Mobile-ATM system uses even cheap mobile phones, functioning as payment terminals. It will reduce the limitations of traditional ATM and enables confidential and secured ATM transactions.

  • 14.
    Kounelis, Ioannis
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Baldini, G.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Loschner, J.
    An architecture for secure m-commerce applications2013In: Proceedings - 19th International Conference on Control Systems and Computer Science, CSCS 2013, 2013, 519-525 p.Conference paper (Refereed)
    Abstract [en]

    As mobile communication technology evolves, more and more features are available to users of mobile devices. The adoption of such features is rapid and the demand for more capabilities is growing, especially with the development of the Internet of Things. One of the most challenging and sensitive concepts used in the always connected mobile world is mobile commerce. Security for mobile financial transactions is of extreme high concern. In this paper we describe the architecture of a secure mcommerce system based on the concepts defined in the FP7 iCore project. We propose a framework that structures an m-commerce system in objects with semantic searching capabilities to provide an efficient and secure handling of system resources and transactions.

  • 15.
    Kounelis, Ioannis
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Loeschner, Jan
    Joint Research Centre of the European Commission.
    Mahieu, Vincent
    Joint Research Centre of the European Commission.
    Nordvik, Jean-Pierre
    Joint Research Centre of the European Commission.
    Stirparo, Pasquale
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Towards a better understanding of the impact of emerging ICT on the safety and security of the Citizen: Digital Citizen Security - a programmatic approach2011In: Proceedings of the First SysSec Workshop - SysSec 2011, Amsterdam, 2011, 84-87 p.Conference paper (Refereed)
    Abstract [en]

    The Joint Research Centre (JRC) of the European Commission has taken initiative to investigate, assess and forecast issues of the exploitation of digitalized personal data of citizens in our forthcoming digital society. It responds that way to some of the key challenges put forward in the Communication from the Commission “Europe 2020” and to one of its flagship initiatives, the "A Digital Agenda for Europe". The issues addressed are namely Trust and Security, a vibrant digital single market through building digital confidence and ICT-enabled benefits for the EU society and Intelligent Transport Systems for safer, more secure and more efficient transport and better mobility in Europe. The paper describes the current organization and the research roadmap of the Traceability and Vulnerability Assessment Unit [1] of the JRC and its partners. It illustrates the unit’s objectives for the coming years and into the European Unions 8th Research Framework program in respect to the digital security of citizens. 

  • 16.
    Kounelis, Ioannis
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Loeschner, Jan
    Secure and Privacy-enhanced E-Mail System based on the Concept of Proxies2014Conference paper (Refereed)
    Abstract [en]

    Security and privacy on the Internet and especially the e-mail, is becoming more and more important and crucial for the user. The requirements for the protection of e-mail include issues like tracking and privacy intrusions by hackers and commercial advertisers, intrusions by casual observers, and even spying by government agencies. In an expanding e-mail use in the digital world, Internet and mobile, the quantity and sensitivity of personal information has also tremendously expanded. Therefore, protection of data and transactions and privacy of user information is key and of interest for many users. Based on such motives, in this paper we present the design and current implementation of our secure and privacy-enhanced e-mail system. The system provides protection of e-mails, privacy of locations from which the e-mail system is accessed, and authentication of legitimate users. Differently from existing standard approaches, which are based on adding security extensions to e-mail clients, our system is based on the concept of proxy servers that provide security and privacy of users and their e-mails. It uses all required standards: S/ MIME for formatting of secure letters, strong cryptographic algorithms, PKI protocols and certificates. We already have the first implementation and an instance of the system is very easy to install and to use.

  • 17.
    Kounelis, Ioannis
    et al.
    Institute for the Protection and Security of the Citizen (IPSC) Joint Research Centre – European Commission, Ispra (Va), Italy.
    Zhao, Hao
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Secure Middleware for Mobile Phones and UICC Applications2012In: Mobile Wireless Middleware, Operating Systems, and Applications: 4th International ICST Conference, Mobilware 2011, London, UK, June 22-24, 2011, Revised Selected Papers / [ed] Nalini Venkatasubramanian, Vladimir Getov, Stephan Steglich, London: Springer Berlin/Heidelberg, 2012, , 10 p.143-152 p.Conference paper (Refereed)
    Abstract [en]

    In this paper we describe our concept, design and current prototype implementation of a new middleware for mobile phones and UICC. The purpose of the middleware is to be used as an interface between applications, loaded in mobile phones, and functionalities of the corresponding supporting modules (applets) stored in UICC. At the moment, our middleware supports only security and mobile payment functions. Our primary goal was to explore the features that multi–application chips provide and to create a new way for handling of sensitive information when stored and used in mobile phones.  Another goal is to extend the middleware to hide technology details of underlying UICC and their applets, so that applications developed on the top of the middleware are independent of the underlying mobile phone technologies. We plan to extend the current version of our middleware module to be used with other UICC applications and alternative mobile operating systems.

  • 18.
    Muftic, Sead
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Schmölzer, Gernot
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Cryptonet: Secure E-mail system2008In: SECRYPT 2008: Proceedings Of The International Conference On Security And Cryptography / [ed] FernandezMedina, E; Malek, M; Hernando, J, 2008, 84-91 p.Conference paper (Refereed)
    Abstract [en]

    The paper describes new, innovative and highly secure E-mail system. The system, first, provides both standard security services for E-mail letters: signed and encrypted E-mail. In addition, address book is encrypted, thus E-mail addresses can not be stolen for spamming. Each E-mail server is protected using SAML authorization policy, so E-mails are received only from authorized senders. Finally, all E-mail addresses arc validated and certified by specially designed Secure E-mail Infrastructure (SEI) Authorities, organized in a federated hierarchy. Thus CryptoNet Secure E-mail system completely eliminates spam, distribution of viruses, worms, and malware, and eliminates the possibility to use fake E-mail addresses.

  • 19. Shibli, Muhammad Awais
    et al.
    Masood, Rahat
    Ghazi, Yumna
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    MagicNET: mobile agents data protection system2015In: European transactions on telecommunications, ISSN 1124-318X, E-ISSN 2161-3915, Vol. 26, no 5, 813-835 p.Article in journal (Refereed)
    Abstract [en]

    Literature study and analysis on mobile agents reveal many challenging and uncovered aspects that still do not have comprehensive solutions. Despite the fact that significant research has been carried out on mobile agents, it is still not widely adopted by industry and research community because of the immaturity of various technical aspects of agent paradigm. One of the main reasons that limits the scope of the potential applications of mobile agents is the lack of reliable security solutions for mobile agents' code and their baggage. The protection of mobile agents' codes has been solved by the research community to some extent; however, there is not even a single solution that provides complete protection and access control mechanism for agents' code and their baggage (data being accumulated/ carried by agent during execution). Most of the existing solutions such as execution tracing, code obfuscation, encrypted code execution and partial result encapsulation mainly cover security threats of mobile agents' code. In this paper, we present a security solution to overcome the security threats on traditional mobile agents computing paradigm. Our proposed solution is one step ahead of extant solutions in that it provides complete protection and enforces access control on agents' complex baggage structure. We have extended our previous work that was limited to the protection of agents and the agent platforms only. Our approach provides holistic access control mechanism between users and agents, agents and agent platform resources and platform and agents baggage. By adopting the proposed solution in the mobile agent-oriented software engineering, secure and complex mobile agent-based applications can be developed, which will greatly benefit the software industry.

  • 20.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. NUST School of Electrical Engineering and Computer Sciences, Pakistan .
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Intrusion detection and prevention system using secure mobile agents2008In: SECRYPT - Int. Conf. Secur. Cryptography, Proc., 2008, 107-113 p.Conference paper (Refereed)
    Abstract [en]

    The paper describes design and architecture of the intrusion detection and prevention system based on secure mobile agents along with the analysis of commercial products and current research efforts in the area. Once system will be operational it will be the first comprehensive real-life application using mobile agents that will not only provide security to network resources but also provide security and protection to the mobile agents system itself. The system efficiently solves several problems with the existing IDS/IPS solutions: it can detect new vulnerabilities, it can process and filter large volumes of logs, it reacts to intrusions in real-time, provides protection against unknown attacks, supports and improves IDS/IPS commercial products by different vendors, and handles software patches. The system not only improves the existing IDS/IPS solutions, but it also eliminates several of their core problems. In addition, it is self-protected by full encryption, both mobile agents and their platforms, and therefore not vulnerable to attacks against its own components and resources.

  • 21.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Magicnet: Security architecture for authorization of mobile agents2009In: Proceedings of the 3rd International Conference on Internet Technologies and Applications, ITA 09, 2009, 506-513 p.Conference paper (Refereed)
    Abstract [en]

    Controlling access to resources at remote hosts by mobile agents during their execution is a challenging problem. Current solutions use mainly methodology that detects agents' incorrect access attempts to a particular resource. For that purpose agents' execution logs are checked in order to identify malicious activities or misuse of resources at a particular host. As an alternative, instead of detective approach, we focus on preventive approach for control of access by mobile agents. While detective approach may provide some protection, its primary shortcoming is that it does not provide protection of resources in advance, before access, and in fact requires post-fact manual intervention and activation of countermeasures. With our solution we provide a solution to authenticate and authorize agents at remote hosts before executing any action. The architecture of our system is based on RBAC XACML policies and SAML standards.

  • 22.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    MagicNET: Security Architecture for Creation, Classification, and Validation of Trusted Mobile Agents2009In: 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY, VOLS I-III, PROCEEDINGS, - UBIQUITOUS ICT CONVERGENCE MAKES LIFE BETTER!, TAEJON: ELECTRONICS TELECOMMUNICATIONS RESEARCH INST , 2009, 1467-1471 p.Conference paper (Refereed)
    Abstract [en]

    Most of the current research and development results dealing with security of mobile agents describe solutions only for usage of mobile agents. These contributions usually assume agents posses unique and recognizable identities, cryptographic keys, assigned assurance level, and various other security parameters. But, very few papers describe how to create, classify, and evaluate mobile agents before their adoption and deployment. These are the issues we address in this paper: how mobile agents are created, validated, tested, and classified before their deployment. Based on certain security parameters, we establish classification scheme for mobile agents into three assurance levels: low, medium, and high. Our solution and procedures are based on a comprehensive security service-oriented architecture. We also describe roles, procedures, and security components used in that architecture. The most important results are the definition of assurance levels for mobile agents and procedures for their classification into those assurance levels.

  • 23.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. NUST, Islamabad, Pakistan .
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    MagicNET: Security architecture for discovery and adoption of mobile agents2010In: 2009 Proceedings of the 1st International Workshop on Security and Communication Networks, IWSCN 2009, 2010, 5683056- p.Conference paper (Refereed)
    Abstract [en]

    Current research in the area of security for mobile agents deals mainly with the runtime issues of agents' protection. Mobile agent systems do not address precisely the process of acquiring mobile agents by their owners, but they assume that the agents are somehow already available for use. This assumption is acceptable for experimental or prototyping environments, but it is inadequate for the real world scenarios where agents should be trusted and reliable, but agent creators and agent owners are separated and manage agents from mutually remote locations. Thus, the issue of agents' adoption for use in serious, sensitive and business networks is very important if agents are used in real-life applications. In this paper we describe the architecture and procedures for secure, verifiable and authenticated discovery and adoption of mobile agents. The main contribution is that in this process agent's code and its functionality can be verified, so that such agents can be deployed in serious applications and scenarios.

  • 24.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture, Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture, Communication Systems, CoS.
    Giambruno, Alessandro
    Lioy, Antonio
    MagicNET: Security System for Development, Validation and Adoption of Mobile Agents2009In: NSS: 2009 3RD INTERNATIONAL CONFERENCE ON NETWORK AND SYSTEM SECURITY, NEW YORK: IEEE , 2009, 389-396 p.Conference paper (Refereed)
    Abstract [en]

    Current research in the area of mobile agents' security mainly deals with protection and security for agents and agents' runtime platforms. Mobile agent systems usually do not provide an extensive security methodology for the entire agent's life cycle, from agent's creation to its deployment and execution. In this paper we propose a comprehensive secure system for deployment of mobile agents. The system provides methodology that spans a number of phases in agent's lifetime: it starts from agent creation and ends with agent's execution. It addresses classification, validation, publishing, discovery, adoption, authentication and authorization of agents. Our system is based on secure web services and uses RBAC XACML policies and SAML protocol.

  • 25.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Yousaf, Imran
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Dar, Kashif
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    MagicNET: Secure communication methodology for mobile agents2010In: The 12th International Conference on Advanced Communication Technology: lCT for Green Growth and Sustainable Development, Phoenix Park, Korea, Feb. 7-10, 2010, proceedings : ICACT 2010, 2010, 1567-1573 p.Conference paper (Refereed)
    Abstract [en]

    Most of the current research and development results, dealing with authentication of mobile agents, describe solutions that address only agent-to-platform authentication. These solutions assign privileges to agents so that they can be executed and then, by using the same privileges, also to communicate with other agents running on the same platform. They do not address broader agent-to-agent communication security requirements. Moreover, communication protocols are not based on any standards, what increases the possibilities of communications between benign and malicious agents. In this paper we describe agent-to-agent secure communication methodology that guarantees authenticated, authorized and confidential communication between agents. We use FIPA ACL standard for effective and interoperable communication in our agent-based system.

  • 26.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Yousaf, Imran
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    MagicNET: Security System for Protection of Mobile Agents2011In: 2010 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA), 2011, 1233-1240 p.Conference paper (Refereed)
    Abstract [en]

    Protection of Mobile agents is one of the most difficult problems in the area of mobile agents' security. There is not a single, comprehensive solution that provides complete protection of agents against malicious hosts. Existing solutions either only detect or to some extent prevent attacks on agents. With detective mechanisms integrity of an agent's code/state is being checked, but there are no effective solutions for confidentiality of agent's code and baggage. In this paper, we propose a system which provides protection of agent's code against illegal modifications, protection during agents' execution, and also protection of agent's baggage. Design of the system is based on a protective approach, which provides better security compared to traditional detective or preventive methods.

  • 27.
    Stirparo, Pasquale
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Shibli, Muhammad Awais
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Vulnerability Analysis and Patches Management using Secure Mobile Agents2009In: 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY, VOLS I-III, PROCEEDINGS, - UBIQUITOUS ICT CONVERGENCE MAKES LIFE BETTER!, TAEJON: ELECTRONICS TELECOMMUNICATIONS RESEARCH INST , 2009, 1054-1058 p.Conference paper (Refereed)
    Abstract [en]

    There are many software applications being developed daily all over the world, but unfortunately those applications usually contain problems and vulnerabilities because of poor programming practices or poor development strategy used by developers. Those vulnerabilities are exploited by hackers for their malicious intents. To eliminate this problem we have designed and developed the system for comprehensive analysis of vulnerabilities and management of patches. Our system a) autonomously collects the most current information about vulnerabilities, b) analyzes hosts in the local network for potential vulnerabilities, and finally c) applies autonomously appropriate patches. Our testing results show significant decrease in intrusions and at the same time improved network management for system administrators.

  • 28.
    Zhang, Feng
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Kondoro, Aron
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Location-based authentication and authorization using smart phones2012In: Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012, IEEE , 2012, 1285-1292 p.Conference paper (Refereed)
    Abstract [en]

    Authentication and authorization are two of the most important security features for mobile transaction systems. Most commonly, these schemes depend on three factors: what you know (secret), what you have (token), and what you are (biometrics). In this paper, we propose a location-based authentication and authorization scheme for mobile transactions using smart phones. The paper first describes the distinguished features and the architecture of our proposed solution. Second, the core of our design, including three parts: location registration, authentication and authorization as well as location verification, are described.

  • 29.
    Zhang, Feng
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Kounelis, Ioannis
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Generic, secure and modular (GSM) methodology for design and implementation of secure mobile applications2012In: SECURWARE 2012 - 6th International Conference on Emerging Security Information, Systems and Technologies, Rome, Italy: International Academy, Research and Industry Association (IARIA), 2012, 1-6 p.Conference paper (Refereed)
    Abstract [en]

    The generic, secure and modular methodology, described in this paper, provides a generic approach for the design and development of secure mobile applications. It is applicable to multiple mobile phone platforms and mobile operating environments. This approach treats a mobile application in a holistic way and structures it into four groups of modules: user interface modules, communication modules, security modules, and business logic modules. These four groups of modules can be designed and implemented independently and finally be integrated together. This approach not only simplifies the process of design and development of mobile applications, but also improves the reusability and robustness of mobile applications. In addition, this paper proposes a trusted layer model for designing the security modules of mobile applications, which provides generic application interfaces and comprehensive data protection. The paper finally gives an example of a secure mobile application, called SAFE Mobile Wallet, which was designed and implemented using GSM methodology.

  • 30.
    Zhang, Feng
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Experiences on Mobile-ATM Deployment in a Developing Country2008In: Experiences on Mobile-ATM Deployment in a Developing Country, Karlstad: Karlstad University Studies , 2008, 178- p.Conference paper (Refereed)
    Abstract [en]

    Mobile-Commerce is the latest concept of enabling the financial transactions on mobile phones and hand-held devices. With the rapid development of the society, the M-Commerce applications play a vital role. Mobile-ATM is one such application, enabling the banking services on mobile phones. Even though users have a poor computer literacy, they will be able to use the Mobile-ATM system easily. This kind of application is very useful, especially in rural areas, where accessing financial and banking services is a critical issue due to the distance barriers. Hence this paper discusses the social, economical and technical impact of the Mobile-ATM system, which is developed by the authors. Moreover the paper points out the essential value added services provided by our system with respect to financial transactions services such as security and confidentiality. Although the Mobile-ATM is technically feasible and practically deployed, it is important to have community acceptance. This paper discusses the community acceptance of this system and related issues.

  • 31.
    Zhang, Feng
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES2009In: SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES, Barcelona, Spain, 2009, 387-392 p.Conference paper (Refereed)
    Abstract [en]

    Mobile financial transactions are used by more and more people due to a widespread proliferation of mobile phones and wireless technologies. One of the most important concerns with such transactions is their security. The reasons are based on weaknesses of wireless protocols and handling of financial data. These aspects make mobile financial applications even more vulnerable to fraud and illegal use than similar transactions performed over fixed networks. Therefore, one of the main prerequisites for successful, large-scale and broad deployment of mobile financial applications is their security. This paper introduces the concept of SAFE system (Secure Applications for Financial Environment) that represents a secure, convenient and reliable infrastructure for mobile financial transactions. The infrastructure comprises Mobile Wallet, three servers: Gateway, IDMS and Bank servers, security protocols, and messages between all components.

  • 32.
    Zhang, Feng
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture, Telecommunication Systems Laboratory, TSLab.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture, Telecommunication Systems Laboratory, TSLab.
    Schmöelzer, Gernot
    Secure Service-Oriented Architecture for Mobile Transactions2011In: World Congress on Internet Security (WorldCIS-2011), London: IEEE Communications Society, 2011, 133-138 p.Conference paper (Refereed)
    Abstract [en]

    The paper describes secure service-oriented architecture for mobile transactions. The architecture comprises components, protocols, applications and interfaces and it provides various security services to various mobile applications: registration, certification, authentication, and authorization of users, secure messaging at an application–level (end–to–end security), protection of data in databases, and security services for protection of its own components. The architecture is modular, integrated, extendible and scalable. The paper describes design of the architecture, the status of its current implementation, and future research and development plans.

  • 33.
    Zhao, Hao
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    The concept of secure mobile wallet2011In: World Congress on Internet Security, WorldCIS-2011, 2011, 54-58 p.Conference paper (Refereed)
    Abstract [en]

    This paper describes our concept, design and current implementation of the Secure Mobile Wallet. Mobile Wallet is an application stored in mobile phones providing to subscribers the possibility to perform various mobile financial transactions. In our approach Secure Mobile Wallet is stored and running in the Javacard SIM chip, called UICC. It comprises several Javacard applets supporting several types of financial transactions - mobile banking, mobile payments, mobile commerce, mobile micro-loans, mobile ticketing, mobile promotions, and so on. Secure Mobile Wallet supports over-the-air (OTA) transactions based on SMS, GPRS, or mobile Internet protocols and also over-the-counter (OTC) transactions based on NFC or Bluetooth protocols. For users, messages and data stored in the Secure Mobile Wallet are managed and maintained using both, OTA and OTC, protocols. Security is guaranteed by a combination of symmetric and asymmetric cryptography. As a client's application, the Secure Mobile Wallet is integrated into our larger, secure mobile transactions system - SAFE™.

  • 34.
    Zhao, Hao
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    Zhang, Feng
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Communication Systems, CoS (closed 2012-01-01).
    The secure mobile wallet: Anytime, anywhere financial transactions2010In: Cutter IT Journal, ISSN 1522-7383, Vol. 23, no 7, 32-35 p.Article in journal (Refereed)
1 - 34 of 34
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf