This paper describes KryptoKnight, an authentication and key distribution system that provides facilities for secure communication in any type of network environment. KryptoKnight was designed with the goal of providing network security services with a high degree of compactness and flexibility. Message compactness of KryptoKnight's protocols allows it to secure communication protocols at any layer, without requiring any major protocol augmentations in order to accommodate security-related information. Moreover, since KryptoKnight avoids the use of bulk encryption it is easily exportable. Owing to its architectural flexibility, KryptoKnight functions at both endpoints of communication can perform different security tasks depending on the particular network configuration. These and other novel features make KryptoKnight an attractive solution for providing security services to existing applications irrespective of the protocol layer, network configuration or communication paradigm. 1 In...

Abstract—Routing in wireless communication systems such as ad hoc networks remains a challenging problem given the limited wireless bandwidth, users ’ mobility, and potentially large scale. Recently, a thrust of research has addressed these problems—the ondemand routing, geographical routing, and virtual coordinates. In this paper, we focus on geographical routing that has been shown to achieve good scalability without flooding; however, this usually requires the availability of location information and can suffer from poor routing performance and severe dead end problems, especially in sparse networks. Specifically, we propose a new Hop ID routing scheme, which is a virtual coordinate-based routing protocol and does not require any location information. This achieves excellent routing performance comparable with that obtained by the shortest path routing schemes. In addition, we design efficient algorithms for setting up the system and adapt to the node mobility quickly and can effectively route out of dead ends. Extensive analysis and simulation show that the Hop ID-based routing achieves efficient routing for mobile ad hoc networks with various density, irregular topologies, and obstacles. Index Terms—Mobile ad hoc networks, routing protocols, virtual coordinate. 1

Abstract. Trust is hard to establish in a service-oriented grid architecture because of the need to support end user single sign-on and dynamic transient service. In order to enhance the security by the Grid Security Infrastructure (GSI), this paper proposes a two-level trust model and the corresponding trust metrics evaluation algorithms. The upper level defines the trust relationships among Virtual Organizations (VO) in a distributed manner. The lower level justifies the trust values within a grid domain. This novel model provides an integrated trust evaluation mechanism to support secure and transparent services across security domains. It is flexible, scalable and interoperable. We design the implementation of embedding the trust scheme into GSI. At this stage, we achieve additional authentication means between grid users and grid services. 1

Despite a wide body of academic knowledge of secure information systems, application software, communication protocols and cryptographic primitives remain insecure. This is especially alarming in the emerge of application domains and organisational structures that depend heavily on the availability of reliable and secure data communication infrastructure, such as electronic commerce. A survey of recently reported vulnerabilities demonstrates that systems remain susceptible to attacks known for decades. The lack of security awareness among system and protocol designers and therefore occurring security problems are called the information security crisis. This paper surveys the symptoms and causes of information security crisis, and sketches an outline of an approach required for tackling the crisis. Keywords: Data security, Computer communication systems BRT Keywords: USE, UF Introduction Since the information theory based cryptography by Shannon (1949) and the public key cryptography...

this document compares the selected subset of CAPIs, highlighting their strengths and weaknesses.

Abstract—Pre/post condition-based specifications are common-place in a variety of software engineering activities that range from requirements through to design and implementation. The fragmented nature of these specifications can hinder validation as it is difficult to understand if the specifications for the various operations fit together well. In this paper, we propose a novel technique for automatically constructing abstractions in the form of behaviour models from pre/post condition-based specifications. Abstraction techniques have been used successfully for addressing the complexity of formal artifacts in software engineering; however, the focus has been, up to now, on abstractions for verification. Our aim is abstraction for validation and hence, different and novel tradeoffs between precision and tractability are required. More specifically, in this paper, we define and study enabledness preserving abstractions, that is, models in which concrete states are grouped according to the set of operations that they enable. The abstraction results in a finite model that is intuitive to validate and which facilitates tracing back to the specification for debugging. The paper also reports on the application of the approach to two industrial strength protocol specifications in which concerns were identified.