it’s not long since the advent of pervasive computing by mark weiser and one of its main usages is in healthcare systems. as this technology has been introduced only recently in this field and because we are dealing with peoples’ lives and their data, providing a high level of privacy and security is of great importance. various studies have been performed in which a certain method has been use...

Cloud computing is one of the coming forth as well as the buzzword concept nowadays. Cloud computing serves various advancement in the field of IT industry such as Google, Microsoft, Amazon and distinguish various data and information resources from a given infrastructure in order to enhance the services provided to the end users. End users have paid tremendous focus in implementing cloud compu...

Due to extreme importance of security protocols in the modern world, to ensure security protocols to be more reliable, and to speed up the development of new protocols, it is important to have tools that support the activity of finding flaws in protocols, or guaranteeing correctness of protocols. Various formalisms for the specification of security protocols have been proposed based on, e.g. pr...

Employees’ failures to follow information security policy can be costly to organizations. Organizations implement security controls in order to motivate employees. Many control-related motivations have been explored in information security research (e.g., self-efficacy and behavioral control); however, self-determination has yet to receive attention. Selfdetermination theory is widely used in o...

Application development today is characterized by ever shorter release cycles and more frequent change requests. Hence development methods such as service composition are increasingly arousing interest as viable alternative approaches. While employing web services as building blocks rapidly reduces development times, it raises new challenges regarding security and compliance since their impleme...

Addressing Cybersecurity within e-Learning systems becomes empowered to make online information more secure. Certain competences need to be identified as necessary skills to manage security online such the ability to assess sources and architectural components, understanding the privacy, confidentiality and user authentication. Security management approaches quantifying security threats in e-le...

In CRYPTO 1999, J. An and M. Bellare proposed a MerkleDamg̊ard iteration based MAC construction called NI-MAC in order to avoid constant re-keying on multiblock messages in NMAC and to ease the security proof. In CRYPTO 2014, Gazi et al. revisited the proof of NI-MAC in the view of structure graph introduced by Bellare et al. in CRYPTO 2005 and gave a tight bound of order lq 2 2n , which is an i...

We provide a state-of-the-art explication of application security and software protection. The relationship between application security and data security, network security, and software security is discussed. Three simplified threat models for software are sketched. To better understand what attacks must be defended against in order to improve software security, we survey software attack appro...

In order to improve the security of information transmitted in the internet of things, this study designs an information security system architecture of internet of things based on a lightweight cryptography. In this security system, an authentication protocol, encryption/decryption protocol and signature verification protocol are proposed and implemented. All these security protocol are used t...

This paper describes a general framework for developing an organization's Internet security policy. A model of Internet security risks for an Internet user organization is proposed; the framework utilizes this model, as well as considering important holistic issues, in order to develop the user organization's Internet security policy. A hierarchy of subpolicies for the Internet security policy ...