Trusted Third Party

We analyze the security of a quantum secure direct communication protocol equipped with authentication. We first propose a specifc attack on the protocol by which, an adversary can break the secret already shared between Alice and Bob, when he (adversary) runs the protocol few times. The attack shows that there is a gap in authentication procedure of the protocol, and by doing so the adversary can obtain the key without remaining any trace. We then give the modification of the protocol and analyze the security of it, and show how the modified protocol can close the gap.

The growth of the internet provides opportunities for cooperative computation, it also requires development of protocols that can accomplish this task among mutually untrusting parties. The aim is to develop methods which ensure both the correct evaluation of the function and privacy of individual inputs. Multiparty Computation protocols help to achieve the aim without using a trusted third party. In this paper we consider the problem of context-free language recognition in a two-party setting. Alice has the description of a context-free language L while Bob has a secret string whose membership in L is to be checked. Neither Alice nor Bob is ready to disclose his/her input to the other. Here we propose a protocol which accomplishes secure two party context-free language recognition. The novelty of this paper lies in the use of formal languages based approach for multiparty computations.

Mobile agents are software entities consisting of code, data, state and itinerary that can migrate autonomously from host to host executing their code. Despite its benefits, security issues strongly restrict the use of code mobility. The protection of mobile agents against the attacks of malicious hosts is considered the most difficult security problem to solve in mobile agent systems. In particular, collusion attacks have been barely studied in the literature. This paper presents a mechanism that avoids collusion attacks based on code passing. Our proposal is based on a Multi-Code agent, which contains a different variant of the code for each host. A Trusted Third Party is responsible for providing the information to extract its own variant to the hosts, and for taking trusted timestamps that will be used to verify time coherence.

Data mining extracts knowledge or patterns from a large amount of data. Secure communication is an issue of shared database applications. Fundamentally, secure multi party computation is to enable a number of networked parties to carry out distributed computing tasks on sensitive information. In this paper, we have proposed two techniques for multi party communication one is for third party assisted and another without third party. Third party assisted technique uses Group based approach and in case of without third party mechanism ECC based approach is used. Simulation results show that the time taken by the schemes are significantly less as compared to other schemes and this proves the efficacy of the proposed scheme which makes it viable for multi party communication in data mining applications.

Browser extensions are third-party add-ons that provide myriads
of features to their users while browsing on the Web. Extensions
often interact with the websites a user visits and perform various
operations such as DOM-based manipulation, script injections, and
so on. However, this also enables nefarious websites to track their
visitors by fingerprinting extensions. Researchers in the past have
shown that extensions are susceptible to fingerprinting based on
the resources they include, the styles they deploy, or the DOMbased modifications they perform. Fortunately, the current extension ecosystem contains safeguards against many such known
issues through appropriate defense mechanisms.
We present the first study to investigate the fingerprinting characteristics of extension-injected code in pages’ JavaScript namespace and through other observable side-effects like changed cookies.
Doing so, we find that many extensions inject JavaScript that pollutes the applications’ global namespace by registering variables. It
also enables the attacker application to monitor the execution of
the injected code by overwriting the JavaScript APIs and capturing
execution traces through the stacktrace, the set of APIs invoked,
etc. Further, extensions also store data on the client side and perform event-driven functionalities that aid in attribution. Through
our tests, we find 2,747 Chrome and 572 Firefox extensions to be
susceptible to fingerprinting. Unfortunately, none of the existing
defense mechanisms prevent extensions from being fingerprinted
through our proposed vectors. Therefore, we also suggest potential measures for developers and browser vendors to safeguard the
extension ecosystem against such fingerprinting attempts.

Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Internet connection within an isolated or autonomously acting collection of devices? For this, a trusted entity can be elected to generate a key pair and then split the private key amongst trusted devices. Each node can then sign part of the transaction using their split of the shared secret. The aggregated signature can then define agreement on a consensus within the infrastructure. Unfortunately, this process has two significant problems. The first is when no trusted node can act as a dealer of the shares. The second is the difficulty of scaling the digital signature scheme. This paper outlines a method of creating a leaderless approach to defining trust domains to overcome weaknesses in the scaling of the elliptic curve digital signature algorithm. Instead, it proposes the usage of the Edwards curve digital signature algorithm for the definition of multiple trust zones. The paper shows that the computational overhead of the distributed key generation phase increases with the number of nodes in the trust domain but that the distributed signing has a relatively constant computational overhead.

In certified email (CEM) protocols, trusted third party (TTP) transparency is an important security requirement which helps to avoid bad publicity as well as protecting individual users' privacy. Cederquist et al. proposed an optimistic certified email protocol, which employs key chains to reduce the storage requirement of the TTP. We extend their protocol to satisfy the property of TTP transparency, using existing verifiably encrypted signature schemes. An implementation with the scheme based on bilinear pairing makes our extension one of the most efficient CEM protocols satisfying strong fairness, timeliness, and TTP transparency. We formally verify the security requirements of the extended protocol. The properties of fairness, timeliness and effectiveness are checked in the model checker Mocha, and TTP transparency is formalised and analysed using the toolsets μCRL and CADP.

Relevant literatures were reviewed and the experiments were planned to conform to analysis of completely randomized design of 2-way classification with one observation per cell. Coconut husk fibres were extracted, treated and laminated by hand-layup method. Tension tests were conducted on replicated samples of composites of coconut husk fibre reinforced polyester matrix composites (CFRP) subjected to different environmental conditions. This study finds that, water absorption of CFRP increases with temperature and time, the average value of hygrothermal strength is the same irrespective of temperature and time with value about 12GPa, the average value of absorption is the same irrespective of temperature and time with mean value though validation is not established by the null hypothesis, hence suggesting the possibility of interaction between the sources of variation and the second order polynomial is established as predictive model for hygrothermal strength of CFRP in terms of strain.

Increasingly, information systems rely on computational, storage, and network resources deployed in third-party facilities such as cloud centers and edge nodes. Such an approach further exacerbates cybersecurity concerns constantly raised by numerous incidents of security and privacy attacks resulting in data leakage and identity theft, among others. These have, in turn, forced the creation of stricter security and privacy-related regulations and have eroded the trust in cyberspace. In particular, security-related services and infrastructures, such as Certificate Authorities (CAs) that provide digital certificate services and Third-Party Authorities (TPAs) that provide cryptographic key services, are critical components for establishing trust in crypto-based privacy-preserving applications and services. To address such trust issues, various transparency frameworks and approaches have been recently proposed in the literature. This paper proposes TAB framework that provides transparency and trustworthiness of third-party authority and third-party facilities using blockchain techniques for emerging crypto-based privacy-preserving applications. TAB employs the Ethereum blockchain as the underlying public ledger and also includes a novel smart contract to automate accountability with an incentive mechanism that motivates users to participate in auditing, and punishes unintentional or malicious behaviors. We implement TAB and show through experimental evaluation in the Ethereum official test network, Rinkeby, that the framework is efficient. We also formally show the security guarantee provided by TAB, and analyze the privacy guarantee and trustworthiness it provides.

Increasingly, information systems rely on computational, storage, and network resources deployed in third-party facilities or are supported by service providers. Such an approach further exacerbates cybersecurity concerns constantly raised by numerous incidents of security and privacy attacks resulting in data leakage and identity theft, among others. These have in turn forced the creation of stricter security and privacy related regulations and have eroded the trust in cyberspace. In particular, security related services and infrastructures such as Certificate Authorities (CAs) that provide digital certificate service and Third-Party Authorities (TPAs) that provide cryptographic key services, are critical components for establishing trust in Internet enabled applications and services. To address such trust issues, various transparency frameworks and approaches have been recently proposed in the literature. In this paper, we propose a Transparent and Trustworthy TPA using Blockchain...

Considering the growth of wireless communication and mobile positioning technologies, location-based services (LBSs) have been generating increasing research interest in recent years. One of the critical issues for the deployment of LBS applications is how to reconcile their quality of service with privacy concerns. Location privacy based on k-anonymity is a very common way to hide the real locations of the users from the LBS provider. Several k-anonymity approaches have been proposed in the literature, each with some drawbacks. They need either a trusted third party or the users (or providers) to trust each other in collaborative approaches. In this paper, we propose a collaborative approach that provides k-anonymity in a distributed manner and does not require a trusted third party nor the users (or providers) to trust each other. Furthermore, our approach integrates well with the existing communication infrastructure. A user's location is known to only his/her location provider (e.g., cell phone operator). By using cryptographic schemes, user with the help of location providers determines whether the k-anonymity property is satisfied in a query area or not. We start with a simple scenario where user and location providers are honest-but-curious and then we progressively extend our protocol to deal with scenarios where entities may collude with each other. Moreover, we analyze possible threats and discuss how our proposed approach defends against such threats.

This paper proposes a new efficient signature scheme from bilinear maps that is secure in the standard model (i.e., without the random oracle model). Our signature scheme is more effective in many applications (e.g., blind signatures, group signatures, anonymous credentials etc.) than the existing secure signature schemes in the standard model such as the Boneh-Boyen [6], Camenisch-Lysyanskaya [10], Cramer-Shoup [15] and Waters [33] schemes (and their variants). The security proof of our scheme requires a slightly stronger assumption, the 2SDH assumption, than the SDH assumption used by Boneh-Boyen. As typical applications of our signature scheme, this paper presents efficient blind signatures and partially blind signatures that are secure in the standard model. Here, partially blind signatures are a generalization of blind signatures (i.e., blind signatures are a special case of partially blind signatures) and have many applications including electronic cash and voting. Our blind signature scheme is much more efficient than the existing secure blind signature schemes in the standard model such as the Camenisch-Koprowski-Warinsch [8] and Juels-Luby-Ostrovsky [22] schemes, and is also almost as efficient as the most efficient blind signature schemes whose security has been analyzed heuristically or in the random oracle model. Our partially blind signature scheme is the first one that is secure in the standard model and it is very efficient (almost as efficient as our blind signatures). We also present a blind signature scheme based on the Waters signature scheme.

Biometrics and cryptographya re twot ools which have high potential for providing information security and privacy.Acombination of these twoc an eliminate their individual shortcomings, such as non-revocability,n on-diversity,a nd privacy issues in biometrics and need of strong authentication in cryptography. Cryptobiometric systems combine techniques from biometrics and cryptographyf or these purposes, and more interestingly,t oo btain biometrics based cryptographic keys. In this paper,w ea ddress the problem of sharing these keys. We propose ac ryptobiometric scheme in which twoc lients can share as ession keys ecurely and establish as ecure communication session. The scheme involves aC entral Authority for Registration and Authentication (CARA) with which the clients are registered. The CARA stores biometric data only in transformed, cancelable form, allowing for easy revocation of the templates and protecting privacy.T here are twodistinctive features of this protocol (1) it achievesmutual authentication and starts secure communication between two clients which may be previously unknown to each other,and (2) this protocol works even if the twoclients use different biometric modalities in the same (as well as in different) session. Nowadays, information exchange via electronic means is awidely employed task. While the transfer of infirmation is aday-to-day need, it is also required to protect the privacy of this information. The information may be sensitive and be meant for use of only designated entities. In order to protect the privacy of this information, its transmission is generally secured through cryptographic means. The information is first converted into unreadable form through aprocess called as encryption before sending it. The receiverneeds to perform adecryption operation to retrieve the information after receiving it. The encryption and decryption operations depend on long cryptographic keys. Generally,only those who have the correct keys in possession can recoverthe transmitted information. However, because these keys are long (e.g., the Advanced Encryption Standard (AES) [aes01] requires keys of sizes 128, 192, or 256 bits), these need to be stored somewhere. Therefore, in order to maintain the secrecya nd privacy of the information, these keys should be kept secret and access control mechanisms are required to share the keys only with the designated entities.

Using an evolutionary game approach, this paper studies different equilibria in the electronic marketplace, and demonstrates that electronic transaction through a TTP is an evolutionarily stable strategy. According to the evolutionary game analysis, people will gradually adopt this strategy in the electronic marketplace.

In electronic-business settings, content providers produce digital goods/services (such as, games, images, softwares, etc.) which consumers/users wish to purchase. In general, mass-production of digital goods/services is possible if an instance of the goods/services is made available. Digital Rights Management (DRM) mainly considers technological approaches to protect content providers' rights on their original products (also known as, intellectual property) against illegal reproduction of the goods/services (also known as, piracy). Due to the wide range and different types of digital goods, several DRM systems have been studied in the literature. Many existing DRM systems, however, focus on the security of the content provider and often neglect the users' privacy. The problem statement of this thesis is devising DRM systems that protect users' privacy while content provider's security is maintained. To achieve this goal during the life-time of the digital content, w...

Optimistic contract signing protocols allow two parties to commit to a previously agreed upon contract, relying on a third party to abort or conÿrm the contract if needed. These protocols are relatively subtle, since there may be interactions between the subprotocols used for normal signing without the third party, aborting the protocol through the third party, or requesting conÿrmation from the third party. With the help of Mur', a ÿnite-state veriÿcation tool, we analyze two related contract signing protocols: the optimistic contract signing protocol of Asokan, Shoup, and Waidner, and the abuse-free contract signing protocol of Garay, Jakobsson, and MacKenzie. For the ÿrst protocol, we discover that a malicious participant can produce inconsistent versions of the contract or mount a replay attack. For the second protocol, we discover that negligence or corruption of the trusted third party may allow abuse or unfairness. In this case, contrary to the intent of the protocol, the cheated party is not able to hold the third party accountable. We present and analyze modiÿcations to the protocols that avoid these problems and discuss the basic challenges involved in formal analysis of fair exchange protocols.

Efficiency of asynchronous optimistic fair exchange using trusted devices is studied. It is shown that three messages in the optimistic subprotocol are sufficient and necessary for exchanging idempotent items. When exchanging nonidempotent items, however, three messages in the optimistic subprotocol are sufficient only under the assumption that trusted devices have unbounded storage capacity. This assumption is often not satisfiable in practice. It is then proved that exchanging nonidempotent items using trusted devices with a bounded storage capacity requires exactly four messages in the optimistic subprotocol.

This paper proposes a fair electronic gambling scheme for the Internet. The proposed scheme provides a unique link between payment and gambling outcome so that the winner can be ensured to get the payment. Since an optimal fair exchange method is used in gambling message exchange, the proposed system guarantees that no one can successfully cheat during a gambling process. Our system requires an off-line Trusted Third Party (TTP). If a cheating occurs, the TTP can resolve the problem and make the gambling process fair.

Increasingly, information systems rely on computational, storage, and network resources deployed in third-party facilities such as cloud centers and edge nodes. Such an approach further exacerbates cybersecurity concerns constantly raised by numerous incidents of security and privacy attacks resulting in data leakage and identity theft, among others. These have, in turn, forced the creation of stricter security and privacy-related regulations and have eroded the trust in cyberspace. In particular, security-related services and infrastructures, such as Certificate Authorities (CAs) that provide digital certificate services and Third-Party Authorities (TPAs) that provide cryptographic key services, are critical components for establishing trust in crypto-based privacy-preserving applications and services. To address such trust issues, various transparency frameworks and approaches have been recently proposed in the literature. This paper proposes TAB framework that provides transparency and trustworthiness of third-party authority and third-party facilities using blockchain techniques for emerging crypto-based privacy-preserving applications. TAB employs the Ethereum blockchain as the underlying public ledger and also includes a novel smart contract to automate accountability with an incentive mechanism that motivates users to participate in auditing, and punishes unintentional or malicious behaviors. We implement TAB and show through experimental evaluation in the Ethereum official test network, Rinkeby, that the framework is efficient. We also formally show the security guarantee provided by TAB, and analyze the privacy guarantee and trustworthiness it provides.

In this paper, we deal with the proof of ownership or legitimate usage of a digital content, such as an image, in order to tackle the illegitimate copy. The proposed scheme based on the combination of the watermarking and cancelable biometrics does not require a trusted third party, all the exchanges are between the provider and the customer. The use of cancelable biometrics permits to provide a privacy compliant proof of identity. We illustrate the robustness of this method against intentional and unintentional attacks of the watermarked content.

In this paper, we deal with the proof of ownership or legitimate usage of a digital content, such as an image, in order to tackle the illegitimate copy. The proposed scheme based on the combination of the watermarking and cancelable biometrics does not require a trusted third party, all the exchanges are between the provider and the customer. The use of cancelable biometrics permits to provide a privacy compliant proof of identity. We illustrate the robustness of this method against intentional and unintentional attacks of the watermarked content.

Network users usually need a third party validation to prove that they are who they claim to be. Authentication systems mostly assume the existence of a Trusted Third Party (TTP) in the form of a Certificate Authority (CA) or as an authentication server. However, relying on a TTP implies that users do not directly manage their identities, but delegate this role to a third party. This intrinsic issue can generate trust concerns (e.g., identity theft), as well as privacy concerns towards the third party. The main objective of this research is to present an autonomous and independent solution where users can store their self created credentials without depending on TTPs. To this aim, the use of an TTP autonomous and independent network is needed, where users can manage and assess their identities themselves. In this paper, we propose the framework called Three Blockchains Identity Management with Elliptic Curve Cryptography (3BI-ECC). With our proposed framework, the users' identities are self-generated and validated by their owners. Moreover, it allows the users to customize the information they want to share with third parties.

In this paper we present a cryptographic protocol which is the realization of an electronic auction being the component of the e-government system. This cryptographic protocol fulfils all the functions of the classic auction and additionally, by use of cryptographic primitives, enhances the protection of information. The characteristic features of the protocol are: the incontrovertibility of participants and offers, data integrity, confidence of bids, anonymity of the winning bidder, public verification of the result of auction and confirmation of taking part in the auction. 1.

A multi-agent marketplace, MAGNET (Multi AGent Negotiation Testbed), is a promising solution to conduct online combinatorial auctions. The trust model of MAGNET is somewhat different from other on-line auction systems: the mediated marketplace is a partially-trusted third party. In this paper, we identify the security vulnerabilities of MAGNET and present a solution that overcomes these weaknesses. Our solution makes use of three different existing technologies with other standard cryptographic techniques: publish/subscribe systems that provide simple and more general messaging, time-release cryptography to provide guaranteed nondisclosure of the bids, and anonymous communication to hide the identity of the bidders until the end of the auction. By doing so, we successfully minimize the trust on the market as well as increase the security of the whole system. The protocol that we have developed can be adapted for use by other agent-based auction systems, which use a third party to mediate transactions.

A multi-agent marketplace, MAGNET (Multi AGent Negotiation Testbed), is a promising solution for conducting online combinatorial auctions. The trust model of MAGNET is somewhat different from other on-line auction systems, since the marketplace, which mediates all communications between agents, acts as a partiallytrusted third party. In this paper, we identify the security vulnerabilities of MAGNET and present a solution that overcomes these weaknesses. Our solution makes use of three different existing technologies with standard cryptographic techniques: a publish/subscribe system to provide simple and general messaging, time-release cryptography to provide guaranteed nondisclosure of the bids, and anonymous communication to hide the identity of the bidders until the end of the auction. By doing so, we successfully minimize the trust on the market as well as increase the security of the whole system. The protocol that we have developed can be adapted for use by other agent-based auction systems, which use a third party to mediate transactions.

We consider the problem of rational, self-interested, economic agents who must negotiate with each other in a market environment in order to carry out their plans. Customer agents express their plans in the form of task networks with temporal and precedence constraints. A combinatorial reverse auction allows supplier agents to submit bids specifying prices for combinations of tasks, along with time windows and duration data that the customer may use to compose a work schedule. We describe the consequences of ...

Ride-sharing is a service that enables drivers to share trips with other riders, contributing to appealing benefits of shared travel cost and reducing traffic congestion. However, the majority of existing ride-sharing services rely on a central third party to organize the service, which make them subject to a single point of failure and privacy disclosure concerns by both internal and external attackers. Moreover, they are vulnerable to distributed denial of service (DDoS) and Sybil attacks launched by malicious users and external attackers. Besides, high service fees are paid to the ride-sharing service provider. In this paper, we propose a decentralized ride-sharing service based on public Blockchain, named BRide. BRide enables drivers to offer ride-sharing services without relying on a trusted third party. Both riders and drivers can learn whether they can share rides while preserving their trip data, including pick-up/drop-off location, departure/arrival date and travel price. However, malicious users exploit the anonymity provided by the public blockchain to submit multiple ride requests or offers, while not committing to any of them, in order to find a better offer or to make the system unreliable. BRide solves this problem by introducing a time-locked deposit protocol for a ride-sharing by leveraging smart contract and zero-knowledge set membership proof. In a nutshell, both a driver and a rider have to show their good will and commitment by sending a deposit to the blockchain. Later, a driver has to prove to the blockchain on the agreed pickup time that he/she arrived at the pickup location on time. To preserve rider/driver privacy by hiding the exact pickup location, the proof is performed using zero-knowledge set membership proof. Moreover, to ensure fair payment, a pay-as-you-drive methodology is introduced based on the elapsed distance of the driver and rider. In addition, we introduce a reputation model to rate drivers based on their past behaviour without involving any third-parties to allow riders to select them based on their history on the system. Finally, we implement our protocol and deploy it in a test net of Ethereum. The experimental results show the applicability of our protocol atop existing real-world blockchains.

Wireless Ad-Hoc Sensor Networks A Mobile Ad-hoc Network (MANET) is a self-ruling gathering of versatile clients that convey over generally transfer speed obliged remote connections. Following the hubs are versatile, the system topology might change quickly and erratically after some time. The system is decentralized, where all system movement including finding the topology and conveying messages must be executed by the hubs themselves, i.e. steering usefulness will be fused into portable hubs. A remote specially appointed sensor system comprises of various sensors spread over a geological zone. Every sensor has remote correspondence capacity and some level of knowledge for sign preparing and systems administration of the information. The capacity of the sensor system to total the information gathered can incredibly decrease the quantity of messages that should be transmitted over the system. Security in specially appointed systems is an imperative issue for impromptu systems, partic...

ASSERT4SOA project proposes machine readable certificates to be used to allow Web service requesters to automatically assess the security properties of Web services (and their providers) as certified by some trusted third party. This vision promises to open up an entire new market for certification services.

This paper presents an opportunistic encryption scheme strictly layered on top of IPv6. Assuming that a node needs to send data toward another node, our proposal enables the dynamic configuration of an encrypted tunnel between the two nodes' IPsec gateways. The main contribution of this paper is to propose a solution that is fully distributed and does not rely on any global Trusted Third Party (such as DNSSEC or a PKI). The IPsec gateways are discovered using IPv6 anycast, and they derive authorization from authorization certificates and Crypto-Based Identifiers (CBIDs). The result is a robust and easily deployable opportunistic encryption service for IPv6.

In today’s technological world, virtual resources and services are more demanded over the network and internet. For this cloud computing is the best solution in all terms like scalability, cost, flexibility, and efficiency. But the major factor affecting on cloud services is the poor security. Therefore in this paper, we propose sack of algorithms which are combine methods of symmetric and asymmetric cryptographic algorithms encrypted for security and secure hash algorithm for data integrity.This ensures more data confidentiality with secure encryption of secret key using digital certificate through trusted third party(TTP).Trusted third party acts as substitute of cloud service user (CSU),by holding secret key and communicating with cloud service provider(CSP) , to reduce overhead of maintainability of data.We proposed the method for data integrity, which will enhance checking of data correctness with zero overhead to user

VoIP and collaboration Internet applications are a driving force for the use and expansion of the Internet. Current applications usually require end user registration in a central user database, which in turn provides directory services to the users of the relevant system; in addition they use either two bridged clientserver connections between the end users and the server or they allow direct client connections. In this paper we propose a new architecture that leverage security for user communications carried over the Internet. Our proposal ensures end-to-end security through the implementation of the biometric based procedures followed by the VoIPSec (Voice Interactive Personalized Security) protocol. Our approach alleviates the need of a trusted third party authentication authority. We present the architecture of a novel application with enhanced security. We also identify implementation fundamentals and provide experimental results for the overhead on the data exchange path and on the end users' devices.

We present a quantum solution to coordination problems that can be implemented with existing technologies. It provides an alternative to existing approaches, which rely on explicit communication, prior commitment or trusted third parties. This quantum mechanism applies to a variety of scenarios for which existing approaches are not feasible.

Abstract. MANET security is becoming a challenge for researchers with the time. The lack of infrastructure gives rise to authentication problems in these networks. Most of the TTP and non-TTP based schemes seem to be impractical for being adopted in MANETs. A hybrid key-management scheme addressed these issues effectively by pre-assigned logins on offline basis and issuing certificates on its basis using 4G services. However, the scheme did not taken into account the CRL status of servers; if it is embedded the nodes need to check ...

Mobility of nodes is an important issue in mobile adhoc networks (MANET). Nodes in MANET move from one network to another individually and in the form of group. In single node mobility scheme every node performs registration individually in new MANET whereas in group mobility scheme only one node in a group i.e group representative (GR) performs registration on behalf of all other nodes in the group and is assigned Care of Address (CoA). Internet protocol (IP) of all other nodes in the group remains same. Our simulated results prove that group mobility scheme reduces number of messages and consumes less time for registration of nodes as compared to single node mobility scheme. Thus network load is reduced in group mobility scheme. This research paper evaluates the performance of group mobility with single node mobility scheme. Test bed for this evaluation is based on Network Simulator 2 (NS-2) environment.

Previous research has proposed Human-Interactive Security Protocols (HISP) for bootstrapping security in ad hoc mobile device interactions. These protocols rely on low bandwidth Out-Of-Band (OOB) channels-that are suitable for transferring limited information (e.g. fingerprints of public keys) but unsuitable for transmitting cryptographic keys due to bandwidth constraints-and high bandwidth channels such as Bluetooth and WiFi. In this paper, we argue that factors that are crucial to designing OOB channels that are both usable and secure have not been understood and analysed, and propose a framework for reasoning about them in order to design OOB channels that suit human and contextual needs to achieve usable and acceptable effective security.

Location-based services (LBSs) have received a significant amount of recent attention from the research community due to their valuable benefits in various aspects of society. In addition, the dependency on LBS in the performance of daily tasks has increased dramatically, especially after the spread of the COVID-19 pandemic. LBS users use their real location to build LBS queries to take benefits. This makes location privacy vulnerable to attacks. The privacy issue is accentuated if the attacker is an LBS provider since all information about users is accessible. Moreover, the attacker can apply advanced attacks, such as map matching and semantic location attacks. In response to these issues, this work employs artificial intelligence to build a robust defense against advanced location privacy attacks. The key idea behind protecting the location privacy of LBS users is to generate smart dummy locations. Smart dummy locations are false locations with the same query probability as the real location, but they are far from both the real location and each other. Relying on the previous two conditions, the deep-learning-based intelligent finder ensures a high level of location privacy protection against advanced attacks. The attacker cannot recognize the dummies from the real location and cannot isolate the real location by a filtering process. In terms of entropy (the privacy protection metric), accuracy (the deep learning metric), and total execution time (the performance metric) and compared to the well-known DDA and BDA systems, the proposed system shows better results, where entropy = 15.9, accuracy = 9.9, and total execution time = 17 sec.

Mobility of nodes is an important issue in mobile adhoc networks (MANET). Nodes in MANET move from one network to another individually and in the form of group. In single node mobility scheme every node performs registration individually in new MANET whereas in group mobility scheme only one node in a group i.e group representative (GR) performs registration on behalf of all other nodes in the group and is assigned Care of Address (CoA). Internet protocol (IP) of all other nodes in the group remains same. Our simulated results prove that group mobility scheme reduces number of messages and consumes less time for registration of nodes as compared to single node mobility scheme. Thus network load is reduced in group mobility scheme. This research paper evaluates the performance of group mobility with single node mobility scheme. Test bed for this evaluation is based on Network Simulator 2 (NS-2) environment.

Privacy of PII(Personally Identifiable Information) on the Internet is a major concern of a netizen. On the Internet different service providers are supposed to publish their own privacy policies but understanding of these policies is a major problem. Standards like Platform for Privacy Preferences(P3P), provide a computer readable format and a protocol for allowing web browsers to retrieve and process privacy policies. In this paper we studied the various privacy mechanisms in place and compared them on the basis of their architecture and third party intervention. We also proposed an alternative privacy mechanism that introduces the concept of a third party whose role is to verify the privacy policy and keep a proactive check on the use of specified PII's. In case of a violation the third party, informs the users of the breach. The implementation of the proactive check on the PII has been done through software agents. The requirement of granting legal status to transactions of the PII by the use of Digital Signatures and PKI has also been proposed,thereby legally binding the web entity to use the PII as per the agreed terms.

This paper deals with the design of Internet billing system, in which it is possible pay invoices electronically. This approach is implemented via virtual banks, in which the process of money transfer can be implemented. In other hand many applications can be realize such as; deposit e-money, withdrawal e-money and determine account balance. A Gate way translator is used to apply authentication rules, security and privacy.

secure multi-party computation is widely studied area in computer science. It is touching all most every aspect of human life. This paper demonstrates theoretical and experimental results of one of the secure multi-party computation protocols proposed by Shukla et al. implemented using visual C++. Data outflow probability is computed by changing parameters. At the end, time and space complexity is calculated using theoretical and experimental results.

Nowadays, it can be assumed that valuable private data can be securely transmitted from one sender to one (or more) recipients. An unsolved problem following the transmission is addressed by this paper. The sender of some confidential information does not know what happens with the data after the transmission. If the message appears in a place it should not, the originator does not know who published it unauthorized. In order to solve this problem, this paper introduces a new non-repudiation service that allows tracking the way of protected data via several recipients.

We explore the notion of agent-based data mining and visualization as a means for exploring large, multi-dimensional data sets. In Reynolds' classic flocking algorithm (1987), individuals move in a 2-dimensional space and emulate the behavior of a flock of birds (or "boids", as Reynolds refers to them). Each individual in the simulated flock exhibits specific behaviors that dictate how it moves and how it interacts with other boids in its "neighborhood". We are interested in using this approach as a way of visualizing large multi-dimensional data sets. In particular, we are focused on data sets in which records contain time-tagged information about people (e.g., a student in an educational data set or a patient in a medical records data set). We present a system in which individuals in the data set are represented as agents, or "data boids". The flocking exhibited by our boids is driven not by observation and emulation of creatures in nature, but rather by features inherent in the data set. The visualization quickly shows separation of data boids into clusters, where members are attracted to each other by common feature values.

Trust is a fundamental concern in large-scale open distributed systems. It lies at the core of all interactions between the entities that have to operate in such uncertain and constantly changing environments. Given this complexity, these components, and the ensuing system, are increasingly being conceptualised, designed, and built using agent-based techniques and, to this end, this paper examines the specific role of trust in multi-agent systems. In particular, we survey the state of the art and provide an account of the main directions along which research efforts are being focused. In so doing, we critically evaluate the relative strengths and weaknesses of the main models that have been proposed and show how, fundamentally, they all seek to minimise the uncertainty in interactions. Finally, we outline the areas that require further research in order to develop a comprehensive treatment of trust in complex computational settings.

We propose a steganalytic algorithm for watermarks embedded by Cho et al.'s mean-based algorithm [1]. The main observation is that while in a clean model the means of Cho et al.'s normalized histogram bins are expected to follow a Gaussian distribution, in a marked model their distribution will be bimodal. The proposed algorithm estimates the number of bins through an exhaustive search and then the presence of a watermark is decided by a tailor made normality test. We also propose a modification of Cho et al.'s algorithm which is more resistant to the steganalytic attack and offers an improved robustness/capacity trade-off.

Due to the offering of many benefits, blockchain is a useful environment to build many applications in multiple fields such as cryptocurrency, Internet of Things (IoT), mobile applications and healthcare industry. However, it has a problem in ensuring the privacy of user data due to its public nature. Data on a blockchain is public and can reveal someone's personal data or transactions. Many applications that venture in blockchain such as financial applications, Internet of Things (IoT) and healthcare applications can fall victim to revelation of personal data and linking attack. Many solutions such as automated access-control protocol that does not require a third party, a local miner operating in a local private blockchain that enforces users' access control policy, a cryptographic protocol that lets contractual parties interact by using zero-knowledge proof, and computation of data query in a distributed way by using secure multi-party computation have been proposed to tackle this privacy issue in using blockchain. Hence, this paper provides a review on the current solutions that addresses the privacy issues of blockchain in different platforms. However, these solutions have some limitations that cannot be overlooked and proper measures must be taken to make blockchain to be able to better protect the privacy of its users. This paper also discusses the limitations of the solutions and looks into the aspects that need to be addressed.

Mobility of nodes is an important issue in mobile adhoc networks (MANET). Nodes in MANET move from one network to another individually and in the form of group. In single node mobility scheme every node performs registration individually in new MANET whereas in group mobility scheme only one node in a group i.e group representative (GR) performs registration on behalf of all other nodes in the group and is assigned Care of Address (CoA). Internet protocol (IP) of all other nodes in the group remains same. Our simulated results prove that group mobility scheme reduces number of messages and consumes less time for registration of nodes as compared to single node mobility scheme. Thus network load is reduced in group mobility scheme. This research paper evaluates the performance of group mobility with single node mobility scheme. Test bed for this evaluation is based on Network Simulator 2 (NS-2) environment.