| Cryptography |
|
On Rigorous Security of Password Recovery Protocols
|
|
Many online services adopt a password-based user authentication system because of its usability and most online services support a mechanism with which a user can recover a password. In this research, we discuss a provable security treatment for a password recovery protocol.
|
|
Generic Constructions of Adaptively Secure Attribute-Based Signcryption |
|
Until now, a number of constructions of attribute-based signcryption have been proposed in the literature. We have firstly proposed some generic constructions of the primitive and proved mathematically that they satisfy their strongest security notion, i.e. the adaptive security.
|
| Information Security and Economics |
|
Empirical and Theoretical Analyses on the Security of Japanese Loyalty Programs
|
|
In Japan, partnership alliances are now popular in operating a loyalty program (LP), but there are occurring many security incidents. Attackers are trying to thieve legitimate users' point asset. We empirically analyzed the threat on Japanese LPs and suggested the relation between threat and number of partners, or redemption period, or specific partner. We also studied the trade-off between security and profit by constructing a simple model.
|
| Android Security |
|
A Survey of Information Leakage on Android.
|
|
Recently, many people use smartphone. It becomes more important to study on security and privacy in Android, which is one of the mobile operating systems for smartphones and tablets. An Android device tends to contain sensitive information, phone numbers, names, contacts and so on. Android applications could easily access these information. So, it is efficient for adversaries to obtain information from Android devices. This is a survey of information leakage on Android.
|
| Web Security |
|
Design and Implementation of Static Analysis for Detection of XSS Attacks Vulnerabilities in Web Application Implemented with Object Oriented Programming
|
|
A lot of researches about Cross Site Scripting (XSS) attacks have been researched and this has been diversified. There is a little researches about analysis on scripting analysis implemented with object oriented programming in static analysis. This research suggests and implements a method of static analysis of XSS attacks in web application implemented with object oriented programming.
|
| Privacy |
|
Extended Evaluation of Fingerprinting Attacks on Tor Anonymity System and Thier Countermeasures
|
|
Fingerprinting attack is typical attack which de-anonymize user of Tor anonymity system.
But the existing evaluation is insufficient.
We extend the evaluation of fingerprinting attacks and show real threat.
Then we show their countermeasures.
|
| Digital Forensics |
|
Proposal of the incident response method using the graph structure on the
industrial control systems
|
|
Incident response techniques on the cyber attacks against the industrial
control systems (ICSs) have not yet been established.
In this research, we propose the novel method to assign priorities based
on the distance between the damaged host and each component of the ICS.
Especially, the distance is calculated on the basis of the network
structure of the ICS, which contributes to the consideration on the
effective incident response techniques.
|
| Authentication |
|
A Proposal of MusiAuth for Fallback Authentication
|
|
Fallback authentication is used to regain access to users accounts when the primary authentication fails. According to the unsolved problems left from the existing fallback authentication methods and the unique properties fallback authentication preserves, a gather of principles that fallback authentication should follow has been discussed, and a new fallback authentication method MusiAuth based on those principles on web services has been proposed and explained in this research.
|
|