Journal of Information Security and Applications

Security policies constrain the behavior of all users of an information system. In any non-trivial system, these security policies go beyond simple access control rules and must cover more complex and dynamic scenarios while providing, ...

• A domain-specific language for UCON policies is defined.
• The domain-specific ...

The security of multimedia content and its applications have become a a very important task in digital communication technology. The extensive use of multimedia content over wireless networks makes the network applications exposed to ...

A proper assessment of potential cyber threats is vital for security decision-making. This becomes an even more challenging task when dealing with new system designs and industry sectors where there is little or no historical data ...

Swarm robotics is the study of how a large number of relatively simple robots can be designed so that a desired collective behaviour emerges from the local interactions among robots and between the robots and their environment. While ...

Industrial Control Systems (ICS) in public infrastructure, such as water treatment and distribution plants, have become a target of sophisticated cyber-attacks. Given the ever-present insider and other threats in such systems, there is ...

In the ever-changing cyber threat landscape, evolving malware threats demand a new technique for their detection. This paper puts forward a strategy for distinguishing malware programs based on transfer learning procedures. The ...

The s-box plays the vital role of creating confusion between the ciphertext and secret key in any cryptosystem, and is the only nonlinear component in many block ciphers. Dynamic s-boxes, as compared to static, improve entropy of the ...

The research of reversible data hiding in crypto-imagery has attracted considerable attention due to privacy concerns in cloud computing applications. The schemes that vacate spare room after block-wise image encryption can avoid ...

The scope of cyberspace weapons is expanding from the physical network domain to the cognitive information domain. Technologies such as network penetration, public opinion guidance and attacks, cognitive intervention and control will ...

WPA3-Personal renders the Simultaneous Authentication of Equals (SAE) password-authenticated key agreement method mandatory. The scheme achieves forward secrecy and is highly resistant to offline brute-force dictionary attacks. Given ...

Vehicle Ad Hoc Network (VANET) systems that use Public Key Infrastructure (PKI) experience significant delays when checking Certificate Revocation Lists (CRLs) and performing key pair-based asymmetric cryptographic operations. This ...

Malicious software is a pernicious global problem. A novel multi-task learning framework is proposed in this paper for malware image classification for accurate and fast malware detection. We generate bitmap (BMP) and (PNG) images from ...

The digital rights management is mainly about license management. Take software licensing as an example. A software license can be assigned to a user, a group of users, or an organization. To protect the copyright against software ...

The Internet of Vehicles (IoV) is introduced to transfer/exchange the data among roadside units and vehicles through various smart devices in real time scenarios. However, the past works in IoV leads to various transparencies, security ...

Software-Defined Network (SDN) is a new arising terminology of network architecture with outstanding features of orchestration by decoupling the control plane and the data plane in each network element. Even though it brings several ...

In this paper, we propose a lattice-based authentication scheme for IoT technologies such as RFID systems. The security of the proposed scheme is based on ISIS problem which helps to resist to quantum attacks. The proposed scheme ...