Applications, systems and methods for permitting simultaneous use of a file by two or more computers over a network may include storing the file locally in a local storage device associated with a local computer; providing access to the file by at least one remote computer which is connectable to the local computer via the network, and wherein at least one of the computers is connectable to the network through a firewall element. The file may be stored in at least one remote storage device associated with the at least one remote computer, respectively, and versions of the file contained on the one or more remote storage devices are synchronized with that on the local device by transmitting over the network connecting the one or more remote storage devices with the local device, at least one of Delta files and Inverse Delta files between the remote storage devices and the local storage device. A method of remotely observing computer activity on a second computer remote with respect to a first computer is also provided. Further, file sharing systems and methods are provided for sharing files among computers.

Managed peer-to-peer applications, systems and methods for distributed data access and storage

A transformation is underway in electric power and energy systems (EPESs) to provide clean distributed energy for sustainable global economic growth. Internet of Things (IoT) is at the forefront of this transformation imparting capabilities, such as real-time monitoring, situational awareness and intelligence, control, and cyber security to transform the existing EPES into intelligent cyber-enabled EPES, which is more efficient, secure, reliable, resilient, and sustainable. Additionally, digitizing the electric power ecosystem using IoT improves asset visibility, optimal management of distributed generation, eliminates energy wastage, and create savings. IoT has a significant impact on EPESs and offers several opportunities for growth and development. There are several challenges with the deployment of IoT for EPESs. Viable solutions need to be developed to overcome these challenges to ensure continued growth of IoT for EPESs. The advancements in computational intelligence capabilities can evolve an intelligent IoT system by emulating biological nervous systems with cognitive computation, streaming and distributed analytics including at the edge and device levels. This review paper provides an assessment of the role, impact and challenges of IoT in transforming EPESs.

Review of Internet of Things (IoT) in Electric Power and Energy Systems

The Man-In-The-Middle (MITM) attack is one of the most well known attacks in computer security, representing one of the biggest concerns for security professionals. MITM targets the actual data that flows between endpoints, and the confidentiality and integrity of the data itself. In this paper, we extensively review the literature on MITM to analyse and categorize the scope of MITM attacks, considering both a reference model, such as the open systems interconnection (OSI) model, as well as two specific widely used network technologies, i.e., GSM and UMTS. In particular, we classify MITM attacks based on several parameters, like location of an attacker in the network, nature of a communication channel, and impersonation techniques. Based on an impersonation techniques classification, we then provide execution steps for each MITM class. We survey existing countermeasures and discuss the comparison among them. Finally, based on our analysis, we propose a categorisation of MITM prevention mechanisms, and we identify some possible directions for future research.

A Survey of Man In The Middle Attacks

In a network, a media coordination system provides secure multimedia communication channels in a collaborative network environment. The media coordination system provides automatic encryption, dynamic interconnection of streams of data, and user interface elements that provide users with control over the ultimate destination of their audio and video data. The infrastructure of the system includes a plurality of client workstations that are connected to a central server using point-to-point network connections. The central server maintains a persistent virtual world of network places with objects located therein. Streams of audio and video data are coordinated between client workstations operating in the persistent virtual world by a key manager object using channels, transmitters, and receivers. The client workstations multicast their audio and video data over the network to defined recipients after receiving a multicast address and an encryption key for a specific multicast channel. In order to protect the privacy of all communications and the integrity of the coordination system, each client workstation retains significant control over distribution and reception of audio and video data since multicast transmission is tied to specific user interface elements. The multimedia user interface elements include cameras, speakers, microphones, and video panes. Since the central server only coordinates where audio and video data is broadcast for a particular interface element, each client workstation ultimately controls the destination of multimedia data through selection of the element at the user interface.

Multimedia coordination system

COCA is a fault-tolerant and secure on-line certification authority that has been built and deployed both in a local area network and in the Internet. Extremely weak assumptions characterize environments in which COCA’s protocols execute correctly: no assumption is made about execution speed and message delivery delays; channels are expected to exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or compromised. COCA is the first system to integrate a Byzantine quorum system (used to achieve availability) with proactive recovery (used to defend against mobile adversaries which attack, compromise, and control one replica for a limited period of time before moving on to another). In addition to tackling problems associated with combining fault-tolerance and security, new proactive recovery protocols had to be developed. Experimental results give a quantitative evaluation for the cost and effectiveness of the protocols.

/pdf/coca-a-secure-distributed-on-line-certification-authority-4g5d8q3nlj.pdf

COCA: A Secure Distributed On-line Certification Authority

https://people.inf.ethz.ch/basin/pubs/mitm-cc.pdf

SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle

An online conference session management system includes computer sites associated with a conference session holder, a plurality of service providers and a plurality of conference session participants. The conference session holder and each service provider has a respective associated public/private key pair for a specified online conference session. Each service provider is provided with an active participant registration certificate that gives the service provider the authority to register participants of the specified conference session, as well as authority to register other service providers as active participants of the specified conference session by providing those other service providers with respective active participant registration certificates. Each active participant registration certificate is digitally signed by either the conference session holder or one of the service providers using a private key of a public/private key pair unique to the conference session holder or respective service provider. Each active participant registration certificate includes the public key of the public/private key pair unique to the service provider whose authority to register participants is given by that active participant registration certificate. The service providers provide participants of the specified conference session with passive participant registration certificates. Each passive participant registration certificate is digitally signed by a service provider using a private key associated with that service provider. A passive participant registration certificate is validated by verifying the certificate's digital signature with the public key associated with the service provider that provided the passive participant registration certificate, and then validating that service provider's active participant registration certificate.

Distributed registration and key distribution system and method

Overall, transport layer security with session-aware user authentication offers a promising approach to solving man-in-the-middle attack problems by leveraging the legacy authentication mechanisms and systems that the general public has become accustomed to using.

SSL/TLS Session-Aware User Authentication

Phishing and Web spoofing have proliferated and become a major nuisance on the Internet. The attacks are difficult to protect against, mainly because they target non-cryptographic components, such as the user or the user-browser interface. This means that cryptographic security protocols, such as the SSL/TLS protocol, do not provide a complete solution to tackle the attacks and must be complemented by additional protection mechanisms. In this paper, we summarize, discuss, and evaluate the effectiveness of such mechanisms against (large-scale) phishing and Web spoofing attacks.

/pdf/effective-protection-against-phishing-and-web-spoofing-h76mo3nzce.pdf

Rolf Oppliger

Papers

SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle

Distributed registration and key distribution system and method

SSL/TLS Session-Aware User Authentication

Effective protection against phishing and web spoofing

SSL/TLS session-aware user authentication revisited