Showing papers on "Handshake published in 2011"

A secure handshake scheme with symptoms-matching for mHealthcare social network

Abstract: In our aging society, mHealthcare social network (MHSN) built upon wireless body sensor network (WBSN) and mobile communications provides a promising platform for the seniors who have the same symptom to exchange their experiences, give mutual support and inspiration to each other, and help forwarding their health information wirelessly to a related eHealth center. However, there exist many challenging security issues in MHSN such as how to securely identify a senior who has the same symptom, how to prevent others who don't have the symptom from knowing someone's symptom? In this paper, to tackle these challenging security issues, we propose a secure samesymptom-based handshake (SSH) scheme. Specifically, in the proposed SSH scheme, each patient is granted with a pseudo-ID and its private key corresponding to his symptom. When two patients meet, only if they have the same symptom, they can use their private keys to make mutual authentication. With the provable security technique, we demonstrate the proposed SSH is secure in the MHSN scenarios. Moreover, we also discuss a promising application - social-based patient health information (PHI) collaborative reporting in MHSN, and conduct extensive simulations to evaluate its efficiency in terms of PHI delivery ratio and reporting delay.

Imparting real-time priority-based network communications in an encrypted communication session

Abstract: This specification describes technologies relating to imparting real-time priority-based network communications in an encrypted session. In general, aspects of the subject matter described can be embodied in methods that include establishing, based on cryptographic information in a reserved, random-data portion of a handshake communication, a session, receiving parameter values relating to a sub media stream, included in a header of a network communication, storing the parameter values, obtaining state information and a data payload included in a second network communication, identifying, from the state information, a purpose of the second network communication, and whether a header of the second network communication includes one or more new values corresponding to one or more of the parameters, updating one or more of the stored values based on the one or more new values, and processing the data payload based on the identified purpose and the stored parameter values.

Handshake: Realistic human-robot interaction in haptic enhanced virtual reality

Abstract: This paper focuses on the development and evaluation of a haptic enhanced virtual reality system which allows a human user to make physical handshakes with a virtual partner through a haptic interface. Multimodal feedback signals are designed to generate the illusion that a handshake with a robotic arm is a handshake with another human. Advanced controllers of the haptic interface are developed to respond to user behaviors online. Techniques to achieve online behavior generation are presented, such as a hidden-Markov-model approach to human interaction strategy estimation. Human-robot handshake experiments were carried out to evaluate the performance of the system. Two different approaches to haptic rendering were compared in experiments: a controller in basic mode with an embedded curve in the robot that disregards the human partner, and an interactive robot controller for online behavior generation. The two approaches were compared with the ground truth of another human driving the robot via teleoperation instead of the controller implementing a virtual partner. In the evaluation results, the human approach is rated to be most human-like, with the interactive controller following closely behind, followed by the controller in basic mode. This paper mainly concentrates on discussing the development of the haptic rendering algorithm for the handshaking system, its integration with visual and haptic cues, and reports about the results of subjective evaluation experiments that were carried out.

Development of a handshake request motion model based on analysis of handshake motion between humans

Abstract: A handshake is an embodied interaction to display closeness using physical contact. In the case of a handshake between a human and a robot, robots can now smoothly communicate and coexist with humans without eliciting feelings of aversion in humans. To enable such a handshake, we proposed a model that simulates a handshake approach motion by analyzing the human-human handshake motion. With this model, a robot generates a handshake motion when a handshake is requested by a human. However, embodied interaction between a human and a robot can be promoted if, instead, a robot requests a handshake from a human. Therefore, in this paper, we propose a handshake request motion model with which a robot requests humans for a handshake. In this model, a robot stretches its hand out to a human to request a handshake. Furthermore, a gaze presentation is generated based on the analysis of the handshake between humans. A handshake robot system with the proposed model is developed, and the effectiveness of the model is experimentally demonstrated.

Device charging over usb using a plurality of handshakes

Abstract: Charging a device using a plurality of handshakes. A first device may provide a first handshake to a second device. A device of a first device type may be configured to charge its battery without further communication based on the first handshake. The first device may monitor a connection to the second device for a second handshake corresponding to a device of a second device type. In response to detecting the second handshake, the first device may provide a response to the second device. Accordingly, the second device of the second device type may be configured to charge its battery based on the second handshake.

Cyber-physical handshake

Abstract: While sensor-enabled devices have greatly enriched human interactions in our daily life, discovering the essential knowledge behind sensing data is a critical issue to connect the cyber world and the physical world. This motivates us to design an innovative sensor-aided social network system, termed cyber-physical handshake. It allows two users to naturally exchange personal information with each other after detecting and authenticating the handshaking patterns between them. This work describes our design of detection and authentication mechanisms to achieve this purpose and our prototype system to facilitate handshake social behavior.

Mechanisms for role negotiation in the establishment of secure communication channels in peer-to-peer environments

Abstract: Methods of establishing secure communication channels in peer-to-peer environments are provided that eliminate role conflicts between peers by determining which peer will act as a client and which the peer will act as a server in a secure connection handshake. In one embodiment, an attribute of the handshake messages are used in a tiebreaker process to determine which peer assumes the role of the server. In another embodiment, the attribute may be used to compute a wait period for each peer, or the wait period may be based on a random time period, and the peers cancel their request and resent requests after waiting their respective time periods.

Method and apparatus for processing digital image

Abstract: Provided is a method of correcting handshake in a digital image processing apparatus. The digital image processing apparatus includes a lens location detector for detecting a location of the focusing lens when a lens driving unit drives a photographing lens group; a handshake detector for detecting an amount of handshake from a signal representing a movement of the digital image processing apparatus; and a handshake correction unit for adjusting the lens driving unit according to a difference between the amount of handshake detected by the handshake detector and the location of the focusing lens detected by the lens location detector.

Weakness in 802.11w and an improved mechanism on protection of management frame

Abstract: IEEE 802.11w, an amending standard for 802.11i, provides protection for management frames in WLAN. However, the frames are vulnerable to be eavesdropped, forged and distorted before the Four-Way Handshake complete. An improved mechanism named Temporary Safe Tunnel (TST) is proposed to solve the problem above. Since TST has been meticulously designed, it is low cost and improves the security of WLAN.

Joint time and spatial reuse handshake protocol for underwater acoustic communication networks

Abstract: In most existing handshake-based collision avoidance protocols, nodes in the proximity of the transmitter or receiver are kept silent during an ongoing communication session. In this paper, we utilize the long propagation delay in the underwater acoustic channel and the (possible) sparsity of the network topology to increase network throughput. We formalize conditions for which a node can transmit even when it is located one-hop away from a node participating in another communication session. We consider these conditions as problem constraints and form a distributed collision-avoidance handshake-based protocol, which jointly applies spatial and time reuse techniques. Our simulation results show that at a price of complexity, our protocol outperforms a recently proposed handshake protocol in terms of throughput and transmission delay.

Throughput Improvement of IEEE802.11DCF with Adaptive RTS/CTS Control on the Basis of Existence of Hidden Terminals

Abstract: IEEE802.11 RTS/CTS handshake to avoid a packet collision with the transmissions from hidden terminals. Although RTS/CTS handshake effectively reduces packet collisions with hidden terminals, it also increases transmission overhead of IEEE802.11. In this paper, we discuss transmission overhead of IEEE802.11 induced by RTS/CTS handshake, and propose a new adaptive RTS/CTS control method on the basis of existence of hidden terminals, for mitigating transmission overhead ofIEEE802.11. Results from computer simulations confirm that our proposed method improve throughput performance in around the saturated traffic environment.

Digital image processing apparatus including handshake correction module and methods of controlling the digital image processing apparatus

Abstract: A digital image processing apparatus and a method of controlling the digital image processing apparatus, the method including: generating a live view image; performing a preprocessing operation on the live view image; driving a vibration mode of a handshake correction module in response to a result of the preprocessing operation; and if a photographing signal is input, generating a photographing image after terminating the vibration mode of the handshake correction module

A Medium Access Control Protocol with Adaptive Parent Selection Mechanism for Large-Scale Sensor Networks

Abstract: In the MAC protocols based on the S-MAC scheme, usually the combination of periodic sleep/listen scheduling and four-way handshake mechanism is employed to reduce idle listening and avoid interference. However, this combination greatly degrades network capacity and results in high end-to-end latency. In this paper, we propose Adaptive IAMAC to increase channel utilization and improve communication efficiency, specifically in large-scale sensor networks with low duty cycle. Adaptive IAMAC allows multiple nodes to transmit to their common parent during a frame. Moreover, it includes the adaptive parent selection mechanism, which enables the nodes to change their parent according to the currently overheard control packets at the MAC layer. Through these techniques, Adaptive IAMAC enhances network throughput, reduces end-to-end latency, and moderates the overhead of four-way handshake mechanism. Simulation results confirm that Adaptive IAMAC provides significant improvements over S-MAC in terms of throughput, latency, and energy efficiency.

A practical approach to portscan detection in very high-speed links

Abstract: Port scans are continuously used by both worms and human attackers to probe for vulnerabilities in Internet facing systems. In this paper, we present a new method to efficiently detect TCP port scans in very high-speed links. The main idea behind our approach is to early discard those handshake packets that are not strictly needed to reliably detect port scans. We show that with just a couple of Bloom filters to track active servers and TCP handshakes we can easily discard about 85% of all handshake packets with negligible loss in accuracy. This significantly reduces both the memory requirements and CPU cost per packet. We evaluated our algorithm using packet traces and live traffic from 1 and 10 GigE academic networks. Our results show that our method requires less than 1 MB to accurately monitor a 10 Gb/s link, which perfectly fits in the cache memory of nowadays' general-purpose processors.

Handshake: a case study for exploring business networking for the enterprise, inside and out

Abstract: MITRE has developed and launched Handshake, a social networking platform for business networking use. We took a unique approach in providing a single MITRE-hosted platform for connecting, collaborating, and networking with internal employees and external partners. The business networking prototype also serves as a research platform for building and deploying other social capabilities and exploring the value of social media for the enterprise. Since its initial release, Handshake has grown to support over 4300 users (∼1000 are external participants) and 450 groups. Feedback from our early adopters has been very positive, with compelling stories on how they are able to engage our sponsors, mission users, and other partners in ways not possible with previous tools. We discuss the initial results of our study here and provide examples of how Handshake is able to meet our corporate objective of bringing the larger community to bear on problems of national importance.

An Implementation of Handshake Join on FPGA

Abstract: This paper shows an implementation of handshake join on field-programmable gate array (FPGA). Handshake join is one of stream join algorithms, proposed by Teubner and Mueller. It can support very high degrees of parallelism and attain unprecedented success in throughput speed in order to achieve efficient support for window-based join in streaming databases. In handshake join, it is necessary to take into account the problems with regard to the capacity of the output channel and the limitation of the internal buffer sizes, in order to apply join operation to input tuples efficiently in a correct manner. However, the implementation has not necessarily clarified in detail yet in their paper. In this paper, to solve the issues, we propose the merging network and the admission controller. Then we evaluate the architecture in terms of the hardware resource usage, the maximum clock frequency, and the operation performance.

Latency evaluation of extensible authentication protocols in WLANs

Abstract: Authentication has been an important issue in providing access to the clients in Wireless Local Area Networks (WLANs). In order to protect the WLANs from intruders and malicious users, authentication protocols are employed. This paper evaluates the authentication delay introduced by EAP-enabled WLAN Access Points (AP) when used from indoor and outdoor environments. Experiments were performed on a wireless testbed in which a user connects to an AP under static and mobile conditions. The parameters considered are authentication time, reauthentication time, packet loss during reauthentication and the time taken by 4-way handshake at various speeds of mobile node. The results show that the largest delay is introduced by the most secure authentication protocols called tunneled authentication protocols. It was also observed that the mobility of the mobile node increases the authentication delay and the time taken by the 4-way handshake.

Automatic proxy device configuration

Abstract: A traffic management device (TMD), system, and processor-readable storage medium directed towards automatically configuring an AAA proxy device (also referred to herein as “the proxy”) to load-balance AAA request messages across a plurality of AAA server devices. In one embodiment the proxy receives an AAA handshake message from an AAA client device. The proxy forwards the handshake message to each of the plurality of server devices and, in reply, receives an AAA handshake response message from each of the plurality of server devices. The proxy extracts attributes from each of the handshake response messages and automatically configures itself based on the extracted attributes. The proxy then load-balances, modifies and/or routes subsequently received AAA request messages based on the extracted attributes.

Platform and method for two-way identification recognition and information interaction based on SPI structural models

Abstract: The invention discloses a platform and a method for two-way identification recognition and information interaction based on an SPI communication structural model. The platform comprises a plurality of PIC single-chip microcomputers. The two-way identification recognition and information interaction platform is based on the SPI structural model, and comprises an output data wire SDO, an input data wire SDI, a timing line SCK and a public handshake signal line RC0 with a pull-down resistor R1. As the method introduces the public handshake signal line RC0 connected with the pull-down resistor between a master single-chip microcomputer and a slave single-chip microcomputer, each single-chip microcomputer to move only needs to pull up the public handshake signal line RC0, and then all the other single-chip microcomputers can detect a signal, thus bus-mode communication can be realized. The invention is based on the structural model of SPI communication, effectively transmits data, sends/receives identification recognition in an SPI timing state, and realizes a master-slave controllable directional data transmission platform among single-chip microcomputer systems through two-way data interchange.

Cyber-physical handshake

Abstract: While sensor-enabled devices have greatly enriched human interactions in our daily life, discovering the essential knowledge behind sensing data is a critical issue to connect the cyber world and t...

System for data loss prevention handshake between computing systems

Abstract: A method and apparatus for determining whether a second computing system meets a minimum level of protection for a DLP policy of a first computing system are described. A DLP agent may monitor outbound data transfers performed by the first computing system, and determines a violation of a DLP policy in a current one of the outbound data transfers to a second computing system. The DLP agent initiates a handshake protocol with the second computing system to determine whether the second computing system meets a minimum protection level for the DLP policy. If the second computing system does not meet the minimum protection level for the DLP policy, the DLP agent prevents the current data transfer to the second computing system; otherwise, the DLP agent permits the current data transfer.

Enhanced 3-way handshake protocol for key exchange in IEEE 802. 11i

Abstract: Authentication and key exchange is a challenging area in wireless networks. The authentication process of IEEE 802.1U is using the standards of IEEE 802.1X for authentication; and for key management and distribution, 4-way handshake protocol is used. Due to various design flaws, 4-way handshake is incapable in providing the security and performance. In this paper, we propose a new technique for key exchange which is able to provide an enhance security in comparison with 4-way handshake protocol. This enhanced technique called, 3-way handshake, is able to provide security against DoS attacks, dictionary attacks, replay attacks and passive attacks. In this technique 3 messages are exchanged for generating the pairwise transient key (PTK). Those messages are encrypted using two keys. The proposed model has been verified analytically and shows that not only security but also better performance can be achieved using this model. Moreover, this technique can reduce the communication, computation and memory overheads.

Power communication method and system based on MODBUS TCP/IP (Transmission Control Protocol/ Internet Protocol)

Abstract: The embodiment of the invention discloses a power communication method and system based on MODBUS TCP/IP (Transmission Control Protocol/ Internet Protocol). A slave station stores system state information into a corresponding information address field according to an order sent by a master station; the master station reads a corresponding response state identification site corresponding to the order in a target slave station handshake register within the polling period of each switching value and analog quantity; and when the response state identification site is 1, reading the system state information. The state of power communication equipment in the handshake register is read in real time by the opportunity of the period polling switching value and the analog quantity of the master station, thereby achieving the purpose of reporting real-time state to the master station from the slave station. Therefore, the invention has the advantages of high communication efficiency and simple networking form, and the technical defects of complex network framework and high software and hardware resource consumption in the prior art can be overcome.

In-band detection mechanism for detecting intermediate layer in a storage I/O driver stack

Abstract: A system shares encryption-related metadata between layers of a storage I/O stack. Additionally, a detection mechanism ensures that certain layers within the storage I/O stack are present and cooperate with a particular protocol. Along these lines, functional components engage in an in-band communications protocol, such as a data encryption key (DEK) management protocol. The in-band communications protocol employs protocol commands and responses carried along the data path as contents of in-band transport messages and responses, such as special SCSI read commands and their responses. The protocol commands and responses include a handshake command and a handshake response used during an initial handshake operation. Each protocol command and response has a protocol signature field carrying one of distinct first and second signature values which are used to identify the presence of the protocol command or response in the transport messages and responses at different locations along the data path.

A timer-based intelligent flooding scheme for VANETs

Abstract: A number of timer-based intelligent flooding schemes have been recently proposed to optimize message dissemination in Vehicular Ad-hoc NETworks. Unfortunately, most of them are not able to completely avoid useless copies of the message to be broadcast. Moreover, some schemes determine when the message has to be rebroadcast, thus thwarting the application in processing it. The use of a Medium Access Control (MAC) layer control packet handshake allows mitigating the issues above, but it could lead to an unacceptable overhead and to a high probability of dissemination interruption. The proposed Data-Ack Scheme (DAS) allows to reduce the overhead by exploiting only one control packet and makes the dissemination interruption most unlikely. By simulation, DAS performance has been compared with that obtained when either a MAC layer handshake-based scheme or a scheme which does not provide the use of control packets is adopted. Simulation results have shown that DAS performs better in those scenarios in which the Message Delivery Ratio values are not critical.

Secret handshake scheme with request-based-revealing

Abstract: Secret handshake (SH) schemes enable two members who belong to the same group to authenticate each other in a way that hides their affiliation to that group from all others. In previous works, the group authority (GA) has the ability to reveal the identity (ID) of a handshake player who belongs to his group. In this paper, we focus first on the classification of traceability of GA. We classify this feature as follows: (i) GA of G is able to reveal IDs of members belonging to G by using a transcript of a handshake protocol; (ii) GA of G is able to confirm whether handshake players belong to G or not by using a transcript of a handshake protocol. In some situations, only the latter capability is needed. So, we consider a SH that GA has only an ability to confirm whether a handshake player belongs to his own group without revealing his ID. Thus, we introduce a SH scheme with request-based-revealing (SHRBR). In SHRBR, GA can check whether handshake players belong to the own group without revealing a member ID. After a handshake player A executes a handshake protocol with B , if A wants to reveal a handshake partner (in this case B ), A requests GA to reveal a handshake partner's ID by bringing forth his own ID and secret information. We define the security requirements for SHRBR and propose a concrete SHRBR in the random oracle model.

Formal validation of the security properties of AMT's three-way handshake

Abstract: AMT (Automatic IP Multicast without explicit Tunnels) is a specification that has been developed by the Internet Engineering Task Force to address the lack of multicast communication among isolated multicast-enabled sites or hosts, attached to a network with no local multicast support. AMT is designed to provide a mechanism for a migration path to a fully multicast-enabled backbone in the future. As part of a larger project using AMT to extend the reach of multicast sessions, we have performed formal validation of the three-way handshake process between an AMT gateway and its coupled AMT relay by modeling it using the AVISPA tools (Automated Validation of Internet Security Protocols and Applications). We have identified two security problems where an intruder can impersonate an AMT Relay or an AMT Gateway. Furthermore, an intruder can make use of this impersonation to disconnect valid sessions of other legitimate participants.

Prevention of 4-way handshake blocking in IEEE 802.1 li by an statistical method and changing Message3

Abstract: This paper focuses on IEEE 802.1U that is the last released security standard for WLAN and tries to resolve bugs of previous security standards in wireless networks, but it is vulnerable against some DOS (Denial of Service) attacks. One of the attacks that is considered in this paper happens in the last phase of the authentication process called 4-way handshake blocking. In this paper, in order to prevent the DOS attack we propose two solutions; first one is a new statistical method against abnormally increase of Message1 and another solution changes Message3- one of the messages in 4-way handshake phase-. We use C#.Net 2010 programming Language to implement 802.1U platform and then solutions and final results will be compared together.

A KRC encryption solution protecting IEEE 802.11I 4-way handshake from DoS attacks

Abstract: IEEE Std 802.11i [1] has specified the security functionality of wireless local area networks (WLANs). However, two types of DoS attacks have been disclosed which could block the 4-way handshake procedure [2]. Some improvements over them have been investigated. But all of them have obvious drawbacks. In this paper, we address the security issue in WLANs and analyze the operations of the 4-way handshake protocol. Based on the insight of the protocol and the existing potential vulnerabilities under the DoS attacks, we propose an enhancement solution to protect the protocol from DoS attacks. Compared with other existing works, our solution is more effective and efficient. Colored Petri Nets (CPN) has been employed to formally verify our solution.