With the increasing use of extensive IT systems for sensitive or safety-critical applications, the matter of IT security is becoming more important. In order to be able to make sensible decisions about security there is a need for measures and metrics for computer security. There currently exist no established methods to assess the security of [...]
Flexible Certificate Management for Secure HTTPS Client/Server Communication
Certificate management is a crucial element in PKI implementations, which includes certificate generation, distribution, storage, and revocation. Most of the existing research has been focusing on the security aspect or the functionality and the structure of certificate management systems. Very little has looked at the actual user requirements for the system and how users can [...]
RFID security in door locks
Radio frequency identification, RFID is a technology that is used in many fields including locks. The unlimited access to the reader and the transponder has resulted in severe security weaknesses and made it possible to apply different attacks. To classify door locks as secure they must at least fulfil two main criteria: the first is [...]
Design and Implementation of the Ephemerizer System
Keeping data accessible for at most a finite period of time is an important and difficult problem to solve. Let us consider the scenario where a company is electing its president. According to their rules, the ballots should be readable for at most three months after the election. We are dealing with the problem to [...]