SecDocker: Hardening the Continuous Integration Workflow

Current Continuous Integration (CI) processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the CI pipeline itself. This paper presents an overview of current security issues in CI workflow. It designs, develops, and deploys a new tool for the secure deployment of a container-based CI pipeline flow without slowing down release cycles. The tool, called SecDocker for its Docker-based approach, is publicly available in GitHub. It implements a transparent application firewall based on a configuration mechanism avoiding issues in the CI workflow associated with intended or unintended container configurations. Integrated with other DevOps Engineers tools, it provides feedback from only those scenarios that match specific patterns, addressing future container security issues.

Realization of a cryptographic algorithm in FPGA based on an authentication protocol for RFID smart tags

Radio Frequency Identification (RFID)is expected to become pervasive and ubiquitous, as it can be embedded into everyday items as smart labels. A typical scenario of exploiting RFID is Electronic container seal (E-seal) in container security. Since RFID systems are proposed to be used in such high security applications, cryptographic authentication is necessary to protect the privacy and security of the RFID system itself. In this project, AES128 cryptographic algorithm based on the new approach of authentication protocol was implemented on FPGA environment. A two-way challenge-response authentication scheme is used due to the limited computing power, low die-size, and low-power requirements. The hardware implementation of the algorithm on FPGA provides acceleration and fast prototyping. The positive results in low silicon area ascertain that the authentication algorithm can be implemented in a small RFID tag for more secure system.

Realization of a cryptographic algorithm in FPGA based on an authentication protocol for RFID smart tags

Radio Frequency Identification (RFID)is expected to become pervasive and ubiquitous, as it can be embedded into everyday items as smart labels. A typical scenario of exploiting RFID is Electronic container seal (E-seal) in container security. Since RFID systems are proposed to be used in such high security applications, cryptographic authentication is necessary to protect the privacy and security of the RFID system itself. In this project, AES128 cryptographic algorithm based on the new approach of authentication protocol was implemented on FPGA environment. A two-way challenge-response authentication scheme is used due to the limited computing power, low die-size, and low-power requirements. The hardware implementation of the algorithm on FPGA provides acceleration and fast prototyping. The positive results in low silicon area ascertain that the authentication algorithm can be implemented in a small RFID tag for more secure system.