參考文獻 |
[1] D. Spence, J. Vollbrecht, L. Gommans, G. Gross and C. de Laat. Generic AAA Architecture. August, 2000. Available: http://www.ietf.org/rfc/rfc2903.txt.
[2] H. Kalodner, M. Carlsten, P. Ellenbogen, J. Bonneau and A. Narayanan. "An empirical study of namecoin and lessons for decentralized namespace design," presented at the 2015 Workshop of the Economics of Information Security, BM Delft, Nederland, 2015.
[3] V. V. S. S. S. Balaram, "Cloud computing authentication techniques: A survey," presented at the 2017 International Journal of Scientific Engineering and Technology Research, vol. 6, no. 3, pp. 458-464, January 2017.
[4] ZDNet. (2016). These were the biggest hacks, leaks and data breaches of 2016. Available: http://www.zdnet.com/pictures/biggest-hacks-security-data-breaches-2016/7/.
[5] G. Greenwald and E. MacAskill. Nsa prism program taps in to user data of apple, google and others. June 2013. Available: https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data.
[6] A. C. Weaver, "Biometric authentication," in Computer, vol. 39, no. 2, pp. 96-97, February 2006.
[7] A. L. Marcon, A. O. Santin, M. Stihler and J. Bachtold, "A (rmuconABC ) resilient authorization evaluation for cloud computing," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 2, pp. 457-467, February 2014.
[8] T. Seals. Massive brute-force attack on alibaba affects millions. February 2016. Available: https://www.infosecurity-magazine.com/news/massive-bruteforce-attack-on/.
[9] D. Hakobyan, "Authentication and authorization systems in cloud environments," KTH School of Information and Communication Technology, Master’s thesis, 2012.
[10] W. D. Chadwick and K. Fatema, "A privacy preserving authorisa- tion system for the cloud," Journal of Computer and System Sciences, vol. 78, no. 5, pp. 1359 -1373, 2012.
[11] M. Verna. XML Security: Control information access with XACML.October 2014. Available: https://www.ibm.com/developerworks/xml/library/x-xacml/.
[12] E. Rissanen. eXtensible Access Control Markup Language (XACML) Version 3.0. Technical report. January 2013. Available: http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html.
[13] D. Hardt and Ed.. The oauth 2.0 authorization framework. Rfc 6749. October 2012. Available: https://tools.ietf.org/html/rfc6749.
[14] M. Nouriddine and R. Bashroush, "A performance optimization model towards oauth 2.0 adoption in the enterprise," in Proceedings of the 7th International Conference on Global Security, Safety & Sustainability , 2011.
[15] B. Leiba, "Oauth web authorization protocol," IEEE Internet Computing, vol. 16, no. 1, pp. 74-77, January 2012.
[16] T. Chou, "Security threats on cloud computing vulnerabilities," International Journal of Computer Science & Information Technology, vol. 5, no. 3, pp. 79, June 2013.
[17] A. Aich and A. Sen, "Study on cloud security risk and remedy," International Journal of Grid Distribution Computing, vol. 8, no. 2, pp. 155-166, 2015.
[18] Net losses. Estimating the global cost of cybercrime. June 2014. Available: https://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf.
[19] P. Ducklin. Github hit by massive password guessing attack. June 2016. Available: https://nakedsecurity.sophos.com/2016/06/16/github-hit-by-massive-password-guessing-attack/.
[20] L. Shin. Hackers are hijacking phone numbers and breaking into email, bank accounts: How to protect yourself. December 2016. Available: https://www.forbes.com/sites/laurashin/2016/12/21/hackers-are-hijacking-phone-numbers-and-breaking-into-email-and-bank-accounts-how-to-protect-yourself/.
[21] N. Woolf. DDos attack that disrupted internet was largest of its kind in history. October 2016. Available: https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet.
[22] OWASP. (2015). Man-in-the-middle attack. August 2015. Available: https://www.owasp.org/index.php/Man-in-the-middle_attack.
[23] R. Yang, W. C. Lau and T. Liu. Signing into one billion mobile app accounts effortlessly with oauth2.0. Technical report. 2016. Available: https://www.blackhat.com/docs/eu-16/materials/eu-16-Yang-Signing-Into-Billion-Mobile-Apps-Effortlessly-With-OAuth20-wp.pdf.
[24] S. Thielman. Yahoo hack: 1bn accounts compromised by biggest data breach in history. December 2016. Available: https://www.theguardian.com/technology/2016/dec/14/yahoo-hack-security-of-one-billion-accounts-breached.
[25] S. Perez. 117 million linkedin emails and passwords from a 2012 hack just got posted online. May 2016. Available: https://techcrunch.com/2016/05/18/117-million-linkedin-emails-and-passwords-from-a-2012-hack-just-got-posted-online/.
[26] P. Mutton. Wikileaks.org taken down by us dns provider, December 2010. Available: https://news.netcraft.com/archives/2010/12/03/wikileaks-org-taken-down-by-us-dns-provider.html.
[27] V. Buterin. Ethereum: A next-generation smart contract and decentralized application platform. Technical report. 2013. Available: https://github.com/ethereum/wiki/wiki/White-Paper.
[28] A. Narayanan, J. Bonneau, E. Felten, A. Miller and S. Goldfeder. Bitcoin and Cryptocurrency Technologies. Princeton University Press. Feburary 2016.
[29] Crypto-currencies statistics. Available: https://bitinfocharts.com/
[30] G. Wood. Solidity. Available: https://github.com/ethereum/wiki/wiki/The-Solidity-Programming-Language.
[31] J. Krug. Serpent. Available: https://github.com/ethereum/wiki/wiki/Serpent.
[32] Ethereum wallet and mist. Available: https://github.com/ethereum/mist/.
[33] Application programming interface. Available: https://en.wikipedia.org/wiki/Application_programming_interface.
[34] Google Authenticator. Available: https://en.wikipedia.org/wiki/Google_Authenticator.
|