WorldWideScience

Sample records for identity authentication based

  1. Identity-Based Authentication for Cloud Computing

    Science.gov (United States)

    Li, Hongwei; Dai, Yuanshun; Tian, Ling; Yang, Haomiao

    Cloud computing is a recently developed new technology for complex systems with massive-scale services sharing among numerous users. Therefore, authentication of both users and services is a significant issue for the trust and security of the cloud computing. SSL Authentication Protocol (SAP), once applied in cloud computing, will become so complicated that users will undergo a heavily loaded point both in computation and communication. This paper, based on the identity-based hierarchical model for cloud computing (IBHMCC) and its corresponding encryption and signature schemes, presented a new identity-based authentication protocol for cloud computing and services. Through simulation testing, it is shown that the authentication protocol is more lightweight and efficient than SAP, specially the more lightweight user side. Such merit of our model with great scalability is very suited to the massive-scale cloud.

  2. A network identity authentication system based on Fingerprint identification technology

    Science.gov (United States)

    Xia, Hong-Bin; Xu, Wen-Bo; Liu, Yuan

    2005-10-01

    Fingerprint verification is one of the most reliable personal identification methods. However, most of the automatic fingerprint identification system (AFIS) is not run via Internet/Intranet environment to meet today's increasing Electric commerce requirements. This paper describes the design and implementation of the archetype system of identity authentication based on fingerprint biometrics technology, and the system can run via Internet environment. And in our system the COM and ASP technology are used to integrate Fingerprint technology with Web database technology, The Fingerprint image preprocessing algorithms are programmed into COM, which deployed on the internet information server. The system's design and structure are proposed, and the key points are discussed. The prototype system of identity authentication based on Fingerprint have been successfully tested and evaluated on our university's distant education applications in an internet environment.

  3. A Continuous Identity Authentication Scheme Based on Physiological and Behavioral Characteristics.

    Science.gov (United States)

    Wu, Guannan; Wang, Jian; Zhang, Yongrong; Jiang, Shuai

    2018-01-10

    Wearable devices have flourished over the past ten years providing great advantages to people and, recently, they have also been used for identity authentication. Most of the authentication methods adopt a one-time authentication manner which cannot provide continuous certification. To address this issue, we present a two-step authentication method based on an own-built fingertip sensor device which can capture motion data (e.g., acceleration and angular velocity) and physiological data (e.g., a photoplethysmography (PPG) signal) simultaneously. When the device is worn on the user's fingertip, it will automatically recognize whether the wearer is a legitimate user or not. More specifically, multisensor data is collected and analyzed to extract representative and intensive features. Then, human activity recognition is applied as the first step to enhance the practicability of the authentication system. After correctly discriminating the motion state, a one-class machine learning algorithm is applied for identity authentication as the second step. When a user wears the device, the authentication process is carried on automatically at set intervals. Analyses were conducted using data from 40 individuals across various operational scenarios. Extensive experiments were executed to examine the effectiveness of the proposed approach, which achieved an average accuracy rate of 98.5% and an F1-score of 86.67%. Our results suggest that the proposed scheme provides a feasible and practical solution for authentication.

  4. Economical multiparty simultaneous quantum identity authentication based on Greenberger–Horne–Zeilinger states

    International Nuclear Information System (INIS)

    Yu-Guang, Yang; Qiao-Yan, Wen

    2009-01-01

    A multiparty simultaneous quantum identity authentication protocol based on Greenberger–Horne–Zeilinger (GHZ) states is proposed. The multi-user can be authenticated by a trusted third party (TTP) simultaneously. Compared with the scheme proposed recently (Wang et al 2006 Chin. Phys. Lett. 23(9) 2360), the proposed scheme has the advantages of consuming fewer quantum and classical resources and lessening the difficulty and intensity of necessary operations. (general)

  5. Weaknesses of a dynamic identity based authentication protocol for multi-server architecture

    OpenAIRE

    Han, Weiwei

    2012-01-01

    Recently, Li et al. proposed a dynamic identity based authentication protocol for multi-server architecture. They claimed their protocol is secure and can withstand various attacks. But we found some security loopholes in the protocol. Accordingly, the current paper demonstrates that Li et al.'s protocol is vulnerable to the replay attack, the password guessing attack and the masquerade attack.

  6. A network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption

    Science.gov (United States)

    Zhu, Lijuan; Liu, Jingao

    2013-07-01

    This paper describes a network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption. This protocol can provide every bank user a safe and effective way to manage his own bank account, and also can effectively prevent the hacker attacks and bank clerk crime, so that it is absolute to guarantee the legitimate rights and interests of bank users.

  7. Optical identity authentication technique based on compressive ghost imaging with QR code

    Science.gov (United States)

    Wenjie, Zhan; Leihong, Zhang; Xi, Zeng; Yi, Kang

    2018-04-01

    With the rapid development of computer technology, information security has attracted more and more attention. It is not only related to the information and property security of individuals and enterprises, but also to the security and social stability of a country. Identity authentication is the first line of defense in information security. In authentication systems, response time and security are the most important factors. An optical authentication technology based on compressive ghost imaging with QR codes is proposed in this paper. The scheme can be authenticated with a small number of samples. Therefore, the response time of the algorithm is short. At the same time, the algorithm can resist certain noise attacks, so it offers good security.

  8. An efficient deterministic secure quantum communication scheme based on cluster states and identity authentication

    International Nuclear Information System (INIS)

    Wen-Jie, Liu; Han-Wu, Chen; Zhi-Qiang, Li; Zhi-Hao, Liu; Wen-Bo, Hu; Ting-Huai, Ma

    2009-01-01

    A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit two bits of classical information per cluster state, and its efficiency of the quantum communication is 1/3, which is approximately 1.67 times that of the previous protocol presented by Wang et al [Chin. Phys. Lett. 23 (2006) 2658]. Security analysis shows the present scheme is secure against intercept-resend attack and the impersonator's attack. Furthermore, it is more economic with present-day techniques and easily processed by a one-way quantum computer. (general)

  9. A dynamic identity based authentication scheme using chaotic maps for telecare medicine information systems.

    Science.gov (United States)

    Wang, Zhiheng; Huo, Zhanqiang; Shi, Wenbo

    2015-01-01

    With rapid development of computer technology and wide use of mobile devices, the telecare medicine information system has become universal in the field of medical care. To protect patients' privacy and medial data's security, many authentication schemes for the telecare medicine information system have been proposed. Due to its better performance, chaotic maps have been used in the design of authentication schemes for the telecare medicine information system. However, most of them cannot provide user's anonymity. Recently, Lin proposed a dynamic identity based authentication scheme using chaotic maps for the telecare medicine information system and claimed that their scheme was secure against existential active attacks. In this paper, we will demonstrate that their scheme cannot provide user anonymity and is vulnerable to the impersonation attack. Further, we propose an improved scheme to fix security flaws in Lin's scheme and demonstrate the proposed scheme could withstand various attacks.

  10. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2013-01-01

    In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

  11. A study on the integrity and authentication of weather observation data using Identity Based Encryption.

    Science.gov (United States)

    Seo, Jung Woo; Lee, Sang Jin

    2016-01-01

    Weather information provides a safe working environment by contributing to the economic activity of the nation, and plays role of the prevention of natural disasters, which can cause large scaled casualties and damage of property. Especially during times of war, weather information plays a more important role than strategy, tactics and information about trends of the enemy. Also, it plays an essential role for the taking off and landing of fighter jet and the sailing of warships. If weather information, which plays a major role in national security and economy, gets misused for cyber terrorism resulting false weather information, it could be a huge threat for national security and the economy. We propose a plan to safely transmit the measured value from meteorological sensors through a meteorological telecommunication network in order to guarantee the confidentiality and integrity of the data despite cyber-attacks. Also, such a plan allows one to produce reliable weather forecasts by performing mutual authentication through authentication devices. To make sure of this, one can apply an Identity Based Signature to ensure the integrity of measured data, and transmit the encrypted weather information with mutual authentication about the authentication devices. There are merits of this research: It is not necessary to manage authentication certificates unlike the Public Key Infrastructure methodology, and it provides a powerful security measure with the capability to be realized in a small scale computing environment, such as the meteorological observation system due to the low burden on managing keys.

  12. Quantum identity authentication based on ping-pong technique for photons

    Energy Technology Data Exchange (ETDEWEB)

    Zhang Zheshen [State Key Laboratory of Advanced Optical Communication Systems and Networks, Department of Electronic Engineering, Shanghai Jiao Tong University, Shanghai 200030 (China)]. E-mail: zheshenzhang@hotmail.com; Zeng Guihua [State Key Laboratory of Advanced Optical Communication Systems and Networks, Department of Electronic Engineering, Shanghai Jiao Tong University, Shanghai 200030 (China)]. E-mail: ghzeng@sjtu.edu.cn; Zhou Nanrun [Department of Electronics Information Engineering, Nanchang University, Nanchang 330029 (China); Xiong Jin [State Key Laboratory of Advanced Optical Communication Systems and Networks, Department of Electronic Engineering, Shanghai Jiao Tong University, Shanghai 200030 (China)

    2006-08-07

    To prevent active attack, an one-way quantum identity authentication scheme is proposed by employing mechanism of ping-pong protocol and property of quantum controlled-NOT gate. It can verify the user's identity as well as distribute an updated key as the authentication key. Analytical results show the proposed scheme is secure under general individual attack.

  13. Quantum identity authentication based on ping-pong technique for photons

    International Nuclear Information System (INIS)

    Zhang Zheshen; Zeng Guihua; Zhou Nanrun; Xiong Jin

    2006-01-01

    To prevent active attack, an one-way quantum identity authentication scheme is proposed by employing mechanism of ping-pong protocol and property of quantum controlled-NOT gate. It can verify the user's identity as well as distribute an updated key as the authentication key. Analytical results show the proposed scheme is secure under general individual attack

  14. Patients’ Data Management System Protected by Identity-Based Authentication and Key Exchange

    Directory of Open Access Journals (Sweden)

    Alexandra Rivero-García

    2017-03-01

    Full Text Available A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.

  15. Patients' Data Management System Protected by Identity-Based Authentication and Key Exchange.

    Science.gov (United States)

    Rivero-García, Alexandra; Santos-González, Iván; Hernández-Goya, Candelaria; Caballero-Gil, Pino; Yung, Moti

    2017-03-31

    A secure and distributed framework for the management of patients' information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients' data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.

  16. Patients’ Data Management System Protected by Identity-Based Authentication and Key Exchange

    Science.gov (United States)

    Rivero-García, Alexandra; Santos-González, Iván; Hernández-Goya, Candelaria; Caballero-Gil, Pino; Yung, Moti

    2017-01-01

    A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed. PMID:28362328

  17. A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

    Science.gov (United States)

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

    2016-11-01

    Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

  18. Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

    Directory of Open Access Journals (Sweden)

    Liping Zhang

    Full Text Available In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

  19. Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

    Science.gov (United States)

    Zhang, Liping; Tang, Shanyu; Luo, He

    2016-01-01

    In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

  20. A Composed Protocol of Quantum Identity Authentication Plus Quantum Key Distribution Based on Squeezed States

    International Nuclear Information System (INIS)

    Zhang Sheng; Wang Jian; Tang Chaojing; Zhang Quan

    2011-01-01

    It is established that a single quantum cryptography protocol usually cooperates with other cryptographic systems, such as an authentication system, in the real world. However, few protocols have been proposed on how to combine two or more quantum protocols. To fill this gap, we propose a composed quantum protocol, containing both quantum identity authentication and quantum key distribution, using squeezed states. Hence, not only the identity can be verified, but also a new private key can be generated by our new protocol. We also analyze the security under an optimal attack, and the efficiency, which is defined by the threshold of the tolerant error rate, using Gaussian error function. (general)

  1. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

  2. An Identity-Based Anti-Quantum Privacy-Preserving Blind Authentication in Wireless Sensor Networks.

    Science.gov (United States)

    Zhu, Hongfei; Tan, Yu-An; Zhu, Liehuang; Wang, Xianmin; Zhang, Quanxin; Li, Yuanzhang

    2018-05-22

    With the development of wireless sensor networks, IoT devices are crucial for the Smart City; these devices change people's lives such as e-payment and e-voting systems. However, in these two systems, the state-of-art authentication protocols based on traditional number theory cannot defeat a quantum computer attack. In order to protect user privacy and guarantee trustworthy of big data, we propose a new identity-based blind signature scheme based on number theorem research unit lattice, this scheme mainly uses a rejection sampling theorem instead of constructing a trapdoor. Meanwhile, this scheme does not depend on complex public key infrastructure and can resist quantum computer attack. Then we design an e-payment protocol using the proposed scheme. Furthermore, we prove our scheme is secure in the random oracle, and satisfies confidentiality, integrity, and non-repudiation. Finally, we demonstrate that the proposed scheme outperforms the other traditional existing identity-based blind signature schemes in signing speed and verification speed, outperforms the other lattice-based blind signature in signing speed, verification speed, and signing secret key size.

  3. An Identity-Based Anti-Quantum Privacy-Preserving Blind Authentication in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hongfei Zhu

    2018-05-01

    Full Text Available With the development of wireless sensor networks, IoT devices are crucial for the Smart City; these devices change people’s lives such as e-payment and e-voting systems. However, in these two systems, the state-of-art authentication protocols based on traditional number theory cannot defeat a quantum computer attack. In order to protect user privacy and guarantee trustworthy of big data, we propose a new identity-based blind signature scheme based on number theorem research unit lattice, this scheme mainly uses a rejection sampling theorem instead of constructing a trapdoor. Meanwhile, this scheme does not depend on complex public key infrastructure and can resist quantum computer attack. Then we design an e-payment protocol using the proposed scheme. Furthermore, we prove our scheme is secure in the random oracle, and satisfies confidentiality, integrity, and non-repudiation. Finally, we demonstrate that the proposed scheme outperforms the other traditional existing identity-based blind signature schemes in signing speed and verification speed, outperforms the other lattice-based blind signature in signing speed, verification speed, and signing secret key size.

  4. Confirming the diversity of the brain after normalization: an approach based on identity authentication.

    Directory of Open Access Journals (Sweden)

    Fanglin Chen

    Full Text Available During the development of neuroimaging, numerous analyses were performed to identify population differences, such as studies on age, gender, and diseases. Researchers first normalized the brain image and then identified features that represent key differences between groups. In these studies, the question of whether normalization (a pre-processing step widely used in neuroimaging studies reduces the diversity of brains was largely ignored. There are a few studies that identify the differences between individuals after normalization. In the current study, we analyzed brain diversity on an individual level, both qualitatively and quantitatively. The main idea was to utilize brain images for identity authentication. First, the brain images were normalized and registered. Then, a pixel-level matching method was developed to compute the identity difference between different images for matching. Finally, by analyzing the performance of the proposed brain recognition strategy, the individual differences in brain images were evaluated. Experimental results on a 150-subject database showed that the proposed approach could achieve a 100% identification ratio, which indicated distinct differences between individuals after normalization. Thus, the results proved that after the normalization stage, brain images retain their main distinguishing information and features. Based on this result, we suggest that diversity (individual differences should be considered when conducting group analysis, and that this approach may facilitate group pattern classification.

  5. Authentic feminist? Authenticity and feminist identity in teenage feminists' talk.

    Science.gov (United States)

    Calder-Dawe, Octavia; Gavey, Nicola

    2017-12-01

    This article explores how young people's feminist identities take shape in conjunction with a contemporary ideal of personal authenticity: to know and to express the 'real me'. Drawing from interviews with 18 teenagers living in Auckland, New Zealand, we examine a novel convergence of authenticity and feminism in participants' identity talk. For social psychologists interested in identity and politics, this convergence is intriguing: individualizing values such as authenticity are generally associated with disengagement with structural critique and with a repudiation of politicized and activist identities. Rather than seeking to categorize authentic feminism as an instance of either 'good/collective' or 'bad/individualized' feminist politics, we use discourse analysis to examine how the identity position of authentic feminist was constructed and to explore implications for feminist politics. On one hand, interviewees mobilized authentic feminism to affirm their commitment to normative liberal values of authenticity and self-expression. At the same time, the position of authentic feminist appeared to authorize risky feminist identifications and to justify counter-normative feelings, desires, and actions. To conclude, we explore how encountering others' intolerance of authentic feminism exposed interviewees to the limits of authenticity discourse, propelling some towards new understandings of the social world and their space for action within it. © 2017 The British Psychological Society.

  6. A novel authentication protocol based on biometric and identity-based cryptography

    OpenAIRE

    Aljeaid, D

    2015-01-01

    Recently, considerable attention has been devoted to distributed systems. It has become obvious that a high security level should be a fundamental prerequisite for organisations' processes, both in the commercial and public sectors. A crucial foundation for securing a network is the ability to reliably authenticate ommunication parties. However, these systems face some critical security risks and challenges when they attempt to stabilise between security, efficiency and functionality. Develop...

  7. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-01

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

  8. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-11

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

  9. A Mechanism for Identity Delegation at Authentication Level

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2009-01-01

    operating systems, by delegating privileges at the identity level. The complexity of classic delegation models, especially if it strictly fol- lows the principle of least privileges, often leads to poor usability which motivates a user to circumvent the default delegation mechanism. On the other hand......Authentication and access control are normally considered separate security concepts that have separate goals and are supported by separate security mechanisms. In most operating systems, however, access control is exclusively based on the identity of the requesting principal, e.g., an access...... control mechanism based on Access Control Lists simply verifies that the authenticated identity of the requesting principal is on the list of authorized users. In this paper we propose a delegation mechanism for nomadic users, which exploits the amalgamation of authentication and access control in most...

  10. Blind quantum computation with identity authentication

    Science.gov (United States)

    Li, Qin; Li, Zhulin; Chan, Wai Hong; Zhang, Shengyu; Liu, Chengdong

    2018-04-01

    Blind quantum computation (BQC) allows a client with relatively few quantum resources or poor quantum technologies to delegate his computational problem to a quantum server such that the client's input, output, and algorithm are kept private. However, all existing BQC protocols focus on correctness verification of quantum computation but neglect authentication of participants' identity which probably leads to man-in-the-middle attacks or denial-of-service attacks. In this work, we use quantum identification to overcome such two kinds of attack for BQC, which will be called QI-BQC. We propose two QI-BQC protocols based on a typical single-server BQC protocol and a double-server BQC protocol. The two protocols can ensure both data integrity and mutual identification between participants with the help of a third trusted party (TTP). In addition, an unjammable public channel between a client and a server which is indispensable in previous BQC protocols is unnecessary, although it is required between TTP and each participant at some instant. Furthermore, the method to achieve identity verification in the presented protocols is general and it can be applied to other similar BQC protocols.

  11. Make me authentic, but not here: Reflexive struggles with academic identity and authentic leadership

    OpenAIRE

    Tomkins, Leah; Nicholds, Alyson

    2017-01-01

    This article presents a reflexive auto-ethnography of the experience of teaching authentic leadership to MBA students. It traces parallels between the challenges of authentic leadership and the challenges of academic identity work, grounded specifically in the experience of having to teach something one does not fully endorse. Both authentic leadership and academic identity work emerge as struggle – riddled with false starts, best intentions and self-deception, and entwined in the politics of...

  12. Converse PUF-based authentication

    NARCIS (Netherlands)

    Kocabas, U.; Peter, Andreas; Katzenbeisser, S.; Sadeghi, A.

    Physically Unclonable Functions (PUFs) are key tools in the construction of lightweight authentication and key exchange protocols. So far, all existing PUF-based authentication protocols follow the same paradigm: A resource-constrained prover, holding a PUF, wants to authenticate to a resource-rich

  13. Cultivation of science identity through authentic science in an urban high school classroom

    Science.gov (United States)

    Chapman, Angela; Feldman, Allan

    2017-06-01

    This study examined how a contextually based authentic science experience affected the science identities of urban high school students who have been marginalized during their K-12 science education. We examined students' perceptions of the intervention as an authentic science experience, how the experience influenced their science identity, as well as their perceptions about who can do science. We found that the students believed the experience to be one of authentic science, that their science identity was positively influenced by participation in the experience, and that they demonstrated a shift in perceptions from stereotypical to more diverse views of scientists. Implications for science education are discussed.

  14. Password Authentication Based on Fractal Coding Scheme

    Directory of Open Access Journals (Sweden)

    Nadia M. G. Al-Saidi

    2012-01-01

    Full Text Available Password authentication is a mechanism used to authenticate user identity over insecure communication channel. In this paper, a new method to improve the security of password authentication is proposed. It is based on the compression capability of the fractal image coding to provide an authorized user a secure access to registration and login process. In the proposed scheme, a hashed password string is generated and encrypted to be captured together with the user identity using text to image mechanisms. The advantage of fractal image coding is to be used to securely send the compressed image data through a nonsecured communication channel to the server. The verification of client information with the database system is achieved in the server to authenticate the legal user. The encrypted hashed password in the decoded fractal image is recognized using optical character recognition. The authentication process is performed after a successful verification of the client identity by comparing the decrypted hashed password with those which was stored in the database system. The system is analyzed and discussed from the attacker’s viewpoint. A security comparison is performed to show that the proposed scheme provides an essential security requirement, while their efficiency makes it easier to be applied alone or in hybrid with other security methods. Computer simulation and statistical analysis are presented.

  15. Authenticity in Leadership: Intersectionality of Identities.

    Science.gov (United States)

    Jones, Susan R

    2016-12-01

    This chapter situates leadership and the process of becoming a leader within an understanding of identity, particularly intersecting social identities and intersectionality. © 2016 Wiley Periodicals, Inc., A Wiley Company.

  16. Constructing and enforcing "authentic" identity online: Facebook, real names, and non-normative identities

    OpenAIRE

    Haimson, Oliver L.; Hoffmann, Anna Lauren

    2016-01-01

    Despite the participatory and democratic promises of Web 2.0, many marginalized individuals with fluid or non-normative identities continue to struggle to represent themselves online. Facebook users, in particular, are told to use “authentic identities,” an idea reinforced throughout the site’s documentation, “real name” and other policies, and in public statements by company representatives. Facebook’s conception of authenticity and real names, however, has created problems for certain users...

  17. Network-based Fingerprint Authentication System Using a Mobile Device

    OpenAIRE

    Zhang, Qihu

    2016-01-01

    Abstract— Fingerprint-based user authentication is highly effective in networked services such as electronic payment, but conventional authentication solutions have problems in cost, usability and security. To resolve these problems, we propose a touch-less fingerprint authentication solution, in which a mobile device's built-in camera is used to capture fingerprint image, and then it is sent to the server to determine the identity of the user. We designed and implemented a prototype as an a...

  18. Quantum Dialogue with Authentication Based on Bell States

    Science.gov (United States)

    Shen, Dongsu; Ma, Wenping; Yin, Xunru; Li, Xiaoping

    2013-06-01

    We propose an authenticated quantum dialogue protocol, which is based on a shared private quantum entangled channel. In this protocol, the EPR pairs are randomly prepared in one of the four Bell states for communication. By performing four Pauli operations on the shared EPR pairs to encode their shared authentication key and secret message, two legitimate users can implement mutual identity authentication and quantum dialogue without the help from the third party authenticator. Furthermore, due to the EPR pairs which are used for secure communication are utilized to implement authentication and the whole authentication process is included in the direct secure communication process, it does not require additional particles to realize authentication in this protocol. The updated authentication key provides the counterparts with a new authentication key for the next authentication and direct communication. Compared with other secure communication with authentication protocols, this one is more secure and efficient owing to the combination of authentication and direct communication. Security analysis shows that it is secure against the eavesdropping attack, the impersonation attack and the man-in-the-middle (MITM) attack.

  19. Quantum Secure Direct Communication Based on Authentication

    International Nuclear Information System (INIS)

    Min-Jie, Wang; Wei, Pan

    2008-01-01

    We propose two schemes of quantum secure direct communication (QSDC) combined ideas of user authentication [Phys. Rev. A 73 (2006) 042305] and direct communication with dense coding [Phys. Rev. A. 68 (2003) 042317]. In these protocols, the privacy of authentication keys and the properties of the EPR pairs not only ensure the realization of identity authentication but also further improve the security of communication, and no secret messages are leaked even if the messages were broken. (general)

  20. Using medical history embedded in biometrics medical card for user identity authentication: privacy preserving authentication model by features matching.

    Science.gov (United States)

    Fong, Simon; Zhuang, Yan

    2012-01-01

    Many forms of biometrics have been proposed and studied for biometrics authentication. Recently researchers are looking into longitudinal pattern matching that based on more than just a singular biometrics; data from user's activities are used to characterise the identity of a user. In this paper we advocate a novel type of authentication by using a user's medical history which can be electronically stored in a biometric security card. This is a sequel paper from our previous work about defining abstract format of medical data to be queried and tested upon authentication. The challenge to overcome is preserving the user's privacy by choosing only the useful features from the medical data for use in authentication. The features should contain less sensitive elements and they are implicitly related to the target illness. Therefore exchanging questions and answers about a few carefully chosen features in an open channel would not easily or directly expose the illness, but yet it can verify by inference whether the user has a record of it stored in his smart card. The design of a privacy preserving model by backward inference is introduced in this paper. Some live medical data are used in experiments for validation and demonstration.

  1. Using Medical History Embedded in Biometrics Medical Card for User Identity Authentication: Privacy Preserving Authentication Model by Features Matching

    Directory of Open Access Journals (Sweden)

    Simon Fong

    2012-01-01

    Full Text Available Many forms of biometrics have been proposed and studied for biometrics authentication. Recently researchers are looking into longitudinal pattern matching that based on more than just a singular biometrics; data from user’s activities are used to characterise the identity of a user. In this paper we advocate a novel type of authentication by using a user’s medical history which can be electronically stored in a biometric security card. This is a sequel paper from our previous work about defining abstract format of medical data to be queried and tested upon authentication. The challenge to overcome is preserving the user’s privacy by choosing only the useful features from the medical data for use in authentication. The features should contain less sensitive elements and they are implicitly related to the target illness. Therefore exchanging questions and answers about a few carefully chosen features in an open channel would not easily or directly expose the illness, but yet it can verify by inference whether the user has a record of it stored in his smart card. The design of a privacy preserving model by backward inference is introduced in this paper. Some live medical data are used in experiments for validation and demonstration.

  2. Authentication Test-Based the RFID Authentication Protocol with Security Analysis

    Directory of Open Access Journals (Sweden)

    Minghui Wang

    2014-08-01

    Full Text Available To the problem of many recently proposed RFID authentication protocol was soon find security holes, we analyzed the main reason, which is that protocol design is not rigorous, and the correctness of the protocol cannot be guaranteed. To this end, authentication test method was adopted in the process of the formal analysis and strict proof to the proposed RFID protocol in this paper. Authentication Test is a new type of analysis and design method of security protocols based on Strand space model, and it can be used for most types of the security protocols. After analysis the security, the proposed protocol can meet the RFID security demand: information confidentiality, data integrity and identity authentication.

  3. Physical trust-based persistent authentication

    DEFF Research Database (Denmark)

    Fujita, Masahiro; Jensen, Christian D.; Arimura, Shiori

    2015-01-01

    propose a new type of persistent authentication, called Persistent Authentication Based On physical Trust (PABOT). PABOT uses a context of “physical trust relationship” that is built by visual contact between users, and thus can offer a persistent authentication mechanism with better usability and higher...

  4. State Authenticity as Fit to Environment: The Implications of Social Identity for Fit, Authenticity, and Self-Segregation.

    Science.gov (United States)

    Schmader, Toni; Sedikides, Constantine

    2017-10-01

    People seek out situations that "fit," but the concept of fit is not well understood. We introduce State Authenticity as Fit to the Environment (SAFE), a conceptual framework for understanding how social identities motivate the situations that people approach or avoid. Drawing from but expanding the authenticity literature, we first outline three types of person-environment fit: self-concept fit, goal fit, and social fit. Each type of fit, we argue, facilitates cognitive fluency, motivational fluency, and social fluency that promote state authenticity and drive approach or avoidance behaviors. Using this model, we assert that contexts subtly signal social identities in ways that implicate each type of fit, eliciting state authenticity for advantaged groups but state inauthenticity for disadvantaged groups. Given that people strive to be authentic, these processes cascade down to self-segregation among social groups, reinforcing social inequalities. We conclude by mapping out directions for research on relevant mechanisms and boundary conditions.

  5. Accurate determination of genetic identity for a single cacao bean, using molecular markers with a nanofluidic system, ensures cocoa authentication.

    Science.gov (United States)

    Fang, Wanping; Meinhardt, Lyndel W; Mischke, Sue; Bellato, Cláudia M; Motilal, Lambert; Zhang, Dapeng

    2014-01-15

    Cacao (Theobroma cacao L.), the source of cocoa, is an economically important tropical crop. One problem with the premium cacao market is contamination with off-types adulterating raw premium material. Accurate determination of the genetic identity of single cacao beans is essential for ensuring cocoa authentication. Using nanofluidic single nucleotide polymorphism (SNP) genotyping with 48 SNP markers, we generated SNP fingerprints for small quantities of DNA extracted from the seed coat of single cacao beans. On the basis of the SNP profiles, we identified an assumed adulterant variety, which was unambiguously distinguished from the authentic beans by multilocus matching. Assignment tests based on both Bayesian clustering analysis and allele frequency clearly separated all 30 authentic samples from the non-authentic samples. Distance-based principle coordinate analysis further supported these results. The nanofluidic SNP protocol, together with forensic statistical tools, is sufficiently robust to establish authentication and to verify gourmet cacao varieties. This method shows significant potential for practical application.

  6. DEVELOPMENT OF A COMPUTER SYSTEM FOR IDENTITY AUTHENTICATION USING ARTIFICIAL NEURAL NETWORKS

    Directory of Open Access Journals (Sweden)

    Timur Kartbayev

    2017-03-01

    Full Text Available The aim of the study is to increase the effectiveness of automated face recognition to authenticate identity, considering features of change of the face parameters over time. The improvement of the recognition accuracy, as well as consideration of the features of temporal changes in a human face can be based on the methodology of artificial neural networks. Hybrid neural networks, combining the advantages of classical neural networks and fuzzy logic systems, allow using the network learnability along with the explanation of the findings. The structural scheme of intelligent system for identification based on artificial neural networks is proposed in this work. It realizes the principles of digital information processing and identity recognition taking into account the forecast of key characteristics’ changes over time (e.g., due to aging. The structural scheme has a three-tier architecture and implements preliminary processing, recognition and identification of images obtained as a result of monitoring. On the basis of expert knowledge, the fuzzy base of products is designed. It allows assessing possible changes in key characteristics, used to authenticate identity based on the image. To take this possibility into consideration, a neuro-fuzzy network of ANFIS type was used, which implements the algorithm of Tagaki-Sugeno. The conducted experiments showed high efficiency of the developed neural network and a low value of learning errors, which allows recommending this approach for practical implementation. Application of the developed system of fuzzy production rules that allow predicting changes in individuals over time, will improve the recognition accuracy, reduce the number of authentication failures and improve the efficiency of information processing and decision-making in applications, such as authentication of bank customers, users of mobile applications, or in video monitoring systems of sensitive sites.

  7. A Data-origin Authentication Protocol Based on ONOS Cluster

    Directory of Open Access Journals (Sweden)

    Qin Hua

    2016-01-01

    Full Text Available This paper is aim to propose a data-origin authentication protocol based on ONOS cluster. ONOS is a SDN controller which can work under a distributed environment. However, the security of an ONOS cluster is seldom considered, and the communication in an ONOS cluster may suffer from lots of security threats. In this paper, we used a two-tier self-renewable hash chain for identity authentication and data-origin authentication. We analyse the security and overhead of our proposal and made a comparison with current security measure. It showed that with the help of our proposal, communication in an ONOS cluster could be protected from identity forging, replay attacks, data tampering, MITM attacks and repudiation, also the computational overhead would decrease apparently.

  8. User Authentication based on Continuous Touch Biometrics

    Directory of Open Access Journals (Sweden)

    Christina J Kroeze

    2016-12-01

    Full Text Available Mobile devices such as smartphones have until now been protected by traditional authentication methods, including passwords or pattern locks. These authentication mechanisms are difficult to remember and are often disabled, leaving the device vulnerable if stolen. This paper investigates the possibility of unobtrusive, continuous authentication for smartphones based on biometric data collected using a touchscreen. The possibility of authenticating users on a smartphone was evaluated by conducting an experiment simulating real-world touch interaction. Touch data was collected from 30 participants during normal phone use. The touch features were analysed in terms of the information provided for authentication. It was found that features such as finger pressure, location of touch interaction and shape of the finger were important discriminators for authentication. The touch data was also analysed using two classification algorithms to measure the authentication accuracy. The results show that touch data is sufficiently distinct between users to be used in authentication without disrupting normal touch interaction. It is also shown that the raw touch data was more effective in authentication than the aggregated gesture data.

  9. Enhanced ATM Security using Biometric Authentication and Wavelet Based AES

    Directory of Open Access Journals (Sweden)

    Sreedharan Ajish

    2016-01-01

    Full Text Available The traditional ATM terminal customer recognition systems rely only on bank cards, passwords and such identity verification methods are not perfect and functions are too single. Biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. This paper presents a highly secured ATM banking system using biometric authentication and wavelet based Advanced Encryption Standard (AES algorithm. Two levels of security are provided in this proposed design. Firstly we consider the security level at the client side by providing biometric authentication scheme along with a password of 4-digit long. Biometric authentication is achieved by considering the fingerprint image of the client. Secondly we ensure a secured communication link between the client machine to the bank server using an optimized energy efficient and wavelet based AES processor. The fingerprint image is the data for encryption process and 4-digit long password is the symmetric key for the encryption process. The performance of ATM machine depends on ultra-high-speed encryption, very low power consumption, and algorithmic integrity. To get a low power consuming and ultra-high speed encryption at the ATM machine, an optimized and wavelet based AES algorithm is proposed. In this system biometric and cryptography techniques are used together for personal identity authentication to improve the security level. The design of the wavelet based AES processor is simulated and the design of the energy efficient AES processor is simulated in Quartus-II software. Simulation results ensure its proper functionality. A comparison among other research works proves its superiority.

  10. Image content authentication based on channel coding

    Science.gov (United States)

    Zhang, Fan; Xu, Lei

    2008-03-01

    The content authentication determines whether an image has been tampered or not, and if necessary, locate malicious alterations made on the image. Authentication on a still image or a video are motivated by recipient's interest, and its principle is that a receiver must be able to identify the source of this document reliably. Several techniques and concepts based on data hiding or steganography designed as a means for the image authentication. This paper presents a color image authentication algorithm based on convolution coding. The high bits of color digital image are coded by the convolution codes for the tamper detection and localization. The authentication messages are hidden in the low bits of image in order to keep the invisibility of authentication. All communications channels are subject to errors introduced because of additive Gaussian noise in their environment. Data perturbations cannot be eliminated but their effect can be minimized by the use of Forward Error Correction (FEC) techniques in the transmitted data stream and decoders in the receiving system that detect and correct bits in error. This paper presents a color image authentication algorithm based on convolution coding. The message of each pixel is convolution encoded with the encoder. After the process of parity check and block interleaving, the redundant bits are embedded in the image offset. The tamper can be detected and restored need not accessing the original image.

  11. Optical authentication based on moiré effect of nonlinear gratings in phase space

    International Nuclear Information System (INIS)

    Liao, Meihua; He, Wenqi; Wu, Jiachen; Lu, Dajiang; Liu, Xiaoli; Peng, Xiang

    2015-01-01

    An optical authentication scheme based on the moiré effect of nonlinear gratings in phase space is proposed. According to the phase function relationship of the moiré effect in phase space, an arbitrary authentication image can be encoded into two nonlinear gratings which serve as the authentication lock (AL) and the authentication key (AK). The AL is stored in the authentication system while the AK is assigned to the authorized user. The authentication procedure can be performed using an optoelectronic approach, while the design process is accomplished by a digital approach. Furthermore, this optical authentication scheme can be extended for multiple users with different security levels. The proposed scheme can not only verify the legality of a user identity, but can also discriminate and control the security levels of legal users. Theoretical analysis and simulation experiments are provided to verify the feasibility and effectiveness of the proposed scheme. (paper)

  12. Facelock: familiarity-based graphical authentication.

    Science.gov (United States)

    Jenkins, Rob; McLachlan, Jane L; Renaud, Karen

    2014-01-01

    Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised 'facelock', in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems.

  13. Signature-based User Authentication

    OpenAIRE

    Hámorník, Juraj

    2015-01-01

    This work aims on missing handwritten signature authentication in Windows. Result of this work is standalone software that allow users to log into Windows by writing signature. We focus on security of signature authentification and best overall user experience. We implemented signature authentification service that accept signature and return user access token if signature is genuine. Signature authentification is done by comparing given signature to signature patterns by their similarity. Si...

  14. Music in advertising and consumer identity: The search for Heideggerian authenticity

    OpenAIRE

    Abolhasani, Morteza; Oakes, Steve; Oakes, Helen

    2017-01-01

    This study discusses netnographic findings involving 472 YouTube postings categorized to identify themes regarding consumers’ experience of music in advertisements. Key themes relate to musical taste, musical indexicality, musical repetition and musical authenticity. Postings reveal how music conveys individual taste and is linked to personal memories and Heidegger’s coincidental time where moments of authenticity may be triggered in a melee of emotions, memories and projections. Identity pro...

  15. Provably Secure Password-based Authentication in TLS

    Energy Technology Data Exchange (ETDEWEB)

    Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier; Moeller,Bodo; Pointcheval, David

    2005-12-20

    In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.

  16. Facelock: familiarity-based graphical authentication

    Directory of Open Access Journals (Sweden)

    Rob Jenkins

    2014-06-01

    Full Text Available Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised ‘facelock’, in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate, even after a one-year delay (86.1% success rate. Zero-acquaintance attackers were reduced to guessing (<1% success rate. Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate. In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate. Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems.

  17. In Pursuit of Islamic "Authenticity": Localizing Muslim Identity on China's Peripheries

    Directory of Open Access Journals (Sweden)

    Lesley Turnbull

    2014-09-01

    Full Text Available In this ethnographic sketch, I analyze the complex processes of Sino-Islamic identity formation by examining the variety and diversity of locally produced “authenticity,” situated within a global understanding of Islam. Even within a single province, among a single official minzu (nationality that People’s Republic of China propaganda, media, and scholarship often construct as a unified, static group, localized practices and processes of identity formation are remarkably diverse. This article investigates how trans/national discourses and practices of Islamic authenticity are localized within two specific field sites: the provincial capital of Kunming and the rural Muslim enclave of Shadian. For the purposes of this article, I focus primarily on how life is temporally and spatially structured, both in everyday practice and in imaginings of one’s place in history, modernity, the Muslim world, and the Chinese state. By setting out details of the daily lives of two Hui Muslim women, I aim to elucidate how temporal and spatial structures of life, which are tied to urban or rural location, reflect and shape local identity formation. I argue that as actors involved in their own self-production, Hui Muslims in Kunming and Shadian negotiated, appropriated, and contested both monolithic notions of Islam and the official state-propagated minzu classificatory system, producing their own versions of authentic Hui Muslim identities. What constituted authentic Hui Muslim identity depended to a great extent on the residence of the individual.

  18. The Native Speaker, Identity, and the Authenticity Hierarchy.

    Science.gov (United States)

    Myhill, John E.

    2003-01-01

    Discusses an ideology of native language and identity, which holds that native language is seen as a central element of individual identity. Argues that although this ideology can be very valuable in certain circumstances, it can also create an atmosphere of suspicion toward members of certain ethnicities who choose not to use their ancestral…

  19. Fact or Factitious? A Psychobiological Study of Authentic and Simulated Dissociative Identity States

    NARCIS (Netherlands)

    Reinders, A. A. T. Simone; Willemsen, Antoon T. M.; Vos, Herry P. J.; den Boer, Johan A.; Nijenhuis, Ellert R. S.

    2012-01-01

    Background: Dissociative identity disorder (DID) is a disputed psychiatric disorder. Research findings and clinical observations suggest that DID involves an authentic mental disorder related to factors such as traumatization and disrupted attachment. A competing view indicates that DID is due to

  20. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

    Science.gov (United States)

    Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

    2015-11-30

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

  1. An Authentication Technique Based on Classification

    Institute of Scientific and Technical Information of China (English)

    李钢; 杨杰

    2004-01-01

    We present a novel watermarking approach based on classification for authentication, in which a watermark is embedded into the host image. When the marked image is modified, the extracted watermark is also different to the original watermark, and different kinds of modification lead to different extracted watermarks. In this paper, different kinds of modification are considered as classes, and we used classification algorithm to recognize the modifications with high probability. Simulation results show that the proposed method is potential and effective.

  2. Toward Developing Authentic Leadership: Team-Based Simulations

    Science.gov (United States)

    Shapira-Lishchinsky, Orly

    2014-01-01

    Although there is a consensus that authentic leadership should be an essential component in educational leadership, no study to date has ever tried to find whether team-based simulations may promote authentic leadership. The purpose of this study was to identify whether principal trainees can develop authentic leadership through ethical decision…

  3. Speaker Authentication

    CERN Document Server

    Li, Qi (Peter)

    2012-01-01

    This book focuses on use of voice as a biometric measure for personal authentication. In particular, "Speaker Recognition" covers two approaches in speaker authentication: speaker verification (SV) and verbal information verification (VIV). The SV approach attempts to verify a speaker’s identity based on his/her voice characteristics while the VIV approach validates a speaker’s identity through verification of the content of his/her utterance(s). SV and VIV can be combined for new applications. This is still a new research topic with significant potential applications. The book provides with a broad overview of the recent advances in speaker authentication while giving enough attention to advanced and useful algorithms and techniques. It also provides a step by step introduction to the current state of the speaker authentication technology, from the fundamental concepts to advanced algorithms. We will also present major design methodologies and share our experience in developing real and successful speake...

  4. AUTHENTICITY, IDENTITY AND SUSTAINABILITY IN POST-WAR IRAQ: Reshaping the Urban Form of Erbil City

    Directory of Open Access Journals (Sweden)

    Rebwar Ibrahim

    2014-12-01

    Full Text Available Issues of authenticity and identity are particularly significant in cities where social and cultural change is shaping active transformation of its urban fabric and structure in the post-war condition. In search of sustainable future, Iraqi cities are stretched between the two ends of the spectrum, authentic quarters with its traditional fabric and modern districts with their global sense of living. This paper interrogates the reciprocal influences and distinct qualities and sustainable performance of both authentic and modern quarters of Erbil, the capital of the Iraqi province of Kurdistan, as factors in shaping sustainable urban forms for Iraqi cities. In doing so, the paper, firstly, seeks to highlight the urban identity as an effective factor in relation to sustainable urban form. Secondly, the city of Erbil in Iraq has been chosen as a field study, due to its regional, social, political and historical role in the region. Thirdly, the study emphasises the dynamic activities and performance of residential projects according to rational sustainable criteria. The research concludes that urban identity and the sense of place in traditional and historical places should inform design strategies in order to achieve a more sustainable urban context.

  5. Social Networking Sites, Literacy, and the Authentic Identity Problem

    Science.gov (United States)

    Kimmons, Royce

    2014-01-01

    Current interest in social media for educational purposes has led many to consider the importance of literacy development in online spaces (e.g., new media literacies, digital literacies, etc.). Relying heavily upon New Literacy Studies (NLS) as a base, these approaches treat literacy expansively to include socio-cultural factors beyond mere skill…

  6. A Network Topology Control and Identity Authentication Protocol with Support for Movable Sensor Nodes.

    Science.gov (United States)

    Zhang, Ying; Chen, Wei; Liang, Jixing; Zheng, Bingxin; Jiang, Shengming

    2015-12-01

    It is expected that in the near future wireless sensor network (WSNs) will be more widely used in the mobile environment, in applications such as Autonomous Underwater Vehicles (AUVs) for marine monitoring and mobile robots for environmental investigation. The sensor nodes' mobility can easily cause changes to the structure of a network topology, and lead to the decline in the amount of transmitted data, excessive energy consumption, and lack of security. To solve these problems, a kind of efficient Topology Control algorithm for node Mobility (TCM) is proposed. In the topology construction stage, an efficient clustering algorithm is adopted, which supports sensor node movement. It can ensure the balance of clustering, and reduce the energy consumption. In the topology maintenance stage, the digital signature authentication based on Error Correction Code (ECC) and the communication mechanism of soft handover are adopted. After verifying the legal identity of the mobile nodes, secure communications can be established, and this can increase the amount of data transmitted. Compared to some existing schemes, the proposed scheme has significant advantages regarding network topology stability, amounts of data transferred, lifetime and safety performance of the network.

  7. Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography

    Science.gov (United States)

    Yan, Liang; Rong, Chunming; Zhao, Gansen

    More and more companies begin to provide different kinds of cloud computing services for Internet users at the same time these services also bring some security problems. Currently the majority of cloud computing systems provide digital identity for users to access their services, this will bring some inconvenience for a hybrid cloud that includes multiple private clouds and/or public clouds. Today most cloud computing system use asymmetric and traditional public key cryptography to provide data security and mutual authentication. Identity-based cryptography has some attraction characteristics that seem to fit well the requirements of cloud computing. In this paper, by adopting federated identity management together with hierarchical identity-based cryptography (HIBC), not only the key distribution but also the mutual authentication can be simplified in the cloud.

  8. Curve aligning approach for gait authentication based on a wearable accelerometer

    International Nuclear Information System (INIS)

    Sun, Hu; Yuao, Tao

    2012-01-01

    Gait authentication based on a wearable accelerometer is a novel biometric which can be used for identity identification, medical rehabilitation and early detection of neurological disorders. The method for matching gait patterns tells heavily on authentication performances. In this paper, curve aligning is introduced as a new method for matching gait patterns and it is compared with correlation and dynamic time warping (DTW). A support vector machine (SVM) is proposed to fuse pattern-matching methods in a decision level. Accelerations collected from ankles of 22 walking subjects are processed for authentications in our experiments. The fusion of curve aligning with backward–forward accelerations and DTW with vertical accelerations promotes authentication performances substantially and consistently. This fusion algorithm is tested repeatedly. Its mean and standard deviation of equal error rates are 0.794% and 0.696%, respectively, whereas among all presented non-fusion algorithms, the best one shows an EER of 3.03%. (paper)

  9. Development of a Mobile EEG-based Biometric Authentication System

    DEFF Research Database (Denmark)

    Klonovs, Juris; Petersen, Christoffer Kjeldgaard; Olesen, Henning

    In recent years the need for greater security for storing personal and business data or accessing corporate networks on mobile devices is growing rapidly, and one of the potential solutions is to employ the innovative biometric authentication techniques. This paper presents the development...... and present a mobile prototype system capable of authenticating users based on the uniqueness of their brainwaves. Furthermore, we implement a novel authentication process, which leads the authentication system to be more secure. We also give suggestions for future improvements of the system....

  10. THE STUDENTS’ PERCEPTIONS OF AUTHENTIC TEXTS-BASED TRANSLATION

    Directory of Open Access Journals (Sweden)

    Rusiana .

    2017-12-01

    Full Text Available Translation requires lots of practice. As it is generally known, authentic texts provide fruitful experience for students to translate either Indonesian-English or vice versa. Authentic texts give many real uses of language in varied meaningful contexts The texts used were advertisement, abstract, local stories, tourist attraction, community service and project for money. This research is aimed at investigating whether the use of authentic texts benefits the students and describing the students’ perceptions toward the use of authentic texts in Translation class. It is a qualitative research. Questionnaires were used to obtain the students’ perceptions on the use of authentic texts in translation. The findings show that authentic texts-based translation benefits students in experiencing better translation. Advertisement was considered to be the most relevant text. On the contrary, they find it difficult to cope with authentic texts particularly dealing with words/terms/vocabulary, meanings, culture, and grammar. The recommendations are that the students have to be exposed to many authentic texts of varied topics in both English and Indonesian in order that they understand both the SL and TL well. For further researchers, it would be possible to research on the influence of authentic texts based translation on the students’ translation skill.

  11. The importance of being "me": The relation between authentic identity expression and transgender employees' work-related attitudes and experiences.

    Science.gov (United States)

    Martinez, Larry R; Sawyer, Katina B; Thoroughgood, Christian N; Ruggs, Enrica N; Smith, Nicholas A

    2017-02-01

    The present research examined the relation between authentic identity expression and transgender employees' work-related attitudes and experiences. Drawing on Kernis' (2003) theoretical conceptualization of authenticity and expanding on current workplace identity management research, we predicted that employees who had taken steps to reduce the discrepancy between their inner gender identities and their outward manifestations of gender would report more positive job attitudes and workplace experiences, in part because the reduction of this discrepancy is related to greater feelings of authenticity. In Study 1, we found that the extent to which one has transitioned was related to higher job satisfaction and perceived person-organization (P-O) fit and lower perceived discrimination. In Study 2, we replicate and extend these results by showing that the extent to which employees felt that others at work perceived them in a manner consistent with how they perceived themselves (relational authenticity) mediated the relations between extent of transition and all 3 of these outcomes. However, perceptions of alignment between one's felt and expressed identity (action authenticity) only mediated this link for job satisfaction. We discuss the theoretical and practical implications of our results, as well as avenues for future research on authenticity in the workplace. (PsycINFO Database Record (c) 2017 APA, all rights reserved).

  12. Fact or Factitious? A Psychobiological Study of Authentic and Simulated Dissociative Identity States

    Science.gov (United States)

    Simone Reinders, A. A. T.; Willemsen, Antoon T. M.; Vos, Herry P. J.; den Boer, Johan A.; Nijenhuis, Ellert R. S.

    2012-01-01

    Background Dissociative identity disorder (DID) is a disputed psychiatric disorder. Research findings and clinical observations suggest that DID involves an authentic mental disorder related to factors such as traumatization and disrupted attachment. A competing view indicates that DID is due to fantasy proneness, suggestibility, suggestion, and role-playing. Here we examine whether dissociative identity state-dependent psychobiological features in DID can be induced in high or low fantasy prone individuals by instructed and motivated role-playing, and suggestion. Methodology/Principal Findings DID patients, high fantasy prone and low fantasy prone controls were studied in two different types of identity states (neutral and trauma-related) in an autobiographical memory script-driven (neutral or trauma-related) imagery paradigm. The controls were instructed to enact the two DID identity states. Twenty-nine subjects participated in the study: 11 patients with DID, 10 high fantasy prone DID simulating controls, and 8 low fantasy prone DID simulating controls. Autonomic and subjective reactions were obtained. Differences in psychophysiological and neural activation patterns were found between the DID patients and both high and low fantasy prone controls. That is, the identity states in DID were not convincingly enacted by DID simulating controls. Thus, important differences regarding regional cerebral bloodflow and psychophysiological responses for different types of identity states in patients with DID were upheld after controlling for DID simulation. Conclusions/Significance The findings are at odds with the idea that differences among different types of dissociative identity states in DID can be explained by high fantasy proneness, motivated role-enactment, and suggestion. They indicate that DID does not have a sociocultural (e.g., iatrogenic) origin. PMID:22768068

  13. Fact or factitious? A psychobiological study of authentic and simulated dissociative identity states.

    Science.gov (United States)

    Reinders, A A T S; Reinders, A A T Simone; Willemsen, Antoon T M; Vos, Herry P J; den Boer, Johan A; Nijenhuis, Ellert R S

    2012-01-01

    Dissociative identity disorder (DID) is a disputed psychiatric disorder. Research findings and clinical observations suggest that DID involves an authentic mental disorder related to factors such as traumatization and disrupted attachment. A competing view indicates that DID is due to fantasy proneness, suggestibility, suggestion, and role-playing. Here we examine whether dissociative identity state-dependent psychobiological features in DID can be induced in high or low fantasy prone individuals by instructed and motivated role-playing, and suggestion. DID patients, high fantasy prone and low fantasy prone controls were studied in two different types of identity states (neutral and trauma-related) in an autobiographical memory script-driven (neutral or trauma-related) imagery paradigm. The controls were instructed to enact the two DID identity states. Twenty-nine subjects participated in the study: 11 patients with DID, 10 high fantasy prone DID simulating controls, and 8 low fantasy prone DID simulating controls. Autonomic and subjective reactions were obtained. Differences in psychophysiological and neural activation patterns were found between the DID patients and both high and low fantasy prone controls. That is, the identity states in DID were not convincingly enacted by DID simulating controls. Thus, important differences regarding regional cerebral bloodflow and psychophysiological responses for different types of identity states in patients with DID were upheld after controlling for DID simulation. The findings are at odds with the idea that differences among different types of dissociative identity states in DID can be explained by high fantasy proneness, motivated role-enactment, and suggestion. They indicate that DID does not have a sociocultural (e.g., iatrogenic) origin.

  14. Fact or factitious? A psychobiological study of authentic and simulated dissociative identity states.

    Directory of Open Access Journals (Sweden)

    A A T S Reinders

    Full Text Available BACKGROUND: Dissociative identity disorder (DID is a disputed psychiatric disorder. Research findings and clinical observations suggest that DID involves an authentic mental disorder related to factors such as traumatization and disrupted attachment. A competing view indicates that DID is due to fantasy proneness, suggestibility, suggestion, and role-playing. Here we examine whether dissociative identity state-dependent psychobiological features in DID can be induced in high or low fantasy prone individuals by instructed and motivated role-playing, and suggestion. METHODOLOGY/PRINCIPAL FINDINGS: DID patients, high fantasy prone and low fantasy prone controls were studied in two different types of identity states (neutral and trauma-related in an autobiographical memory script-driven (neutral or trauma-related imagery paradigm. The controls were instructed to enact the two DID identity states. Twenty-nine subjects participated in the study: 11 patients with DID, 10 high fantasy prone DID simulating controls, and 8 low fantasy prone DID simulating controls. Autonomic and subjective reactions were obtained. Differences in psychophysiological and neural activation patterns were found between the DID patients and both high and low fantasy prone controls. That is, the identity states in DID were not convincingly enacted by DID simulating controls. Thus, important differences regarding regional cerebral bloodflow and psychophysiological responses for different types of identity states in patients with DID were upheld after controlling for DID simulation. CONCLUSIONS/SIGNIFICANCE: The findings are at odds with the idea that differences among different types of dissociative identity states in DID can be explained by high fantasy proneness, motivated role-enactment, and suggestion. They indicate that DID does not have a sociocultural (e.g., iatrogenic origin.

  15. Group-ID based RFID Mutual Authentication

    Directory of Open Access Journals (Sweden)

    LEE, Y.

    2013-11-01

    Full Text Available For passive type RFID tags, EPCglobal Class 1 Generation-2 Revision is used widely as a de facto standard. As it was designed for low cost, it is quite vulnerable to security issues, such as privacy concerns. This paper presents a new RFID mutual authentication protocol, which is designed to be configured on EPC Gen2 platform and to meet various security requirements while providing efficiency using PRNG (Pseudo Random Number Generator. Group-ID is used to minimize the authentication time. Security analysis of the proposed protocol is discussed.

  16. EAP-Based Authentication for Ad Hoc Network

    OpenAIRE

    Bhakti, Muhammad Agni Catur; Abdullah, Azween; Jung, Low Tan

    2007-01-01

    Wireless network has been deployed worldwide, but some security issues in wireless network might haveprevented its further acceptance. One of the solutions to overcome the limitation of wireless network security isthe IEEE 802.1X specification, a mechanism for port-based network access control, which is based onExtensible Authentication Protocol (EAP). It is an authentication framework that can support multipleauthentication methods. EAP can run over many types of data-link layer and it is fl...

  17. Biometrics based authentication scheme for session initiation protocol

    OpenAIRE

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when co...

  18. GROUP POLICY BASED AUTHENTICATION ON INCOMING CALLS FOR ANDROID SMARTPHONES

    OpenAIRE

    Sunita M. Kumbhar, Prof. Z.M Shaikh

    2016-01-01

    The numbers of Smartphone users increasing day by day. Hence, there is need to propose advanced Group Policy based Authentication for incoming calls for Android phone. Android platform provides a variety of functions that support the programming of face recognition, as in image processing. Group policy based authentication scheme increases the security which restricts the access of incoming call form un-authorized user. To solve problems, related to face recognition should be applied in the p...

  19. A digital memories based user authentication scheme with privacy preservation.

    Directory of Open Access Journals (Sweden)

    JunLiang Liu

    Full Text Available The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key, which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

  20. Password-based authenticated key exchange scheme using smart card

    Science.gov (United States)

    Liu, Hui; Zhong, Shaojun

    2013-03-01

    A protocol that allows any two entities to negotiate a shared session key is commonly called a key exchange protocol. If the protocol provides a function to authenticate each other, we call the protocol authenticated key exchange protocol (AKE). Password authentication key exchange (PAKE) is the AKE protocol in which the two entities share a humanmemorable password. Most of current PAKE relies on the existence of a public key infrastructure, which sometime is impossible for a certain environments such as low computational device due to the computation overhead. In this paper, we propose password-based authenticated key exchange using smart card. Compared to previous PAKE, our protocol is more efficient because our protocol is based on ECC. Thereby, the proposed protocol can be well applied to low computation device.

  1. Trust-Based and Context-Aware Authentication in a Software Architecture for Context and Proximity-Aware Services

    Science.gov (United States)

    Lenzini, Gabriele

    We describe an existing software architecture for context and proximity aware services that enables trust-based and context-aware authentication. A service is proximity aware when it automatically detects the presence of entities in its proximity. Authentication is context-aware when it uses contextual information to discern among different identities and to evaluate to which extent they are authentic. The software architecture that we describe here is functioning in our Institute: It manages a sensor network to detect the presence and location of users and their devices. A context manager is responsible to merge the different sources of contextual information, to solve potential contradictions, and to determine the level of authentication of the identity of the person approaching one of the services offered in the coffee-break corners of our Institute. In our solution for context-aware authentication, sensors are managed as if they were recommenders having subjective belief, disbelief, and uncertainty (i.e., trust) on the position and identity of users. A sensor’s subjective trust depends on what it has been sensing in the environment. We discuss the results of an array of simulations that we conducted to validate our concept of trust-based and context-aware authentication. We use Subjective Logic to manage trust.

  2. Authentication in Virtual Organizations: A Reputation Based PKI Interconnection Model

    Science.gov (United States)

    Wazan, Ahmad Samer; Laborde, Romain; Barrere, Francois; Benzekri, Abdelmalek

    Authentication mechanism constitutes a central part of the virtual organization work. The PKI technology is used to provide the authentication in each organization involved in the virtual organization. Different trust models are proposed to interconnect the different PKIs in order to propagate the trust between them. While the existing trust models contain many drawbacks, we propose a new trust model based on the reputation of PKIs.

  3. Innovative business models within niche tourist markets: shared identity, authenticity and flexibile networks. The case of three italian SMEs

    Directory of Open Access Journals (Sweden)

    Federica Montaguti

    2016-07-01

    Full Text Available Innovative business models within niche tourist markets: shared identity, authenticity and flexibile networks. The case of three italian SMEs The evolution of business models is a crucial challenge for tourism companies, which should understand how they can stimulate their creativity and introduce innovation. However for many firms, in particular for SMEs, this process is not so easy to be adopted. Even more difficult it is to understand how the business model should change to be successful in solving what appears to be one of the main problems for SMEs, especially within mature, tourist destinations, i.e. targeting new profitable segments. The paper discusses the main findings of a research project carried out by the authors about changes in the business models of Italian tourism companies, underlining in particular three case-studies of interest in terms of the innovation put in place and that relate to SMEs. The analysis, based on the business model canvas, the value constellation and the storytelling, found out that these three firms are flexible companies that have characteristics emblematic of the knowledge and information economy business models. They successfully answer the needs of specific niches, finding new opportunities within a mature tourism market and famous destinations, thanks to their ability to develop wide flexible networks, where customers are an active part, and thanks to the value proposed to the clients, centred on the idea of a shared identity between the clients and the company’s founders and of an authenticity guaranteed by the life story of the founders themselves.

  4. Using medical history embedded in biometrics medical card for user identity authentication: data representation by AVT hierarchical data tree.

    Science.gov (United States)

    Fong, Simon; Zhuang, Yan

    2012-01-01

    User authentication has been widely used by biometric applications that work on unique bodily features, such as fingerprints, retina scan, and palm vessels recognition. This paper proposes a novel concept of biometric authentication by exploiting a user's medical history. Although medical history may not be absolutely unique to every individual person, the chances of having two persons who share an exactly identical trail of medical and prognosis history are slim. Therefore, in addition to common biometric identification methods, medical history can be used as ingredients for generating Q&A challenges upon user authentication. This concept is motivated by a recent advancement on smart-card technology that future identity cards are able to carry patents' medical history like a mobile database. Privacy, however, may be a concern when medical history is used for authentication. Therefore in this paper, a new method is proposed for abstracting the medical data by using attribute value taxonomies, into a hierarchical data tree (h-Data). Questions can be abstracted to various level of resolution (hence sensitivity of private data) for use in the authentication process. The method is described and a case study is given in this paper.

  5. Using Medical History Embedded in Biometrics Medical Card for User Identity Authentication: Data Representation by AVT Hierarchical Data Tree

    Directory of Open Access Journals (Sweden)

    Simon Fong

    2012-01-01

    Full Text Available User authentication has been widely used by biometric applications that work on unique bodily features, such as fingerprints, retina scan, and palm vessels recognition. This paper proposes a novel concept of biometric authentication by exploiting a user’s medical history. Although medical history may not be absolutely unique to every individual person, the chances of having two persons who share an exactly identical trail of medical and prognosis history are slim. Therefore, in addition to common biometric identification methods, medical history can be used as ingredients for generating Q&A challenges upon user authentication. This concept is motivated by a recent advancement on smart-card technology that future identity cards are able to carry patents’ medical history like a mobile database. Privacy, however, may be a concern when medical history is used for authentication. Therefore in this paper, a new method is proposed for abstracting the medical data by using attribute value taxonomies, into a hierarchical data tree (h-Data. Questions can be abstracted to various level of resolution (hence sensitivity of private data for use in the authentication process. The method is described and a case study is given in this paper.

  6. Key Based Mutual Authentication (KBMA Mechanism for Secured Access in MobiCloud Environment

    Directory of Open Access Journals (Sweden)

    Donald A. Cecil

    2016-01-01

    Full Text Available Mobile Cloud Computing (MCC fuels innovation in Mobile Computing and opens new pathways between mobile devices and infrastructures. There are several issues in MCC environment as it integrates various technologies. Among all issues, security lies on the top where many users are not willing to adopt the cloud services. This paper focuses on the authentication. The objective of this paper is to provide a mechanism for authenticating all the entities involved in accessing the cloud services. A mechanism called Key Based Mutual Authentication (KBMA is proposed which is divided into two processes namely registration and authentication. Registration is a one-time process where the users are registered for accessing the cloud services by giving the desired unique information. Authentication process is carried out mutually to verify the identities of Device and Cloud Service Provider (CSP. Scyther tool is used for analysing the vulnerability in terms of attacks. The result claims show that the proposed mechanism is resilient against various attacks.

  7. The Need for Authenticity-Based Autonomy in Medical Ethics.

    Science.gov (United States)

    White, Lucie

    2017-08-11

    The notion of respect for autonomy dominates bioethical discussion, though what qualifies precisely as autonomous action is notoriously elusive. In recent decades, the notion of autonomy in medical contexts has often been defined in opposition to the notion of autonomy favoured by theoretical philosophers. Where many contemporary theoretical accounts of autonomy place emphasis on a condition of "authenticity", the special relation a desire must have to the self, bioethicists often regard such a focus as irrelevant to the concerns of medical ethics, and too stringent for use in practical contexts. I argue, however, that the very condition of authenticity that forms a focus in theoretical philosophy is also essential to autonomy and competence in medical ethics. After tracing the contours of contemporary authenticity-based theories of autonomy, I consider and respond to objections against the incorporation of a notion of authenticity into accounts of autonomy designed for use in medical contexts. By looking at the typical problems that arise when making judgments concerning autonomy or competence in a medical setting, I reveal the need for a condition of authenticity-as a means of protecting choices, particularly high-stakes choices, from being restricted or overridden on the basis of intersubjective disagreement. I then turn to the treatment of false and contestable beliefs, arguing that it is only through reference to authenticity that we can make important distinctions in this domain. Finally, I consider a potential problem with my proposed approach; its ability to deal with anorexic and depressive desires.

  8. Digital holographic-based cancellable biometric for personal authentication

    International Nuclear Information System (INIS)

    Verma, Gaurav; Sinha, Aloka

    2016-01-01

    In this paper, we propose a new digital holographic-based cancellable biometric scheme for personal authentication and verification. The realization of cancellable biometric is presented by using an optoelectronic experimental approach, in which an optically recorded hologram of the fingerprint of a person is numerically reconstructed. Each reconstructed feature has its own perspective, which is utilized to generate user-specific fingerprint features by using a feature-extraction process. New representations of the user-specific fingerprint features can be obtained from the same hologram, by changing the reconstruction distance (d) by an amount Δd between the recording plane and the reconstruction plane. This parameter is the key to make the cancellable user-specific fingerprint features using a digital holographic technique, which allows us to choose different reconstruction distances when reissuing the user-specific fingerprint features in the event of compromise. We have shown theoretically that each user-specific fingerprint feature has a unique identity with a high discrimination ability, and the chances of a match between them are minimal. In this aspect, a recognition system has also been demonstrated using the fingerprint biometric of the enrolled person at a particular reconstruction distance. For the performance evaluation of a fingerprint recognition system—the false acceptance ratio, the false rejection ratio and the equal error rate are calculated using correlation. The obtained results show good discrimination ability between the genuine and the impostor populations with the highest recognition rate of 98.23%. (paper)

  9. LDPC and SHA based iris recognition for image authentication

    Directory of Open Access Journals (Sweden)

    K. Seetharaman

    2012-11-01

    Full Text Available We introduce a novel way to authenticate an image using Low Density Parity Check (LDPC and Secure Hash Algorithm (SHA based iris recognition method with reversible watermarking scheme, which is based on Integer Wavelet Transform (IWT and threshold embedding technique. The parity checks and parity matrix of LDPC encoding and cancellable biometrics i.e., hash string of unique iris code from SHA-512 are embedded into an image for authentication purpose using reversible watermarking scheme based on IWT and threshold embedding technique. Simply by reversing the embedding process, the original image, parity checks, parity matrix and SHA-512 hash are extracted back from watermarked-image. For authentication, the new hash string produced by employing SHA-512 on error corrected iris code from live person is compared with hash string extracted from watermarked-image. The LDPC code reduces the hamming distance for genuine comparisons by a larger amount than for the impostor comparisons. This results in better separation between genuine and impostor users which improves the authentication performance. Security of this scheme is very high due to the security complexity of SHA-512, which is 2256 under birthday attack. Experimental results show that this approach can assure more accurate authentication with a low false rejection or false acceptance rate and outperforms the prior arts in terms of PSNR.

  10. Biometrics based authentication scheme for session initiation protocol.

    Science.gov (United States)

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

  11. CLAS: A Novel Communications Latency Based Authentication Scheme

    Directory of Open Access Journals (Sweden)

    Zuochao Dou

    2017-01-01

    Full Text Available We design and implement a novel communications latency based authentication scheme, dubbed CLAS, that strengthens the security of state-of-the-art web authentication approaches by leveraging the round trip network communications latency (RTL between clients and authenticators. In addition to the traditional credentials, CLAS profiles RTL values of clients and uses them to defend against password compromise. The key challenges are (i to prevent RTL manipulation, (ii to alleviate network instabilities, and (iii to address mobile clients. CLAS addresses the first challenge by introducing a novel network architecture, which makes it extremely difficult for attackers to simulate legitimate RTL values. The second challenge is addressed by outlier removal and multiple temporal profiling, while the last challenge is addressed by augmenting CLAS with out-of-band-channels or other authentication schemes. CLAS restricts login to profiled locations while demanding additional information for nonprofiled ones, which highly reduces the attack surface even when the legitimate credentials are compromised. Additionally, unlike many state-of-the-art authentication mechanisms, CLAS is resilient to phishing, pharming, man-in-the-middle, and social engineering attacks. Furthermore, CLAS is transparent to users and incurs negligible overhead. The experimental results show that CLAS can achieve very low false positive and false negative rates.

  12. Mutual Image-Based Authentication Framework with JPEG2000 in Wireless Environment

    Directory of Open Access Journals (Sweden)

    Ginesu G

    2006-01-01

    Full Text Available Currently, together with the development of wireless connectivity, the need for a reliable and user-friendly authentication system becomes always more important. New applications, as e-commerce or home banking, require a strong level of protection, allowing for verification of legitimate users' identity and enabling the user to distinguis trusted servers from shadow ones. A novel framework for image-based authentication (IBA is then proposed and evaluated. In order to provide mutual authentication, the proposed method integrates an IBA password technique with a challenge-response scheme based on a shared secret key for image scrambling. The wireless environment is mainly addressed by the proposed system, which tries to overcome the severe constraints on security, data transmission capability, and user friendliness imposed by such environment. In order to achieve such results, the system offers a strong solution for authentication, taking into account usability and avoiding the need for hardware upgrades. Data and application scalability is provided through the JPEG2000 standard and JPIP framework.

  13. Chop Suey as Imagined Authentic Chinese Food: The Culinary Identity of Chinese Restaurants in the United States

    OpenAIRE

    Haiming Liu

    2009-01-01

    At least until the 1960s, chop suey was synonymous with Chinese food in the United States, where most Chinese restaurants were called chop suey houses. By uncovering the history of chop suey, this article analyzes the development of Chinese cuisine in the U.S. as an example of transnational cultural exchange. The authenticity and culinary identity of Chinese food in America often rested on its real or imagined Chinese roots while its popularity depended on how well Chinese restaurant...

  14. Security problems with a chaos-based deniable authentication scheme

    International Nuclear Information System (INIS)

    Alvarez, Gonzalo

    2005-01-01

    Recently, a new scheme was proposed for deniable authentication. Its main originality lied on applying a chaos-based encryption-hash parallel algorithm and the semi-group property of the Chebyshev chaotic map. Although original and practicable, its insecurity and inefficiency are shown in this paper, thus rendering it inadequate for adoption in e-commerce

  15. Design Heuristics for Authentic Simulation-Based Learning Games

    Science.gov (United States)

    Ney, Muriel; Gonçalves, Celso; Balacheff, Nicolas

    2014-01-01

    Simulation games are games for learning based on a reference in the real world. We propose a model for authenticity in this context as a result of a compromise among learning, playing and realism. In the health game used to apply this model, students interact with characters in the game through phone messages, mail messages, SMS and video.…

  16. Security problems with a chaos-based deniable authentication scheme

    Energy Technology Data Exchange (ETDEWEB)

    Alvarez, Gonzalo [Instituto de Fisica Aplicada, Consejo Superior de Investigaciones Cientificas, Serrano 144, 28006 Madrid (Spain)] e-mail: gonzalo@iec.csic.es

    2005-10-01

    Recently, a new scheme was proposed for deniable authentication. Its main originality lied on applying a chaos-based encryption-hash parallel algorithm and the semi-group property of the Chebyshev chaotic map. Although original and practicable, its insecurity and inefficiency are shown in this paper, thus rendering it inadequate for adoption in e-commerce.

  17. An improved map based graphical android authentication system ...

    African Journals Online (AJOL)

    Currently, graphical password methods are available for android and other devices, but the major problem is vulnerability issue. A map graphical-based authentication system (Dheeraj et al, 2013) was designed on mobile android devices, but it did not provide a large choice or multiple sequence to user for selecting ...

  18. A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

    Science.gov (United States)

    Mehmood, Zahid; Chen, Gongliang; Li, Jianhua; Li, Linsen; Alzahrani, Bander

    2017-01-01

    Over the past few years, Session Initiation Protocol (SIP) is found as a substantial application-layer protocol for the multimedia services. It is extensively used for managing, altering, terminating and distributing the multimedia sessions. Authentication plays a pivotal role in SIP environment. Currently, Lu et al. presented an authentication protocol for SIP and profess that newly proposed protocol is protected against all the familiar attacks. However, the detailed analysis describes that the Lu et al.'s protocol is exposed against server masquerading attack and user's masquerading attack. Moreover, it also fails to protect the user's identity as well as it possesses incorrect login and authentication phase. In order to establish a suitable and efficient protocol, having ability to overcome all these discrepancies, a robust ECC-based novel mutual authentication mechanism with anonymity for SIP is presented in this manuscript. The improved protocol contains an explicit parameter for user to cope the issues of security and correctness and is found to be more secure and relatively effective to protect the user's privacy, user's masquerading and server masquerading as it is verified through the comprehensive formal and informal security analysis.

  19. A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

    Directory of Open Access Journals (Sweden)

    Zahid Mehmood

    Full Text Available Over the past few years, Session Initiation Protocol (SIP is found as a substantial application-layer protocol for the multimedia services. It is extensively used for managing, altering, terminating and distributing the multimedia sessions. Authentication plays a pivotal role in SIP environment. Currently, Lu et al. presented an authentication protocol for SIP and profess that newly proposed protocol is protected against all the familiar attacks. However, the detailed analysis describes that the Lu et al.'s protocol is exposed against server masquerading attack and user's masquerading attack. Moreover, it also fails to protect the user's identity as well as it possesses incorrect login and authentication phase. In order to establish a suitable and efficient protocol, having ability to overcome all these discrepancies, a robust ECC-based novel mutual authentication mechanism with anonymity for SIP is presented in this manuscript. The improved protocol contains an explicit parameter for user to cope the issues of security and correctness and is found to be more secure and relatively effective to protect the user's privacy, user's masquerading and server masquerading as it is verified through the comprehensive formal and informal security analysis.

  20. The research and implementation of a unified identity authentication in e-government network

    Science.gov (United States)

    Feng, Zhou

    Current problem existing in e-government network is that the applications of information system are developed independently by various departments, and each has its own specific set of authentication and access control mechanism. To build a comprehensive information system in favor of sharing and exchanging information, a sound and secure unified e-government authentication system is firstly needed. The paper, combining with practical development of e-government network, carries out a thorough discussion on how to achieve data synchronization between unified authentication system and related application systems.

  1. Anonymous Authentication Systems Based on Private Information Retrieval

    OpenAIRE

    Nakamura, Toru; Inenaga, Shunsuke; Ikeda, Daisuke; Baba, Kensuke; Yasuura, Hiroto

    2009-01-01

    This paper focuses on authentication with three types of entities: a user who sends an authentication request, an authentication-server who receives and verifies the request, and a database who supplies the authentication-server with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks, (2) the database(s) cannot identify which user is authenticating and (3) the authenticati...

  2. A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System.

    Science.gov (United States)

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi; Wang, Chun-Cheng

    2015-11-01

    To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

  3. Identity, Politics and Authentic Leadership. Spanish Youngsters’ Perceptions of J. L. Rodríguez Zapatero and M. Rajoy

    Directory of Open Access Journals (Sweden)

    Salomé Sola-Morales

    2013-06-01

    Full Text Available This article presents a framework for the analysis of audience’s perceptions about political leaders. Specifically, we focus on the perceptions of two Spanish leaders: José Luis Rodríguez Zapatero, the former Prime Minister, and Mariano Rajoy, the current Prime Minister. We wanted to test how young people perceive and evaluate the identity of these two political leaders. We also tried to determine the role played by media in the formation of these complex images. After the analysis of data collected from a sample of 108 participants, significant differential effects concerning the way people perceive both leaders have not been found. Results indicate that in crisis periods leaders lack authenticity, thus voters have a negative perception of them. It has also found some positive correlation between the authentic leadership’s variables and the Big Five personality factors. Throughout this paper, theoretical and methodological problems of such an approach are discussed.

  4. A User Authentication Based on Personal History- A User Authentication System Using E-mail History -

    Directory of Open Access Journals (Sweden)

    Masakatsu Nishigaki

    2007-04-01

    Full Text Available This paper proposes a user authentication using personal history of each user. Here, authentication is done by giving answers to questions about the history of user's daily life. Users do not have to memorize any password, since the passwords are what users already know by experience. In addition, everyday-life experience increases day by day, and thus the question could change on every authentication trial. In this paper, a user authentication system using user's e-mail history is shown as a prototype of our proposal, and some basic experiments to evaluate the availability of the system are carried out.

  5. EBAA: An efficient broadcast authentication scheme for ADS-B communication based on IBS-MR

    Directory of Open Access Journals (Sweden)

    Yang Haomiao

    2014-06-01

    Full Text Available Automatic dependent surveillance-broadcast (ADS-B systems can broadcast satellite-based aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management (ATM systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortunately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery (IBS-MR, an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters’ private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.

  6. A Secure and Robust Object-Based Video Authentication System

    Directory of Open Access Journals (Sweden)

    He Dajun

    2004-01-01

    Full Text Available An object-based video authentication system, which combines watermarking, error correction coding (ECC, and digital signature techniques, is presented for protecting the authenticity between video objects and their associated backgrounds. In this system, a set of angular radial transformation (ART coefficients is selected as the feature to represent the video object and the background, respectively. ECC and cryptographic hashing are applied to those selected coefficients to generate the robust authentication watermark. This content-based, semifragile watermark is then embedded into the objects frame by frame before MPEG4 coding. In watermark embedding and extraction, groups of discrete Fourier transform (DFT coefficients are randomly selected, and their energy relationships are employed to hide and extract the watermark. The experimental results demonstrate that our system is robust to MPEG4 compression, object segmentation errors, and some common object-based video processing such as object translation, rotation, and scaling while securely preventing malicious object modifications. The proposed solution can be further incorporated into public key infrastructure (PKI.

  7. Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Yan Zhao

    2018-01-01

    Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

  8. Formal Security-Proved Mobile Anonymous Authentication Protocols with Credit-Based Chargeability and Controllable Privacy

    Directory of Open Access Journals (Sweden)

    Chun-I Fan

    2016-06-01

    Full Text Available Smart mobile phones are widely popularized and advanced mobile communication services are provided increasingly often, such that ubiquitous computing environments will soon be a reality. However, there are many security threats to mobile networks and their impact on security is more serious than that in wireline networks owing to the features of wireless transmissions and the ubiquity property. The secret information which mobile users carry may be stolen by malicious entities. To guarantee the quality of advanced services, security and privacy would be important issues when users roam within various mobile networks. In this manuscript, an anonymous authentication scheme will be proposed to protect the security of the network system and the privacy of users. Not only does the proposed scheme provide mutual authentication between each user and the system, but also each user’s identity is kept secret against anyone else, including the system. Although the system anonymously authenticates the users, it can still generate correct bills to charge these anonymous users via a credit-based solution instead of debit-based ones. Furthermore, our protocols also achieve fair privacy which allows the judge to revoke the anonymity and trace the illegal users when they have misused the anonymity property, for example, if they have committed crimes. Finally, in this paper, we also carry out complete theoretical proofs on each claimed security property.

  9. Securing the Global Airspace System Via Identity-Based Security

    Science.gov (United States)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  10. Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol.

    Science.gov (United States)

    He, Debiao; Kumar, Neeraj; Chilamkurti, Naveen; Lee, Jong-Hyouk

    2014-10-01

    The radio frequency identification (RFID) technology has been widely adopted and being deployed as a dominant identification technology in a health care domain such as medical information authentication, patient tracking, blood transfusion medicine, etc. With more and more stringent security and privacy requirements to RFID based authentication schemes, elliptic curve cryptography (ECC) based RFID authentication schemes have been proposed to meet the requirements. However, many recently published ECC based RFID authentication schemes have serious security weaknesses. In this paper, we propose a new ECC based RFID authentication integrated with an ID verifier transfer protocol that overcomes the weaknesses of the existing schemes. A comprehensive security analysis has been conducted to show strong security properties that are provided from the proposed authentication scheme. Moreover, the performance of the proposed authentication scheme is analyzed in terms of computational cost, communicational cost, and storage requirement.

  11. Design of a mutual authentication based on NTRUsign with a perturbation and inherent multipoint control protocol frames in an Ethernet-based passive optical network

    Science.gov (United States)

    Yin, Aihan; Ding, Yisheng

    2014-11-01

    Identity-related security issues inherently present in passive optical networks (PON) still exist in the current (1G) and next-generation (10G) Ethernet-based passive optical network (EPON) systems. We propose a mutual authentication scheme that integrates an NTRUsign digital signature algorithm with inherent multipoint control protocol (MPCP) frames over an EPON system between the optical line terminal (OLT) and optical network unit (ONU). Here, a primitive NTRUsign algorithm is significantly modified through the use of a new perturbation so that it can be effectively used for simultaneously completing signature and authentication functions on the OLT and the ONU sides. Also, in order to transmit their individual sensitive messages, which include public key, signature, and random value and so forth, to each other, we redefine three unique frames according to MPCP format frame. These generated messages can be added into the frames and delivered to each other, allowing the OLT and the ONU to go ahead with a mutual identity authentication process to verify their legal identities. Our simulation results show that this proposed scheme performs very well in resisting security attacks and has low influence on the registration efficiency to to-be-registered ONUs. A performance comparison with traditional authentication algorithms is also presented. To the best of our knowledge, no detailed design of mutual authentication in EPON can be found in the literature up to now.

  12. Chop Suey as Imagined Authentic Chinese Food: The Culinary Identity of Chinese Restaurants in the United States

    Directory of Open Access Journals (Sweden)

    Haiming Liu

    2009-02-01

    Full Text Available At least until the 1960s, chop suey was synonymous with Chinese food in the United States, where most Chinese restaurants were called chop suey houses. By uncovering the history of chop suey, this article analyzes the development of Chinese cuisine in the U.S. as an example of transnational cultural exchange. The authenticity and culinary identity of Chinese food in America often rested on its real or imagined Chinese roots while its popularity depended on how well Chinese restaurant proprietors adapted the flavors, ingredients, and cooking methods of Chinese cuisine to the tastes and markets of local American communities. The dynamic interaction between Chinese food and American customers functioned as a complex cultural negotiation. While Chinese restaurants helped shape the American diet, Chinese food was at the same time being shaped and transformed by American popular taste. By appealing to a wide range of American diners, chop suey eventually evolved into a popular American ethnic food and a central component in the culinary identity of Chinese restaurants. Chop suey generated numerous jobs for Chinese immigrants and established a culinary bond between Chinese food and American customers. Also, as an imagined authentic Chinese dish, it represented a type of affordable exoticism in the eyes of American consumers, meeting not only American tastes but also their social expectations of Chinese culture.

  13. Chop Suey as Imagined Authentic Chinese Food: The Culinary Identity of Chinese Restaurants in the United States

    Directory of Open Access Journals (Sweden)

    Haiming Liu

    2009-02-01

    Full Text Available

    At least until the 1960s, chop suey was synonymous with Chinese food in the United States, where most Chinese restaurants were called chop suey houses. By uncovering the history of chop suey, this article analyzes the development of Chinese cuisine in the U.S. as an example of transnational cultural exchange. The authenticity and culinary identity of Chinese food in America often rested on its real or imagined Chinese roots while its popularity depended on how well Chinese restaurant proprietors adapted the flavors, ingredients, and cooking methods of Chinese cuisine to the tastes and markets of local American communities. The dynamic interaction between Chinese food and American customers functioned as a complex cultural negotiation. While Chinese restaurants helped shape the American diet, Chinese food was at the same time being shaped and transformed by American popular taste. By appealing to a wide range of American diners, chop suey eventually evolved into a popular American ethnic food and a central component in the culinary identity of Chinese restaurants. Chop suey generated numerous jobs for Chinese immigrants and established a culinary bond between Chinese food and American customers. Also, as an imagined authentic Chinese dish, it represented a type of affordable exoticism in the eyes of American consumers, meeting not only American tastes but also their social expectations of Chinese culture.

  14. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

    Science.gov (United States)

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

  15. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

    Science.gov (United States)

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

  16. IPTV Service Framework Based on Secure Authentication and Lightweight Content Encryption for Screen-Migration in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Aymen Abdullah Alsaffar

    2015-01-01

    Full Text Available These days, the advancing of smart devices (e.g. smart phones, tablets, PC, etc. capabilities and the increase of internet bandwidth enables IPTV service provider to extend their services to smart mobile devices. User can just receive their IPTV service using any smart devices by accessing the internet via wireless network from anywhere anytime in the world which is convenience for users. However, wireless network communication has well a known critical security threats and vulnerabilities to user smart devices and IPTV service such as user identity theft, reply attack, MIM attack, and so forth. A secure authentication for user devices and multimedia protection mechanism is necessary to protect both user devices and IPTV services. As result, we proposed framework of IPTV service based on secure authentication mechanism and lightweight content encryption method for screen-migration in Cloud computing. We used cryptographic nonce combined with user ID and password to authenticate user device in any mobile terminal they passes by. In addition we used Lightweight content encryption to protect and reduce the content decode overload at mobile terminals. Our proposed authentication mechanism reduces the computational processing by 30% comparing to other authentication mechanism and our lightweight content encryption reduces encryption delay to 0.259 second.

  17. A Novel Video Data-Source Authentication Model Based on Digital Watermarking and MAC in Multicast

    Institute of Scientific and Technical Information of China (English)

    ZHAO Anjun; LU Xiangli; GUO Lei

    2006-01-01

    A novel video data authentication model based on digital video watermarking and MAC (message authentication code) in multicast protocol is proposed in this paper. The digital watermarking which composes of the MAC of the significant video content, the key and instant authentication data is embedded into the insignificant video component by the MLUT (modified look-up table) video watermarking technology. We explain a method that does not require storage of each data packet for a time, thus making receiver not vulnerable to DOS (denial of service) attack. So the video packets can be authenticated instantly without large volume buffer in the receivers. TESLA(timed efficient stream loss-tolerant authentication) does not explain how to select the suitable value for d, which is an important parameter in multicast source authentication. So we give a method to calculate the key disclosure delay (number of intervals). Simulation results show that the proposed algorithms improve the performance of data source authentication in multicast.

  18. Biometric technology authentication, biocryptography, and cloud-based architecture

    CERN Document Server

    Das, Ravi

    2014-01-01

    Most biometric books are either extraordinarily technical for technophiles or extremely elementary for the lay person. Striking a balance between the two, Biometric Technology: Authentication, Biocryptography, and Cloud-Based Architecture is ideal for business, IT, or security managers that are faced with the task of making purchasing, migration, or adoption decisions. It brings biometrics down to an understandable level, so that you can immediately begin to implement the concepts discussed.Exploring the technological and social implications of widespread biometric use, the book considers the

  19. Post-Session Authentication

    OpenAIRE

    Ahmed , Naveed; Jensen , Christian ,

    2012-01-01

    Part 1: Full Papers; International audience; Entity authentication provides confidence in the claimed identity of a peer entity, but the manner in which this goal is achieved results in different types of authentication. An important factor in this regard is the order between authentication and the execution of the associated session. In this paper, we consider the case of post-session authentication, where parties authenticate each other at the end of their interactive session. This use of a...

  20. GEOSS authentication/authorization services: a Broker-based approach

    Science.gov (United States)

    Santoro, M.; Nativi, S.

    2014-12-01

    The vision of the Global Earth Observation System of Systems (GEOSS) is the achievement of societal benefits through voluntary contribution and sharing of resources to better understand the relationships between the society and the environment where we live. The GEOSS Common Infrastructure (GCI) allows users to search, access, and use the resources contributed by the GEOSS members. The GEO DAB (Discovery and Access Broker) is the GCI component in charge of interconnecting the heterogeneous data systems contributing to GEOSS. Client applications (i.e. the portals and apps) can connect to GEO DAB as a unique entry point to discover and access resources available through GCI, with no need to implement the many service protocols and models applied by the GEOSS data providers. The GEO DAB implements the brokering approach (Nativi et al., 2013) to build a flexible and scalable System of Systems. User authentication/authorization functionality is becoming more and more important for GEOSS data providers and users. The Providers ask for information about who accessed their resources and, in some cases, want to limit the data download. The Users ask for a profiled interaction with the system based on their needs and expertise level. Besides, authentication and authorization is necessary for GEOSS to provide moderated social services - e.g. feedback messages, data "fit for use" comments, etc. In keeping with the GEOSS principles of building on existing systems and lowering entry-barriers for users, an objective of the authentication/authorization development was to support existing and well-used users' credentials (e.g. Google, Twitter, etc.). Due to the heterogeneity of technologies used by the different providers and applications, a broker-based approach for the authentication/authorization was introduced as a new functionality of GEO DAB. This new capability will be demonstrated at the next GEO XI Plenary (November 2014). This work will be presented and discussed

  1. Post-Session Authentication

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2012-01-01

    Entity authentication provides confidence in the claimed identity of a peer entity, but the manner in which this goal is achieved results in different types of authentication. An important factor in this regard is the order between authentication and the execution of the associated session....... In this paper, we consider the case of post-session authentication, where parties authenticate each other at the end of their interactive session. This use of authentication is different from session-less authentication (e.g., in RFID) and pre-session authentication (e.g., for access control.) Post......-session authentication, although a new term, is not a new concept; it is the basis of at least a few practical schemes. We, for the first time, systematically study it and present the underlying authentication model. Further, we show that an important class of problems is solvable using post-session authentication...

  2. Context-Aware Multimodal FIDO Authenticator for Sustainable IT Services

    Directory of Open Access Journals (Sweden)

    Seung-Hyun Kim

    2018-05-01

    Full Text Available Existing sustainable IT services have several problems related to user authentication such as the inefficiency of managing the system security, low security, and low usability. In this paper, we propose a Fast IDentity Online (FIDO authenticator that performs continuous authentication with implicit authentication based on user context and multimodal authentication. The proposed FIDO authenticator, a context-aware multimodal FIDO authentication (CAMFA method, combines information such as the user context, state of the mobile device, and user biometrics, then applies implicit and explicit authentication methods to meet the level of authentication required by the service provider. This reduces the user’s explicit authentication burden and continually authenticates users at risk during the session. Moreover, it is able to respond to attacks such as the theft of the authentication method or session hijacking. To study the effectiveness of CAMFA, we ran a user study by collecting data from 22 participants over 42 days of activity on a practical Android platform. The result of the user study demonstrates that the number of explicit authentication requests could be reduced by half. Based on the results of this study, an advanced user authentication that provides multimodal and continuous authentication could be applied to sustainable IT services.

  3. An Improved Timestamp-Based Password Authentication Scheme Using Smart Cards

    OpenAIRE

    Pathan, Al-Sakib Khan; Hong, Choong Seon

    2007-01-01

    With the recent proliferation of distributed systems and networking, remote authentication has become a crucial task in many networking applications. Various schemes have been proposed so far for the two-party remote authentication; however, some of them have been proved to be insecure. In this paper, we propose an efficient timestamp-based password authentication scheme using smart cards. We show various types of forgery attacks against a previously proposed timestamp-based password authenti...

  4. Medical Image Tamper Detection Based on Passive Image Authentication.

    Science.gov (United States)

    Ulutas, Guzin; Ustubioglu, Arda; Ustubioglu, Beste; V Nabiyev, Vasif; Ulutas, Mustafa

    2017-12-01

    Telemedicine has gained popularity in recent years. Medical images can be transferred over the Internet to enable the telediagnosis between medical staffs and to make the patient's history accessible to medical staff from anywhere. Therefore, integrity protection of the medical image is a serious concern due to the broadcast nature of the Internet. Some watermarking techniques are proposed to control the integrity of medical images. However, they require embedding of extra information (watermark) into image before transmission. It decreases visual quality of the medical image and can cause false diagnosis. The proposed method uses passive image authentication mechanism to detect the tampered regions on medical images. Structural texture information is obtained from the medical image by using local binary pattern rotation invariant (LBPROT) to make the keypoint extraction techniques more successful. Keypoints on the texture image are obtained with scale invariant feature transform (SIFT). Tampered regions are detected by the method by matching the keypoints. The method improves the keypoint-based passive image authentication mechanism (they do not detect tampering when the smooth region is used for covering an object) by using LBPROT before keypoint extraction because smooth regions also have texture information. Experimental results show that the method detects tampered regions on the medical images even if the forged image has undergone some attacks (Gaussian blurring/additive white Gaussian noise) or the forged regions are scaled/rotated before pasting.

  5. A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

    Science.gov (United States)

    Lee, Tian-Fu; Liu, Chuan-Ming

    2013-06-01

    A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

  6. A new approach to hand-based authentication

    Science.gov (United States)

    Amayeh, G.; Bebis, G.; Erol, A.; Nicolescu, M.

    2007-04-01

    Hand-based authentication is a key biometric technology with a wide range of potential applications both in industry and government. Traditionally, hand-based authentication is performed by extracting information from the whole hand. To account for hand and finger motion, guidance pegs are employed to fix the position and orientation of the hand. In this paper, we consider a component-based approach to hand-based verification. Our objective is to investigate the discrimination power of different parts of the hand in order to develop a simpler, faster, and possibly more accurate and robust verification system. Specifically, we propose a new approach which decomposes the hand in different regions, corresponding to the fingers and the back of the palm, and performs verification using information from certain parts of the hand only. Our approach operates on 2D images acquired by placing the hand on a flat lighting table. Using a part-based representation of the hand allows the system to compensate for hand and finger motion without using any guidance pegs. To decompose the hand in different regions, we use a robust methodology based on morphological operators which does not require detecting any landmark points on the hand. To capture the geometry of the back of the palm and the fingers in suffcient detail, we employ high-order Zernike moments which are computed using an effcient methodology. The proposed approach has been evaluated on a database of 100 subjects with 10 images per subject, illustrating promising performance. Comparisons with related approaches using the whole hand for verification illustrate the superiority of the proposed approach. Moreover, qualitative comparisons with state-of-the-art approaches indicate that the proposed approach has comparable or better performance.

  7. Research on user behavior authentication model based on stochastic Petri nets

    Science.gov (United States)

    Zhang, Chengyuan; Xu, Haishui

    2017-08-01

    A behavioural authentication model based on stochastic Petri net is proposed to meet the randomness, uncertainty and concurrency characteristics of user behaviour. The use of random models in the location, changes, arc and logo to describe the characteristics of a variety of authentication and game relationships, so as to effectively implement the graphical user behaviour authentication model analysis method, according to the corresponding proof to verify the model is valuable.

  8. Anonymous Authentication for Smartcards

    Directory of Open Access Journals (Sweden)

    J. Hajny

    2010-06-01

    Full Text Available The paper presents an innovative solution in the field of RFID (Radio-Frequency IDentification smartcard authentication. Currently the smartcards are used for many purposes - e.g. employee identification, library cards, student cards or even identity credentials. Personal identity is revealed to untrustworthy entities every time we use these cards. Such information could later be used without our knowledge and for harmful reasons like shopping pattern scanning or even movement tracking. We present a communication scheme for keeping one’s identity private in this paper. Although our system provides anonymity, it does not allow users to abuse this feature. The system is based on strong cryptographic primitives that provide features never available before. Besides theoretical design of the anonymous authentication scheme and its analysis we also provide implementation results.

  9. A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks.

    Science.gov (United States)

    Chen, Huifang; Ge, Linlin; Xie, Lei

    2015-07-14

    The feature of non-infrastructure support in a wireless ad hoc network (WANET) makes it suffer from various attacks. Moreover, user authentication is the first safety barrier in a network. A mutual trust is achieved by a protocol which enables communicating parties to authenticate each other at the same time and to exchange session keys. For the resource-constrained WANET, an efficient and lightweight user authentication scheme is necessary. In this paper, we propose a user authentication scheme based on the self-certified public key system and elliptic curves cryptography for a WANET. Using the proposed scheme, an efficient two-way user authentication and secure session key agreement can be achieved. Security analysis shows that our proposed scheme is resilient to common known attacks. In addition, the performance analysis shows that our proposed scheme performs similar or better compared with some existing user authentication schemes.

  10. Quantum authentication based on the randomness of measurement bases in BB84

    International Nuclear Information System (INIS)

    Dang Minh Dung; Bellot, P.; Alleaume, R.

    2005-01-01

    Full text: The establishment of a secret key between two legitimate end points of a communication link, let us name them Alice and Bob, using Quantum key distribution (QKD) is unconditionally secure thanks to Quantum Physics laws.However, the various QKD protocols do not intend to provide the authentication of the end points: Alice cannot be sure that she is communicating with Bob and reciprocally. Therefore, these protocols are subjects to various attacks. The most obvious attack is the man-in-the-middle attack in which an eavesdropper, let us name her Eve, stands in the middle of the communication link. Alice communicates with Eve meanwhile she thinks she communicate with Bob. And Bob communicates with Eve meanwhile he thinks he is communicating with Alice. Eve, acting as a relay, can read all the communications between Alice and Bob and retransmit them. To prevent this kind of attack, the solution is to authenticate the two end points of the communication link. One solution is that Alice and Bob share an authentication key prior to the communication. In order to improve the security, Alice and Bob must share a set of authentication one-time keys. One-time key means that the key has to be used only once because each time a key is used, the eavesdropper Eve can gain a few information on the key. Re-using the same key many times would finally reveal the key to Eve. However, Eve can simulate many times the authentication process with Alice. Each time Eve simulates the authentication process, one of the pre-positioned keys is depleted leading to the exhaustion of the set of pre-positioned keys. This type of attack is named Denial of Service attack. In this work, we propose to use the randomness of the measurement bases in BB84 to build an authentication scheme based on the existence of a prepositioned authentication key. This authentication scheme can be used with BB84 but also with any other Quantum Key Distribution protocols. It is protected against the Denial of

  11. A privacy authentication scheme based on cloud for medical environment.

    Science.gov (United States)

    Chen, Chin-Ling; Yang, Tsai-Tung; Chiang, Mao-Lun; Shih, Tzay-Farn

    2014-11-01

    With the rapid development of the information technology, the health care technologies already became matured. Such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concerning issue. In spite of many literatures discussed about medical systems, these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a privacy authentication scheme based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples to use medical resources on the cloud environment to find medical advice conveniently. The digital signature is used to ensure the security of the medical information that is certified by the medical department in our proposed scheme.

  12. Monstrous (InAuthenticity: Text and Identity in Peter Carey’s My Life as a Fake

    Directory of Open Access Journals (Sweden)

    Nataša Kampmark

    2013-12-01

    Full Text Available Taking (inauthenticity as his subject and intertextuality as the structuring principle, Peter Carey brings together Australian literary and social history, literary theory and a self-reflexive probe into the issues of identity, authenticity and cultural insecurity of a postcolonial society. The novel is interpreted as an allegorical account of national history and an allegorical narrative on the theoretical matters of originality and authorship.Keywords: Carey, identity, (inauthenticity, intertextuality, text, postcolonialism. The most well-known Australian author today, Peter Carey, has more than once found inspiration for his novels in already existing texts of British and Australian cultures. The most notable examples are his sixth novel titled Jack Maggs, his seventh novel titled True History of the Kelly Gang and the one explored in this paper, his eighth novel titled My Life as a Fake. Carey’s Jack Maggs (1997 retells the story of Dickens’ Great Expectations and in a postcolonial fashion of re-writing imperial texts gives voice to the previously marginalised point of view so that the story is told from the perspective of the runaway convict, Magwitch. The Booker Prize winning True History of the Kelly Gang (2001 is inspired by the so-called “Jerilderie letter,” which was written by Australia’s most famous outlaw, Ned Kelly, after a bank robbery in 1879. The fifty-six page long original letter is expanded in Carey’s version into thirteen parcels which actually make up this epistolary novel. My Life as a Fake (2003 is a roman a clef based on the literary hoax which took place in Melbourne in 1944 and assumed an Ossianic significance in the Australian literary establishment. Wishing to explore the depths of degradation which, in their opinion, Australian modernist poetry had reached, two young disgruntled poets, Harold Stewart and James McAuley, conjured up a fictitious poet, Ern Malley, a mechanic and the author of The Darkening

  13. Cipher block based authentication module: A hardware design perspective

    NARCIS (Netherlands)

    Michail, H.E.; Schinianakis, D.; Goutis, C.E.; Kakarountas, A.P.; Selimis, G.

    2011-01-01

    Message Authentication Codes (MACs) are widely used in order to authenticate data packets, which are transmitted thought networks. Typically MACs are implemented using modules like hash functions and in conjunction with encryption algorithms (like Block Ciphers), which are used to encrypt the

  14. Authenticating Sexual Diversity in School: Examining Sociolinguistic Constructions of Young People's Sexual Identities

    Science.gov (United States)

    Sauntson, Helen

    2016-01-01

    Recent research into sexuality and education shows that homophobia is particularly prevalent and problematic in schools. However, little of this work has drawn on linguistic frameworks. This article uses the tactics of intersubjectivity framework to examine how a group of LGB-identified young people understand their sexuality identities in…

  15. Children's Gender Identity Development: The Dynamic Negotiation Process between Conformity and Authenticity

    Science.gov (United States)

    Brinkman, Britney G; Rabenstein, Kelly L.; Rosén, Lee A.; Zimmerman, Toni S.

    2014-01-01

    In the current study, 45 girls and 41 boys participated in focus groups following a program designed to teach them about social justice. The children articulated the discrepancy between their own gender identity and gender role stereotypes and discussed potential problems with conforming to gender role expectations as well as consequences of…

  16. Study on a Biometric Authentication Model based on ECG using a Fuzzy Neural Network

    Science.gov (United States)

    Kim, Ho J.; Lim, Joon S.

    2018-03-01

    Traditional authentication methods use numbers or graphic passwords and thus involve the risk of loss or theft. Various studies are underway regarding biometric authentication because it uses the unique biometric data of a human being. Biometric authentication technology using ECG from biometric data involves signals that record electrical stimuli from the heart. It is difficult to manipulate and is advantageous in that it enables unrestrained measurements from sensors that are attached to the skin. This study is on biometric authentication methods using the neural network with weighted fuzzy membership functions (NEWFM). In the biometric authentication process, normalization and the ensemble average is applied during preprocessing, characteristics are extracted using Haar-wavelets, and a registration process called “training” is performed in the fuzzy neural network. In the experiment, biometric authentication was performed on 73 subjects in the Physionet Database. 10-40 ECG waveforms were tested for use in the registration process, and 15 ECG waveforms were deemed the appropriate number for registering ECG waveforms. 1 ECG waveforms were used during the authentication stage to conduct the biometric authentication test. Upon testing the proposed biometric authentication method based on 73 subjects from the Physionet Database, the TAR was 98.32% and FAR was 5.84%.

  17. Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

    Science.gov (United States)

    An, Younghwa

    2012-01-01

    Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  18. Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

    Directory of Open Access Journals (Sweden)

    Younghwa An

    2012-01-01

    Full Text Available Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  19. Strengthening Authentication

    Science.gov (United States)

    Gale, Doug

    2007-01-01

    The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

  20. Electronic Voting Protocol Using Identity-Based Cryptography

    Directory of Open Access Journals (Sweden)

    Gina Gallegos-Garcia

    2015-01-01

    Full Text Available Electronic voting protocols proposed to date meet their properties based on Public Key Cryptography (PKC, which offers high flexibility through key agreement protocols and authentication mechanisms. However, when PKC is used, it is necessary to implement Certification Authority (CA to provide certificates which bind public keys to entities and enable verification of such public key bindings. Consequently, the components of the protocol increase notably. An alternative is to use Identity-Based Encryption (IBE. With this kind of cryptography, it is possible to have all the benefits offered by PKC, without neither the need of certificates nor all the core components of a Public Key Infrastructure (PKI. Considering the aforementioned, in this paper we propose an electronic voting protocol, which meets the privacy and robustness properties by using bilinear maps.

  1. Electronic Voting Protocol Using Identity-Based Cryptography.

    Science.gov (United States)

    Gallegos-Garcia, Gina; Tapia-Recillas, Horacio

    2015-01-01

    Electronic voting protocols proposed to date meet their properties based on Public Key Cryptography (PKC), which offers high flexibility through key agreement protocols and authentication mechanisms. However, when PKC is used, it is necessary to implement Certification Authority (CA) to provide certificates which bind public keys to entities and enable verification of such public key bindings. Consequently, the components of the protocol increase notably. An alternative is to use Identity-Based Encryption (IBE). With this kind of cryptography, it is possible to have all the benefits offered by PKC, without neither the need of certificates nor all the core components of a Public Key Infrastructure (PKI). Considering the aforementioned, in this paper we propose an electronic voting protocol, which meets the privacy and robustness properties by using bilinear maps.

  2. an improved map based graphical android authentication system

    African Journals Online (AJOL)

    Ahmad et al.

    was designed on mobile android devices, but it did not provide a large choice or multiple ... password authentication system android application devices. The system adds the ..... Password, Computer Science Thesis.Paper 2.Pg 5-18. 27.

  3. Applicability of DNA-based methods for food authentication

    OpenAIRE

    Mafra, Isabel; Amaral, J.S.; Costa, Joana; Soares, Sónia; Oliveira, M.B.P.P.

    2014-01-01

    Authenticity evaluation of foods encompasses many issues, including the entire or partial fraudulent substitution of higher commercial value constituents by others with lower value and the presence of undeclared ingredients. To address the referred food authenticity problems, several! Analytical methodologies have been developed at REQ.UIMTE during the last years. Due to its fastness, sensitivity and high specificity, the application of molecular biology techniques has proved to be an effe...

  4. A novel image authentication scheme based on hyper-chaotic cell neural network

    International Nuclear Information System (INIS)

    Gao Tiegang; Gu Qiaolun; Emmanuel, Sabu

    2009-01-01

    This paper presents a new image authentication scheme based on cell neural network with hyper-chaos characteristics (HCCNN). In the scheme, the authentication code, which is used as secret key and the pixel values of image are used for the input of HCCNN. The secret information that HCCNN produces is transmitted to the receiving end through secret channel. The receiver can then use the received secret information to authenticate the suspect image by comparing the original authentication code with that calculated from the suspect image. Simulations show that the suggested image authentication algorithm has the advantages of large key space and high security, and moreover, it can detect and locate the position of any slightly tampered parts of a suspect image.

  5. A Rhythm-Based Authentication Scheme for Smart Media Devices

    Directory of Open Access Journals (Sweden)

    Jae Dong Lee

    2014-01-01

    Full Text Available In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users’ convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

  6. A rhythm-based authentication scheme for smart media devices.

    Science.gov (United States)

    Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk

    2014-01-01

    In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

  7. Hash-chain-based authentication for IoT

    Directory of Open Access Journals (Sweden)

    Antonio PINTO

    2016-12-01

    Full Text Available The number of everyday interconnected devices continues to increase and constitute the Internet of Things (IoT. Things are small computers equipped with sensors and wireless communications capabilities that are driven by energy constraints, since they use batteries and may be required to operate over long periods of time. The majority of these devices perform data collection. The collected data is stored on-line using web-services that, sometimes, operate without any special considerations regarding security and privacy. The current work proposes a modified hash-chain authentication mechanism that, with the help of a smartphone, can authenticate each interaction of the devices with a REST web-service using One Time Passwords (OTP while using open wireless networks. Moreover, the proposed authentication mechanism adheres to the stateless, HTTP-like behavior expected of REST web-services, even allowing the caching of server authentication replies within a predefined time window. No other known web-service authentication mechanism operates in such manner.

  8. Authenticating Children's Literature: Raising Cultural Awareness with an Inquiry-Based Project in a Teacher Education Course

    Science.gov (United States)

    Smith, Jane; Wiese, Patricia

    2006-01-01

    This article discusses the importance of authentic picture-storybook adaptations of multicultural folktales and describes an action research project through which a children's picture-book adaptation of a traditional tale can be authenticated using an inquiry-based process. In addition to modeling an actual authentication project using "The Golden…

  9. Diffie-Hellman Key Based Authentication in Proxy Mobile IPv6

    Directory of Open Access Journals (Sweden)

    HyunGon Kim

    2010-01-01

    Full Text Available Wireless communication service providers have been showing strong interest in Proxy Mobile IPv6 for providing network-based IP mobility management. This could be a prominent way to support IP mobility to mobile nodes, because Proxy Mobile IPv6 requires minimal functionalities on the mobile node. While several extensions for Proxy Mobile IPv6 are being developed in the Internet Engineering Task Force, there has been little attentions paid to developing efficient authentication mechanisms. An authentication scheme for a mobility protocol must protect signaling messages against various security threats, e.g., session stealing attack, intercept attack by redirection, replay attack, and key exposure, while minimizing authentication latency. In this paper, we propose a Diffie-Hellman key based authentication scheme that utilizes the low layer signaling to exchange Diffie-Hellman variables and allows mobility service provisioning entities to exchange mobile node's profile and ongoing sessions securely. By utilizing the low layer signaling and context transfer between relevant nodes, the proposed authentication scheme minimizes authentication latency when the mobile node moves across different networks. In addition, thanks to the use of the Diffie-Hellman key agreement, pre-established security associations between mobility service provisioning entities are not required in the proposed authentication scheme so that network scalability in an operationally efficient manner is ensured. To ascertain its feasibility, security analysis and performance analysis are presented.

  10. Robust Speaker Authentication Based on Combined Speech and Voiceprint Recognition

    Science.gov (United States)

    Malcangi, Mario

    2009-08-01

    Personal authentication is becoming increasingly important in many applications that have to protect proprietary data. Passwords and personal identification numbers (PINs) prove not to be robust enough to ensure that unauthorized people do not use them. Biometric authentication technology may offer a secure, convenient, accurate solution but sometimes fails due to its intrinsically fuzzy nature. This research aims to demonstrate that combining two basic speech processing methods, voiceprint identification and speech recognition, can provide a very high degree of robustness, especially if fuzzy decision logic is used.

  11. Prototype Centralized Managing Permissions System Based on the Election Multibiometric Authentication

    Directory of Open Access Journals (Sweden)

    Alexey Nikolaevich Ruchay

    2013-02-01

    Full Text Available This work aims to develop a prototype system of centralized managing permissions based on the election multibiometric authentication. The novelty of this work is to develop the principles of distinction and multi-factor authentication, because at the moment there is no such development. Depending on various conditions and factors, including the availability of electronic means and convenience, resistance to attacks and exploits, disease or injury of users the biometric authentication can be selected on the basis of any such biometrics as rhythm password, voice, dynamic signatures and graphics recognition.

  12. An efficient entire chaos-based scheme for deniable authentication

    International Nuclear Information System (INIS)

    Xiao Di; Liao Xiaofeng; Wong, K.W.

    2005-01-01

    By using a chaotic encryption-hash parallel algorithm and the semi-group property of Chebyshev chaotic map, we propose a secure and efficient scheme for the deniable authentication. The scheme is efficient, practicable and reliable, with high potential to be adopted for e-commerce

  13. A Feminist Theory of Psychotherapy Based on Authenticity.

    Science.gov (United States)

    Brody, Claire M.

    In a "direct" approach to psychotherapy, the therapist generally uses herself as a model and communicates her own values, thereby influencing the gender roles of her clients, particularly her female clients. In this approach, the therapist is seen as more authentic by the client, especially by clients from diverse cultural and social backgrounds.…

  14. An efficient entire chaos-based scheme for deniable authentication

    Energy Technology Data Exchange (ETDEWEB)

    Xiao Di [College of Computer Science and Engineering, Chongqing University, Chongqing, 400044 (China) and College of Mechanical Engineering, Chongqing University, Chongqing, 400044 (China)]. E-mail: xiaodi_cqu@hotmail.com; Liao Xiaofeng [College of Computer Science and Engineering, Chongqing University, Chongqing, 400044 (China); Wong, K.W. [Department of Computer Engineering and Information Technology, City University of Hong Kong, Hong Kong (China)

    2005-02-01

    By using a chaotic encryption-hash parallel algorithm and the semi-group property of Chebyshev chaotic map, we propose a secure and efficient scheme for the deniable authentication. The scheme is efficient, practicable and reliable, with high potential to be adopted for e-commerce.

  15. The ABC of ABC : An analysis of attribute-based credentials in the light of data protection, privacy and identity.

    NARCIS (Netherlands)

    Korenhof, P.E.I.; Koning, Merel; Alpár, Gergely; Hoepman, J.H.; Padullés, Joan Balcells; i Martínez, Agustí Cerrillo; Poch, Miquel Peguera; López, Ismael Peña; de Moner, María José Pifarré; Solana, Mònica Vilasau

    2014-01-01

    Our networked society increasingly needs secure identity sys- tems. The Attribute-based credential (ABC) technology is designed to be privacy-friendlier than contemporary authentication methods, which often suffer from information leakage. So far, however, some of the wider implications of ABC have

  16. An enhanced dynamic ID-based authentication scheme for telecare medical information systems

    Directory of Open Access Journals (Sweden)

    Ankita Chaturvedi

    2017-01-01

    Full Text Available The authentication schemes for telecare medical information systems (TMIS try to ensure secure and authorized access. ID-based authentication schemes address secure communication, but privacy is not properly addressed. In recent times, dynamic ID-based remote user authentication schemes for TMIS have been presented to protect user’s privacy. The dynamic ID-based authentication schemes efficiently protect the user’s privacy. Unfortunately, most of the existing dynamic ID-based authentication schemes for TMIS ignore the input verifying condition. This makes login and password change phases inefficient. Inefficiency of the password change phase may lead to denial of service attack in the case of incorrect input in the password change phase. To overcome these weaknesses, we proposed a new dynamic ID-based authentication scheme using a smart card. The proposed scheme can quickly detect incorrect inputs which makes the login and password change phase efficient. We adopt the approach with the aim to protect privacy, and efficient login and password change phases. The proposed scheme also resists off-line password guessing attack and denial of service attack. We also demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham logic. In addition, our scheme is comparable in terms of the communication and computational overheads with relevant schemes for TMIS.

  17. Faculty Perceptions Regarding Authentication of Online Students' Identities and Academic Dishonesty

    Science.gov (United States)

    McMillan, Stephanie Renee

    2012-01-01

    This study explored undergraduate teaching faculty's perceptions regarding using biometric-based technologies to reduce academic dishonesty in online classes. The first objective was to develop a baseline of the respondents' concerns toward and experience with using biometrics; attitudes, experience, and mitigation strategies used to…

  18. Efficient biometric authenticated key agreements based on extended chaotic maps for telecare medicine information systems.

    Science.gov (United States)

    Lou, Der-Chyuan; Lee, Tian-Fu; Lin, Tsung-Hung

    2015-05-01

    Authenticated key agreements for telecare medicine information systems provide patients, doctors, nurses and health visitors with accessing medical information systems and getting remote services efficiently and conveniently through an open network. In order to have higher security, many authenticated key agreement schemes appended biometric keys to realize identification except for using passwords and smartcards. Due to too many transmissions and computational costs, these authenticated key agreement schemes are inefficient in communication and computation. This investigation develops two secure and efficient authenticated key agreement schemes for telecare medicine information systems by using biometric key and extended chaotic maps. One scheme is synchronization-based, while the other nonce-based. Compared to related approaches, the proposed schemes not only retain the same security properties with previous schemes, but also provide users with privacy protection and have fewer transmissions and lower computational cost.

  19. Authentication Using Mobile Phones

    OpenAIRE

    Fusek, Z.

    2015-01-01

    This project deals with authentication by a mobile device. The mobile device with the operating system Android 5.0 was chosen as authentication device. The user can perform authentication with emulation of contactless chip cards by using Host-based Card Emulation, which runs via Near Field Communication, where cryptographic keys are stored in a secure environment KeyStore. The project continues with implementation of authentication via Bluetooth LE and describes application for authentization...

  20. An Anonymous Access Authentication Scheme Based on Proxy Ring Signature for CPS-WMNs

    Directory of Open Access Journals (Sweden)

    Tianhan Gao

    2017-01-01

    Full Text Available Access security and privacy have become a bottleneck for the popularization of future Cyber-Physical System (CPS networks. Furthermore, users’ need for privacy-preserved access during movement procedure is more urgent. To address the anonymous access authentication issue for CPS Wireless Mesh Network (CPS-WMN, a novel anonymous access authentication scheme based on proxy ring signature is proposed. A hierarchical authentication architecture is presented first. The scheme is then achieved from the aspect of intergroup and intragroup anonymous mutual authentication through proxy ring signature mechanism and certificateless signature mechanism, respectively. We present a formal security proof of the proposed protocol with SVO logic. The simulation and performance analysis demonstrate that the proposed scheme owns higher efficiency and adaptability than the typical one.

  1. Design of High-Security USB Flash Drives Based on Chaos Authentication

    Directory of Open Access Journals (Sweden)

    Teh-Lu Liao

    2018-05-01

    Full Text Available This paper aims to propose a novel design of high-security USB flash drives with the chaos authentication. A chaos authentication approach with the non-linear encryption and decryption function design is newly proposed and realized based on the controller design of chaos synchronization. To complete the design of high-security USB flash drives, first, we introduce six parameters into the original Henon map to adjust and obtain richer chaotic state responses. Then a discrete sliding mode scheme is proposed to solve the synchronization problem of discrete hyperchaotic Henon maps. The proposed sliding mode controller can ensure the synchronization of the master-slave Henon maps. The selection of the switching surface and the existence of the sliding motion are also addressed. Finally, the obtained results are applied to design a new high-security USB flash drive with chaos authentication. We built discrete hyperchaotic Henon maps in the smartphone (master and microcontroller (slave, respectively. The Bluetooth module is used to communicate between the master and the slave to achieve chaos synchronization such that the same random and dynamical chaos signal can be simultaneously obtained at both the USB flash drive and smartphone, and pass the chaos authentication. When users need to access data in the flash drive, they can easily enable the encryption APP in the smartphone (master for chaos authentication. After completing the chaos synchronization and authentication, the ARM-based microcontroller allows the computer to access the data in the high-security USB flash drive.

  2. A New Quantum Secure Direct Communication Scheme with Authentication

    International Nuclear Information System (INIS)

    Dan, Liu; Chang-Xing, Pei; Dong-Xiao, Quan; Nan, Zhao

    2010-01-01

    A new quantum secure direct communication (QSDC) scheme with authentication is proposed based on polarized photons and EPR pairs. EPR pairs are used to transmit information, while polarized photons are used to detect Eve and their encoding bases are used to transmit authentication information. Alice and Bob have their own identity number which is shared by legal users only. The identity number is encoded on the bases of polarized photons and distilled if there is no Eve. Compared with other QSDC schemes with authentication, this new scheme is considerably easier and less expensive to implement in a practical setting

  3. A New QKD Protocol Based upon Authentication by EPR Entanglement State

    Science.gov (United States)

    Abushgra, Abdulbast A.

    inability to provide the authentication between the end users during the quantum and classical channels. The proposed QKD protocol was designed to utilize some advantages of quantum physics as well as solid functions that are used in the classical cryptography. The authentication is a requirement during different communication channels, where both legitimate parties must confirm their identities before starting to submit data (plain-text). Moreover, the protocol uses most needed scenarios to finish the communication without leaking important data. These scenarios have been approved in existing QKD protocols either by classical or quantum systems. The matrix techniques also are used as a part of the preparation of the authentication key, where the end users communicate by an EPR (related to Einstein, Podolsky, and Rosen theory in 1935 ) channel. The EPR channel will be supported by an entanglement of particles. If the EPR communication succeeded, transferring the converted plain-text is required. Finally, both end users will have an authenticated secret key, and the submission will be done without any interruption.

  4. An SDN-Based Authentication Mechanism for Securing Neighbor Discovery Protocol in IPv6

    Directory of Open Access Journals (Sweden)

    Yiqin Lu

    2017-01-01

    Full Text Available The Neighbor Discovery Protocol (NDP is one of the main protocols in the Internet Protocol version 6 (IPv6 suite, and it provides many basic functions for the normal operation of IPv6 in a local area network (LAN, such as address autoconfiguration and address resolution. However, it has many vulnerabilities that can be used by malicious nodes to launch attacks, because the NDP messages are easily spoofed without protection. Surrounding this problem, many solutions have been proposed for securing NDP, but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes, which is inevitable in the traditional distributed networks. Nevertheless, Software-Defined Networking (SDN provides a new perspective to think about protecting NDP. In this paper, we proposed an SDN-based authentication mechanism to verify the identity of NDP packets transmitted in a LAN. Using the centralized control and programmability of SDN, it can effectively prevent the spoofing attacks and other derived attacks based on spoofing. In addition, this mechanism needs no additional protocol supporting or configuration at hosts and routers and does not introduce any dedicated devices.

  5. A Novel GMM-Based Behavioral Modeling Approach for Smartwatch-Based Driver Authentication.

    Science.gov (United States)

    Yang, Ching-Han; Chang, Chin-Chun; Liang, Deron

    2018-03-28

    All drivers have their own distinct driving habits, and usually hold and operate the steering wheel differently in different driving scenarios. In this study, we proposed a novel Gaussian mixture model (GMM)-based method that can improve the traditional GMM in modeling driving behavior. This new method can be applied to build a better driver authentication system based on the accelerometer and orientation sensor of a smartwatch. To demonstrate the feasibility of the proposed method, we created an experimental system that analyzes driving behavior using the built-in sensors of a smartwatch. The experimental results for driver authentication-an equal error rate (EER) of 4.62% in the simulated environment and an EER of 7.86% in the real-traffic environment-confirm the feasibility of this approach.

  6. An Authentication Protocol for Mobile IPTV Users Based on an RFID-USB Convergence Technique

    Science.gov (United States)

    Jeong, Yoon-Su; Kim, Yong-Tae

    With the growing trend towards convergence in broadcast and communications media, Internet Protocol television (IPTV) that delivers real-time multimedia content over diverse types of communications networks (e.g., broadband Internet, cable TV, and satellite TV) has become a mainstream technology. Authenticating mobile IPTV subscribers who are continuously on the move is a challenge. A complex authentication process often impairs conditional access security or service quality as increasing illegal users and delaying service. This paper proposes an RFID-USB authentication protocol, for mobile IPTV users, combined with USIM-based personalized authentication and lightweight authentication that utilizes the RFID-USB technology with an implanted agent module (called an "agent tag") which temporarily enhanced user status information. The proposed authentication protocol adopts a plug-and-play security agent module that is placed in both an RFID tag and an RFID-USB. The implanted security agents cooperate in such a way that multiple RFID tags are connected seamlessly to an RFID-USB.

  7. A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

    Directory of Open Access Journals (Sweden)

    Ruhul Amin

    2017-01-01

    Full Text Available The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (password and smart-card user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers password change facility to the authorized user.

  8. An EEG-Based Person Authentication System with Open-Set Capability Combining Eye Blinking Signals.

    Science.gov (United States)

    Wu, Qunjian; Zeng, Ying; Zhang, Chi; Tong, Li; Yan, Bin

    2018-01-24

    The electroencephalogram (EEG) signal represents a subject's specific brain activity patterns and is considered as an ideal biometric given its superior forgery prevention. However, the accuracy and stability of the current EEG-based person authentication systems are still unsatisfactory in practical application. In this paper, a multi-task EEG-based person authentication system combining eye blinking is proposed, which can achieve high precision and robustness. Firstly, we design a novel EEG-based biometric evoked paradigm using self- or non-self-face rapid serial visual presentation (RSVP). The designed paradigm could obtain a distinct and stable biometric trait from EEG with a lower time cost. Secondly, the event-related potential (ERP) features and morphological features are extracted from EEG signals and eye blinking signals, respectively. Thirdly, convolutional neural network and back propagation neural network are severally designed to gain the score estimation of EEG features and eye blinking features. Finally, a score fusion technology based on least square method is proposed to get the final estimation score. The performance of multi-task authentication system is improved significantly compared to the system using EEG only, with an increasing average accuracy from 92.4% to 97.6%. Moreover, open-set authentication tests for additional imposters and permanence tests for users are conducted to simulate the practical scenarios, which have never been employed in previous EEG-based person authentication systems. A mean false accepted rate (FAR) of 3.90% and a mean false rejected rate (FRR) of 3.87% are accomplished in open-set authentication tests and permanence tests, respectively, which illustrate the open-set authentication and permanence capability of our systems.

  9. A robust anonymous biometric-based remote user authentication scheme using smart cards

    Directory of Open Access Journals (Sweden)

    Ashok Kumar Das

    2015-04-01

    Full Text Available Several biometric-based remote user authentication schemes using smart cards have been proposed in the literature in order to improve the security weaknesses in user authentication system. In 2012, An proposed an enhanced biometric-based remote user authentication scheme using smart cards. It was claimed that the proposed scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. In this paper, we first analyze the security of An’s scheme and we show that this scheme has three serious security flaws in the design of the scheme: (i flaw in user’s biometric verification during the login phase, (ii flaw in user’s password verification during the login and authentication phases, and (iii flaw in user’s password change locally at any time by the user. Due to these security flaws, An’s scheme cannot support mutual authentication between the user and the server. Further, we show that An’s scheme cannot prevent insider attack. In order to remedy the security weaknesses found in An’s scheme, we propose a new robust and secure anonymous biometric-based remote user authentication scheme using smart cards. Through the informal and formal security analysis, we show that our scheme is secure against all possible known attacks including the attacks found in An’s scheme. The simulation results of our scheme using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool ensure that our scheme is secure against passive and active attacks. In addition, our scheme is also comparable in terms of the communication and computational overheads with An’s scheme and other related existing schemes. As a result, our scheme is more appropriate for practical applications compared to other approaches.

  10. Intersubject Differences in False Nonmatch Rates for a Fingerprint-Based Authentication System

    Directory of Open Access Journals (Sweden)

    Jeroen Breebaart

    2009-01-01

    Full Text Available The intersubject dependencies of false nonmatch rates were investigated for a minutiae-based biometric authentication process using single enrollment and verification measurements. A large number of genuine comparison scores were subjected to statistical inference tests that indicated that the number of false nonmatches depends on the subject and finger under test. This result was also observed if subjects associated with failures to enroll were excluded from the test set. The majority of the population (about 90% showed a false nonmatch rate that was considerably smaller than the average false nonmatch rate of the complete population. The remaining 10% could be characterized as “goats” due to their relatively high probability for a false nonmatch. The image quality reported by the template extraction module only weakly correlated with the genuine comparison scores. When multiple verification attempts were investigated, only a limited benefit was observed for “goats,” since the conditional probability for a false nonmatch given earlier nonsuccessful attempts increased with the number of attempts. These observations suggest that (1 there is a need for improved identification of “goats” during enrollment (e.g., using dedicated signal-driven analysis and classification methods and/or the use of multiple enrollment images and (2 there should be alternative means for identity verification in the biometric system under test in case of two subsequent false nonmatches.

  11. Resource optimized TTSH-URA for multimedia stream authentication in swallowable-capsule-based wireless body sensor networks.

    Science.gov (United States)

    Wang, Wei; Wang, Chunqiu; Zhao, Min

    2014-03-01

    To ease the burdens on the hospitalization capacity, an emerging swallowable-capsule technology has evolved to serve as a remote gastrointestinal (GI) disease examination technique with the aid of the wireless body sensor network (WBSN). Secure multimedia transmission in such a swallowable-capsule-based WBSN faces critical challenges including energy efficiency and content quality guarantee. In this paper, we propose a joint resource allocation and stream authentication scheme to maintain the best possible video quality while ensuring security and energy efficiency in GI-WBSNs. The contribution of this research is twofold. First, we establish a unique signature-hash (S-H) diversity approach in the authentication domain to optimize video authentication robustness and the authentication bit rate overhead over a wireless channel. Based on the full exploration of S-H authentication diversity, we propose a new two-tier signature-hash (TTSH) stream authentication scheme to improve the video quality by reducing authentication dependence overhead while protecting its integrity. Second, we propose to combine this authentication scheme with a unique S-H oriented unequal resource allocation (URA) scheme to improve the energy-distortion-authentication performance of wireless video delivery in GI-WBSN. Our analysis and simulation results demonstrate that the proposed TTSH with URA scheme achieves considerable gain in both authenticated video quality and energy efficiency.

  12. An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme

    Directory of Open Access Journals (Sweden)

    Juan Qu

    2013-01-01

    Full Text Available In recent years, several dynamic ID-based remote user authentication schemes have been proposed. In 2012, Wen and Li proposed a dynamic ID-based remote user authentication with key agreement scheme. They claimed that their scheme can resist impersonation attack and insider attack and provide anonymity for the users. However, we will show that Wen and Li's scheme cannot withstand insider attack and forward secrecy, does not provide anonymity for the users, and inefficiency for error password login. In this paper, we propose a novel ECC-based remote user authentication scheme which is immune to various known types of attack and is more secure and practical for mobile clients.

  13. Chaotic maps-based password-authenticated key agreement using smart cards

    Science.gov (United States)

    Guo, Cheng; Chang, Chin-Chen

    2013-06-01

    Password-based authenticated key agreement using smart cards has been widely and intensively researched. Inspired by the semi-group property of Chebyshev maps and key agreement protocols based on chaotic maps, we proposed a novel chaotic maps-based password-authenticated key agreement protocol with smart cards. In our protocol, we avoid modular exponential computing or scalar multiplication on elliptic curve used in traditional authenticated key agreement protocols using smart cards. Our analysis shows that our protocol has comprehensive characteristics and can withstand attacks, including the insider attack, replay attack, and others, satisfying essential security requirements. Performance analysis shows that our protocol can refrain from consuming modular exponential computing and scalar multiplication on an elliptic curve. The computational cost of our protocol compared with related protocols is acceptable.

  14. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks.

    Science.gov (United States)

    Peter, Steffen; Reddy, Bhanu Pratap; Momtaz, Farshad; Givargis, Tony

    2016-04-22

    Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

  15. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks

    Science.gov (United States)

    Peter, Steffen; Pratap Reddy, Bhanu; Momtaz, Farshad; Givargis, Tony

    2016-01-01

    Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system. PMID:27110785

  16. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks

    Directory of Open Access Journals (Sweden)

    Steffen Peter

    2016-04-01

    Full Text Available Body area sensor networks (BANs utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

  17. Improved chaotic maps-based password-authenticated key agreement using smart cards

    Science.gov (United States)

    Lin, Han-Yu

    2015-02-01

    Elaborating on the security of password-based authenticated key agreement, in this paper, the author cryptanalyzes a chaotic maps-based password-authenticated key agreement proposed by Guo and Chang recently. Specifically, their protocol could not achieve strong user anonymity due to a fixed parameter and a malicious adversary is able to derive the shared session key by manipulating the property of Chebyshev chaotic maps. Additionally, the author also presents an improved scheme to eliminate the above weaknesses and still maintain the efficiency.

  18. Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.

    Directory of Open Access Journals (Sweden)

    Chengqi Wang

    Full Text Available With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

  19. A Secure ECC-based RFID Mutual Authentication Protocol to Enhance Patient Medication Safety.

    Science.gov (United States)

    Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Li, Fagen

    2016-01-01

    Patient medication safety is an important issue in patient medication systems. In order to prevent medication errors, integrating Radio Frequency Identification (RFID) technology into automated patient medication systems is required in hospitals. Based on RFID technology, such systems can provide medical evidence for patients' prescriptions and medicine doses, etc. Due to the mutual authentication between the medication server and the tag, RFID authentication scheme is the best choice for automated patient medication systems. In this paper, we present a RFID mutual authentication scheme based on elliptic curve cryptography (ECC) to enhance patient medication safety. Our scheme can achieve security requirements and overcome various attacks existing in other schemes. In addition, our scheme has better performance in terms of computational cost and communication overhead. Therefore, the proposed scheme is well suitable for patient medication systems.

  20. Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme

    Science.gov (United States)

    Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

    2016-01-01

    With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.’s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks. PMID:26866606

  1. Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.

    Science.gov (United States)

    Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

    2016-01-01

    With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

  2. The Impact of an Authentic Science Experience on STEM Identity: A Preliminary Analysis of YouthAstroNet and MicroObservatory Telescope Network Participant Data

    Science.gov (United States)

    Dussault, Mary E.; Wright, Erika A.; Sadler, Philip; Sonnert, Gerhard; ITEAMS II Team

    2018-01-01

    Encouraging students to pursue careers in science, technology, engineering, and mathematics (STEM) is a high priority for national K-12 education improvement initiatives in the United States. Many educators have claimed that a promising strategy for nurturing early student interest in STEM is to engage them in authentic inquiry experiences. “Authentic” refers to investigations in which the questions are of genuine interest and importance to students, and the inquiry more closely resembles the way real science is done. Science education researchers and practitioners at the Harvard-Smithsonian Center for Astrophysics have put this theory into action with the development of YouthAstroNet, a nationwide online learning community of middle-school aged students, educators, and STEM professionals that features the MicroObservatory Robotic Telescope Network, professional image analysis software, and complementary curricula for use in a variety of learning settings. This preliminary study examines factors that influence YouthAstroNet participants' Science Affinity, STEM Identity, and STEM Career Interest, using the matched pre/post survey results of 261 participants as the data source. The pre/post surveys included some 40 items measuring affinity, identity, knowledge, and career interest. In addition, the post intervention instrument included a number of items in which students reported the instructional strategies they experienced as part of the program. A simple analysis of pre-post changes in affinity and interest revealed very little significant change, and for those items where a small pre-post effect was observed, the average change was most often negative. However, after accounting for students' different program treatment experiences and for their prior attitudes and interests, a predictor of significant student gains in Affinity, STEM Identity, Computer/Math Identity, and STEM Career Interest could be identified. This was the degree to which students reported

  3. An optical authentication system based on imaging of excitation-selected lanthanide luminescence.

    Science.gov (United States)

    Carro-Temboury, Miguel R; Arppe, Riikka; Vosch, Tom; Sørensen, Thomas Just

    2018-01-01

    Secure data encryption relies heavily on one-way functions, and copy protection relies on features that are difficult to reproduce. We present an optical authentication system based on lanthanide luminescence from physical one-way functions or physical unclonable functions (PUFs). They cannot be reproduced and thus enable unbreakable encryption. Further, PUFs will prevent counterfeiting if tags with unique PUFs are grafted onto products. We have developed an authentication system that comprises a hardware reader, image analysis, and authentication software and physical keys that we demonstrate as an anticounterfeiting system. The physical keys are PUFs made from random patterns of taggants in polymer films on glass that can be imaged following selected excitation of particular lanthanide(III) ions doped into the individual taggants. This form of excitation-selected imaging ensures that by using at least two lanthanide(III) ion dopants, the random patterns cannot be copied, because the excitation selection will fail when using any other emitter. With the developed reader and software, the random patterns are read and digitized, which allows a digital pattern to be stored. This digital pattern or digital key can be used to authenticate the physical key in anticounterfeiting or to encrypt any message. The PUF key was produced with a staggering nominal encoding capacity of 7 3600 . Although the encoding capacity of the realized authentication system reduces to 6 × 10 104 , it is more than sufficient to completely preclude counterfeiting of products.

  4. An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Chen, Hung-Ming; Lo, Jung-Wen; Yeh, Chang-Kuo

    2012-12-01

    The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient's home. Hence, the control of access to remote medical servers' resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.'s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.'s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

  5. Social class and identity-based motivation.

    Science.gov (United States)

    Fisher, Oliver; O'Donnell, S Casey; Oyserman, Daphna

    2017-12-01

    Attainments often fall short of aspirations to lead lives of meaning, health, happiness and success. Identity-based motivation theory highlights how social class and cultural contexts affect likelihood of shortfalls: Identities influence the strategies people are willing to use to attain their goals and the meaning people make of experienced ease and difficulty. Though sensitive to experienced ease and difficulty, people are not sensitive to the sources of these experiences. Instead, people make culturally-tuned inferences about what their experiences imply for who they are and could become and what to do about it. American culture highlights personal and shadows structural causes of ease and difficulty, success and failure. As a result, people infer that class-based outcomes are deserved reflections of character. Copyright © 2017 Elsevier Ltd. All rights reserved.

  6. An evaluation of authentication methods for smartphone based on users’ preferences

    Science.gov (United States)

    Sari, P. K.; Ratnasari, G. S.; Prasetio, A.

    2016-04-01

    This study discusses about smartphone screen lock preferences using some types of authentication methods. The purpose is to determine the user behaviours based on the perceived security and convenience, as well as the preferences for different types of authentication methods. Variables used are the considerations for locking the screens and the types of authentication methods. The population consists of the smartphone users with the total samples of 400 respondents within a nonprobability sampling method. Data analysis method used is the descriptive analysis. The results showed that the convenience factor is still the major consideration for locking the smartphone screens. Majority of the users chose the pattern unlock as the most convenient method to use. Meanwhile, fingerprint unlock becomes the most secure method in the users’ perceptions and as the method chosen to be used in the future.

  7. Enhanced ID-Based Authentication Scheme Using OTP in Smart Grid AMI Environment

    Directory of Open Access Journals (Sweden)

    Sang-Soo Yeo

    2014-01-01

    Full Text Available This paper presents the vulnerabilities analyses of KL scheme which is an ID-based authentication scheme for AMI network attached SCADA in smart grid and proposes a security-enhanced authentication scheme which satisfies forward secrecy as well as security requirements introduced in KL scheme and also other existing schemes. The proposed scheme uses MDMS which is the supervising system located in an electrical company as a time-synchronizing server in order to synchronize smart devices at home and conducts authentication between smart meter and smart devices using a new secret value generated by an OTP generator every session. The proposed scheme has forward secrecy, so it increases overall security, but its communication and computation overhead reduce its performance slightly, comparing the existing schemes. Nonetheless, hardware specification and communication bandwidth of smart devices will have better conditions continuously, so the proposed scheme would be a good choice for secure AMI environment.

  8. A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

    Science.gov (United States)

    Saito, Takamichi

    Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

  9. Multi-user quantum key distribution based on Bell states with mutual authentication

    International Nuclear Information System (INIS)

    Lin Song; Huang Chuan; Liu Xiaofen

    2013-01-01

    A new multi-user quantum key distribution protocol with mutual authentication is proposed on a star network. Here, two arbitrary users are able to perform key distribution with the assistance of a semi-trusted center. Bell states are used as information carriers and transmitted in a quantum channel between the center and one user. A keyed hash function is utilized to ensure the identities of three parties. Finally, the security of this protocol with respect to various kinds of attacks is discussed. (paper)

  10. Security on Cloud Revocation Authority using Identity Based Encryption

    Science.gov (United States)

    Rajaprabha, M. N.

    2017-11-01

    As due to the era of cloud computing most of the people are saving there documents, files and other things on cloud spaces. Due to this security over the cloud is also important because all the confidential things are there on the cloud. So to overcome private key infrastructure (PKI) issues some revocable Identity Based Encryption (IBE) techniques are introduced which eliminates the demand of PKI. The technique introduced is key update cloud service provider which is having two issues in it and they are computation and communication cost is high and second one is scalability issue. So to overcome this problem we come along with the system in which the Cloud Revocation Authority (CRA) is there for the security which will only hold the secret key for each user. And the secret key was send with the help of advanced encryption standard security. The key is encrypted and send to the CRA for giving the authentication to the person who wants to share the data or files or for the communication purpose. Through that key only the other user will able to access that file and if the user apply some invalid key on the particular file than the information of that user and file is send to the administrator and administrator is having rights to block that person of black list that person to use the system services.

  11. Authentic assessment based showcase portfolio on learning of mathematical problem solving in senior high school

    Science.gov (United States)

    Sukmawati, Zuhairoh, Faihatuz

    2017-05-01

    The purpose of this research was to develop authentic assessment model based on showcase portfolio on learning of mathematical problem solving. This research used research and development Method (R & D) which consists of four stages of development that: Phase I, conducting a preliminary study. Phase II, determining the purpose of developing and preparing the initial model. Phase III, trial test of instrument for the initial draft model and the initial product. The respondents of this research are the students of SMAN 8 and SMAN 20 Makassar. The collection of data was through observation, interviews, documentation, student questionnaire, and instrument tests mathematical solving abilities. The data were analyzed with descriptive and inferential statistics. The results of this research are authentic assessment model design based on showcase portfolio which involves: 1) Steps in implementing the authentic assessment based Showcase, assessment rubric of cognitive aspects, assessment rubric of affective aspects, and assessment rubric of skill aspect. 2) The average ability of the students' problem solving which is scored by using authentic assessment based on showcase portfolio was in high category and the students' response in good category.

  12. A Selective Group Authentication Scheme for IoT-Based Medical Information System.

    Science.gov (United States)

    Park, YoHan; Park, YoungHo

    2017-04-01

    The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir's threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

  13. An advanced mutual-authentication algorithm using 3DES for smart card systems

    CSIR Research Space (South Africa)

    Tsague, HD

    2012-11-01

    Full Text Available One of the most commonly used two-factor user authentication mechanisms nowadays is based on smart card and personal identity number or password. A scheme of this type is usually known as, a smart card based password authentication. The core feature...

  14. An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem.

    Science.gov (United States)

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2015-03-01

    The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

  15. Strong Authentication Scheme Based on Hand Geometry and Smart Card Factors

    Directory of Open Access Journals (Sweden)

    Ali A. Yassin

    2016-07-01

    Full Text Available In 2009, Xu et al. presented a safe, dynamic, id-based on remote user authentication method that has several advantages such as freely chosen passwords and mutual authentication. In this paper, we review the Xu–Zhu–Feng scheme and indicate many shortcomings in their scheme. Impersonation attacks and insider attacks could be effective. To overcome these drawbacks, we propose a secure biometric-based remote authentication scheme using biometric characteristics of hand-geometry, which is aimed at withstanding well-known attacks and achieving good performance. Furthermore, our work contains many crucial merits such as mutual authentication, user anonymity, freely chosen passwords, secure password changes, session key agreements, revocation by using personal biometrics, and does not need extra device or software for hand geometry in the login phase. Additionally, our scheme is highly efficient and withstands existing known attacks like password guessing, server impersonation, insider attacks, denial of service (DOS attacks, replay attacks, and parallel-session attacks. Compared with the other related schemes, our work is powerful both in communications and computation costs.

  16. Secure biometric image sensor and authentication scheme based on compressed sensing.

    Science.gov (United States)

    Suzuki, Hiroyuki; Suzuki, Masamichi; Urabe, Takuya; Obi, Takashi; Yamaguchi, Masahiro; Ohyama, Nagaaki

    2013-11-20

    It is important to ensure the security of biometric authentication information, because its leakage causes serious risks, such as replay attacks using the stolen biometric data, and also because it is almost impossible to replace raw biometric information. In this paper, we propose a secure biometric authentication scheme that protects such information by employing an optical data ciphering technique based on compressed sensing. The proposed scheme is based on two-factor authentication, the biometric information being supplemented by secret information that is used as a random seed for a cipher key. In this scheme, a biometric image is optically encrypted at the time of image capture, and a pair of restored biometric images for enrollment and verification are verified in the authentication server. If any of the biometric information is exposed to risk, it can be reenrolled by changing the secret information. Through numerical experiments, we confirm that finger vein images can be restored from the compressed sensing measurement data. We also present results that verify the accuracy of the scheme.

  17. User-Authentication on Wearable Devices Based on Punch Gesture Biometrics

    Directory of Open Access Journals (Sweden)

    Liang Guan-Cheng

    2017-01-01

    Full Text Available Due to commoditization and convenience, wearable technology are interwoven with our daily life. However, privacy sensitive data stored on those devices such as personal email, message can be easily stolen. Most devices require a PIN input to unlock. However, this mechanism is vulnerable to shoulder surfing attack. Thus many novel authentication approaches have been proposed to solve this problem. And biometric-based methods have been adopted by many researchers because of the efficiency and excellent performance. In this paper, we propose a new biometric-based authentication system. We focus on how the user performs a straight punch gesture subconsciously. By analysis the acceleration data from the smartwatch when user performing the gesture, we are able to profile the user. And we authenticate the user according to the biometrics of this action. This mechanism is light-weighted and do not require user to remember any secret code. We develop an authentication system on Samsung Gear Fit 2 and conducted a real-world experiment on 20 volunteers. And we collected 13000 gesture samples to evaluate our system. Results show that our system can achieve a classification accuracy of at least 95.45%. In attacking scenario, our system can achieve an equal error rate lower than 4%. The maximum number of samples required by a well-trained classifier is 25.

  18. Towards Scalability for Federated Identity Systems for Cloud-Based Environments

    Directory of Open Access Journals (Sweden)

    André Albino Pereira

    2015-12-01

    Full Text Available As multi-tenant authorization and federated identity management systems for cloud computing matures, the provisioning of services using this paradigm allows maximum efficiency on business that requires access control. However, regarding scalability support, mainly horizontal, some characteristics of those approaches based on central authentication protocols are problematic. The objective of this work is to address these issues by providing an adapted sticky-session mechanism for a Shibboleth architecture using JASIG CAS. This alternative, compared with the recommended distributed memory approach, shown improved efficiency and less overall infrastructure complexity, as well as demanding less 58% of computational resources and improving throughput (requests per second by 11%.

  19. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  20. Authenticated quantum secret sharing with quantum dialogue based on Bell states

    International Nuclear Information System (INIS)

    Abulkasim, Hussein; Hamad, Safwat; El Bahnasy, Khalid; Rida, Saad Z

    2016-01-01

    This work proposes a scheme that combines the advantages of a quantum secret sharing procedure and quantum dialogue. The proposed scheme enables the participants to simultaneously make mutual identity authentications, in a simulated scenario where the boss, Alice, shares a secret with her two agents Bob and Charlie. The secret is protected by checking photons to keep untrustworthy agents and outer attacks from getting useful information. Before the two agents cooperate to recover Alice’s secret, they must authenticate their identity using parts of a pre-shared key. In addition, the whole pre-shared key is reused as part of recovering the secret data to avoid any leaks of information. In comparison with previous schemes, the proposed method can efficiently detect eavesdropping and it is free from information leaks. Furthermore, the proposed scheme proved to be secure against man-in-the-middle attacks, impersonation attacks, entangled-and-measure attacks, participant attacks, modification attacks and Trojan-horse attacks. (paper)

  1. Assessment of Web-Based Authentication Methods in the U.S.: Comparing E-Learning Systems to Internet Healthcare Information Systems

    Science.gov (United States)

    Mattord, Herbert J.

    2012-01-01

    Organizations continue to rely on password-based authentication methods to control access to many Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in Web-based information systems (IS). It developed an Authentication Method System Index (AMSI) to analyze collected data from…

  2. Cell Line Data Base: structure and recent improvements towards molecular authentication of human cell lines.

    Science.gov (United States)

    Romano, Paolo; Manniello, Assunta; Aresu, Ottavia; Armento, Massimiliano; Cesaro, Michela; Parodi, Barbara

    2009-01-01

    The Cell Line Data Base (CLDB) is a well-known reference information source on human and animal cell lines including information on more than 6000 cell lines. Main biological features are coded according to controlled vocabularies derived from international lists and taxonomies. HyperCLDB (http://bioinformatics.istge.it/hypercldb/) is a hypertext version of CLDB that improves data accessibility by also allowing information retrieval through web spiders. Access to HyperCLDB is provided through indexes of biological characteristics and navigation in the hypertext is granted by many internal links. HyperCLDB also includes links to external resources. Recently, an interest was raised for a reference nomenclature for cell lines and CLDB was seen as an authoritative system. Furthermore, to overcome the cell line misidentification problem, molecular authentication methods, such as fingerprinting, single-locus short tandem repeat (STR) profile and single nucleotide polymorphisms validation, were proposed. Since this data is distributed, a reference portal on authentication of human cell lines is needed. We present here the architecture and contents of CLDB, its recent enhancements and perspectives. We also present a new related database, the Cell Line Integrated Molecular Authentication (CLIMA) database (http://bioinformatics.istge.it/clima/), that allows to link authentication data to actual cell lines.

  3. Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.

    Science.gov (United States)

    Yau, Wei-Chuen; Phan, Raphael C-W

    2013-12-01

    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

  4. Secured Hash Based Burst Header Authentication Design for Optical Burst Switched Networks

    Science.gov (United States)

    Balamurugan, A. M.; Sivasubramanian, A.; Parvathavarthini, B.

    2017-12-01

    The optical burst switching (OBS) is a promising technology that could meet the fast growing network demand. They are featured with the ability to meet the bandwidth requirement of applications that demand intensive bandwidth. OBS proves to be a satisfactory technology to tackle the huge bandwidth constraints, but suffers from security vulnerabilities. The objective of this proposed work is to design a faster and efficient burst header authentication algorithm for core nodes. There are two important key features in this work, viz., header encryption and authentication. Since the burst header is an important in optical burst switched network, it has to be encrypted; otherwise it is be prone to attack. The proposed MD5&RC4-4S based burst header authentication algorithm runs 20.75 ns faster than the conventional algorithms. The modification suggested in the proposed RC4-4S algorithm gives a better security and solves the correlation problems between the publicly known outputs during key generation phase. The modified MD5 recommended in this work provides 7.81 % better avalanche effect than the conventional algorithm. The device utilization result also shows the suitability of the proposed algorithm for header authentication in real time applications.

  5. A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

    Science.gov (United States)

    Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme. PMID:24892078

  6. Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment.

    Science.gov (United States)

    Chiou, Shin-Yan; Ying, Zhaoqin; Liu, Junqiang

    2016-04-01

    Medical systems allow patients to receive care at different hospitals. However, this entails considerable inconvenience through the need to transport patients and their medical records between hospitals. The development of Telecare Medicine Information Systems (TMIS) makes it easier for patients to seek medical treatment and to store and access medical records. However, medical data stored in TMIS is not encrypted, leaving patients' private data vulnerable to external leaks. In 2014, scholars proposed a new cloud-based medical information model and authentication scheme which would not only allow patients to remotely access medical services but also protects patient privacy. However, this scheme still fails to provide patient anonymity and message authentication. Furthermore, this scheme only stores patient medical data, without allowing patients to directly access medical advice. Therefore, we propose a new authentication scheme, which provides anonymity, unlinkability, and message authentication, and allows patients to directly and remotely consult with doctors. In addition, our proposed scheme is more efficient in terms of computation cost. The proposed system was implemented in Android system to demonstrate its workability.

  7. A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

    Directory of Open Access Journals (Sweden)

    Ashok Kumar Das

    2014-01-01

    Full Text Available In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

  8. A robust and effective smart-card-based remote user authentication mechanism using hash function.

    Science.gov (United States)

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

  9. Authentic leadership to the future

    Directory of Open Access Journals (Sweden)

    Dimovski Vlado

    2012-01-01

    Full Text Available Authentic leadership is the latest evolutionary stage in leadership development and emphasizes the leader's authenticity. The construct of authenticity was researched by ancient Greek philosophers as 'know thy-self ', and 'thy true self '. Authentic leadership began to develop after 2004. The main reason why the researchers place so much attention to authentic leadership is fact that authentic leadership reaches all of the employees in organizations. Authentic leaders must identify the strengths of their followers and help them with their development and integration towards a common goal, purpose, vision and identity of the organization. Authentic leadership is seen as the final stage in the development of leadership styles, properties of this leadership style, and the consequences of this style have not been fully explored. In our paper we will explore this new style of leadership and its implications.

  10. South African managers in public service: On being authentic

    Directory of Open Access Journals (Sweden)

    Antoni Barnard

    2014-01-01

    Full Text Available South African managers in public service consistently face challenges related to managing a well-adjusted and productive diverse workforce. Following the notion that leadership authenticity fosters positive psychological employee capacity, the aim of this study was to explore the meaning essence of authenticity as lived in the work–life experiences of senior managers in public service. Five senior managers in public service were purposefully selected based on their articulated challenges with being authentic at work, whilst attending a diversity sensitivity workshop. From a hermeneutic phenomenological perspective, in-depth interviews were used, and an interpretative phenomenological analysis yielded two predominant themes offering a description of what it means to be authentic. Authenticity is experienced as an affective state that results from a continuous self-appraisal of the extent to which expression of self is congruent with a subjective and socially constructed expectation of self in relation to others. Authenticity seems to develop through a continuous process of internal and external adaptation, and it leads to ultimately building a differentiated yet integrated identity of self. A reciprocal dynamic between feeling authentic and self-confidence alludes to the potential importance of authenticity dynamics in identity work.

  11. South African managers in public service: on being authentic.

    Science.gov (United States)

    Barnard, Antoni; Simbhoo, Nirvana

    2014-01-01

    South African managers in public service consistently face challenges related to managing a well-adjusted and productive diverse workforce. Following the notion that leadership authenticity fosters positive psychological employee capacity, the aim of this study was to explore the meaning essence of authenticity as lived in the work-life experiences of senior managers in public service. Five senior managers in public service were purposefully selected based on their articulated challenges with being authentic at work, whilst attending a diversity sensitivity workshop. From a hermeneutic phenomenological perspective, in-depth interviews were used, and an interpretative phenomenological analysis yielded two predominant themes offering a description of what it means to be authentic. Authenticity is experienced as an affective state that results from a continuous self-appraisal of the extent to which expression of self is congruent with a subjective and socially constructed expectation of self in relation to others. Authenticity seems to develop through a continuous process of internal and external adaptation, and it leads to ultimately building a differentiated yet integrated identity of self. A reciprocal dynamic between feeling authentic and self-confidence alludes to the potential importance of authenticity dynamics in identity work.

  12. Multi-factor authentication

    Science.gov (United States)

    Hamlet, Jason R; Pierson, Lyndon G

    2014-10-21

    Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.

  13. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  14. Privacy authentication using key attribute-based encryption in mobile cloud computing

    Science.gov (United States)

    Mohan Kumar, M.; Vijayan, R.

    2017-11-01

    Mobile Cloud Computing is becoming more popular in nowadays were users of smartphones are getting increased. So, the security level of cloud computing as to be increased. Privacy Authentication using key-attribute based encryption helps the users for business development were the data sharing with the organization using the cloud in a secured manner. In Privacy Authentication the sender of data will have permission to add their receivers to whom the data access provided for others the access denied. In sender application, the user can choose the file which is to be sent to receivers and then that data will be encrypted using Key-attribute based encryption using AES algorithm. In which cipher created, and that stored in Amazon Cloud along with key value and the receiver list.

  15. An improved biometrics-based authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Guo, Dianli; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2015-03-01

    Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients' privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.'s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed scheme through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

  16. A provably-secure ECC-based authentication scheme for wireless sensor networks.

    Science.gov (United States)

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-11-06

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

  17. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    Science.gov (United States)

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

  18. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-11-01

    Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000. Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC, and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure schemes.

  19. A robust and novel dynamic-ID-based authentication scheme for care team collaboration with smart cards.

    Science.gov (United States)

    Chang, Ya-Fen; Chen, Chia-Chen; Chang, Pei-Yu

    2013-04-01

    Nowadays, users/patients may gain desired medical services on-line because of the rapid development of computer network technologies. Conventional healthcare services are provided by a single server. However, care team collaboration by integrating services is the key to improve financial and clinical performance. How a user/patient accesses desired medical services provided by multiple servers becomes a challenge to realize care team collaboration. User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In this paper, we first discuss the perceived security drawbacks of pervasive smart-card-based remote user authentication schemes. Then, we propose a novel dynamic-ID-based user authentication scheme based on elliptic curve cryptosystem (ECC) for multi-server environment with smart cards. The proposed scheme ensures user anonymity and computational efficiency and complies with essential requirements of a secure smart-card-based authentication scheme for multi-server environment to enable care team collaboration.

  20. CUE: counterfeit-resistant usable eye movement-based authentication via oculomotor plant characteristics and complex eye movement patterns

    Science.gov (United States)

    Komogortsev, Oleg V.; Karpov, Alexey; Holland, Corey D.

    2012-06-01

    The widespread use of computers throughout modern society introduces the necessity for usable and counterfeit-resistant authentication methods to ensure secure access to personal resources such as bank accounts, e-mail, and social media. Current authentication methods require tedious memorization of lengthy pass phrases, are often prone to shouldersurfing, and may be easily replicated (either by counterfeiting parts of the human body or by guessing an authentication token based on readily available information). This paper describes preliminary work toward a counterfeit-resistant usable eye movement-based (CUE) authentication method. CUE does not require any passwords (improving the memorability aspect of the authentication system), and aims to provide high resistance to spoofing and shoulder-surfing by employing the combined biometric capabilities of two behavioral biometric traits: 1) oculomotor plant characteristics (OPC) which represent the internal, non-visible, anatomical structure of the eye; 2) complex eye movement patterns (CEM) which represent the strategies employed by the brain to guide visual attention. Both OPC and CEM are extracted from the eye movement signal provided by an eye tracking system. Preliminary results indicate that the fusion of OPC and CEM traits is capable of providing a 30% reduction in authentication error when compared to the authentication accuracy of individual traits.

  1. Feature Level Two -Dimensional Arrays Based Fusion in the Personal Authentication system using Physiological Biometric traits

    Directory of Open Access Journals (Sweden)

    Jerusalin Carol .J

    Full Text Available ABSTRACT The fingerprint, knuckle print and the retina are used to authenticate a person accurately because of the permanence in the features. These three biometric traits are fused for better security. The fingerprint and knuckle print images are pre-processed by morphological techniques and the features are extracted from the normalized image using gabor filter. The retinal image is converted to gray image and pre-processing is done using top hat and bottom hat filtering. Blood vessels are segmented and the features are extracted by locating the optic disk as the centre point. The extracted features from the fingerprint, knuckle print and the retina are fused together as one template and stored in the data base for authentication purpose, thus reducing the space and time complexity.

  2. Authentication Based on Non-Interactive Zero-Knowledge Proofs for the Internet of Things.

    Science.gov (United States)

    Martín-Fernández, Francisco; Caballero-Gil, Pino; Caballero-Gil, Cándido

    2016-01-07

    This paper describes the design and analysis of a new scheme for the authenticated exchange of confidential information in insecure environments within the Internet of Things, which allows a receiver of a message to authenticate the sender and compute a secret key shared with it. The proposal is based on the concept of a non-interactive zero-knowledge proof, so that in a single communication, relevant data may be inferred to verify the legitimacy of the sender. Besides, the new scheme uses the idea under the Diffie-Hellman protocol for the establishment of a shared secret key. The proposal has been fully developed for platforms built on the Android Open Source Project, so it can be used in any device or sensor with this operating system. This work provides a performance study of the implementation and a comparison between its promising results and others obtained with similar schemes.

  3. Student’s critical thinking skills in authentic problem based learning

    Science.gov (United States)

    Yuliati, L.; Fauziah, R.; Hidayat, A.

    2018-05-01

    This study aims to determine students’ critical thinking skills in authentic problem based learning, especially on geometric optics. The study was conducted at the vocational school. The study used a quantitative descriptive method with the open question to measure critical thinking skills. The indicators of critical thinking skills measured in this study are: formulating problems, providing simple answers, applying formulas and procedures, analyzing information, making conclusions, and synthesizing ideas. The results showed that there was a positive change in students’ critical thinking skills with the average value of N-Gain test is 0.59 and effect size test is 3.73. The critical thinking skills of students need to be trained more intensively using authentic problems in daily life.

  4. Authentication Based on Non-Interactive Zero-Knowledge Proofs for the Internet of Things

    Directory of Open Access Journals (Sweden)

    Francisco Martín-Fernández

    2016-01-01

    Full Text Available This paper describes the design and analysis of a new scheme for the authenticated exchange of confidential information in insecure environments within the Internet of Things, which allows a receiver of a message to authenticate the sender and compute a secret key shared with it. The proposal is based on the concept of a non-interactive zero-knowledge proof, so that in a single communication, relevant data may be inferred to verify the legitimacy of the sender. Besides, the new scheme uses the idea under the Diffie–Hellman protocol for the establishment of a shared secret key. The proposal has been fully developed for platforms built on the Android Open Source Project, so it can be used in any device or sensor with this operating system. This work provides a performance study of the implementation and a comparison between its promising results and others obtained with similar schemes.

  5. Review: Authentication and traceability of foods from animal origin by polymerase chain reaction-based capillary electrophoresis.

    Science.gov (United States)

    Rodríguez-Ramírez, Roberto; González-Córdova, Aarón F; Vallejo-Cordoba, Belinda

    2011-01-31

    This work presents an overview of the applicability of PCR-based capillary electrophoresis (CE) in food authentication and traceability of foods from animal origin. Analytical approaches for authenticating and tracing meat and meat products and fish and seafood products are discussed. Particular emphasis will be given to the usefulness of genotyping in food tracing by using CE-based genetic analyzers. Copyright © 2010 Elsevier B.V. All rights reserved.

  6. Faithful deterministic secure quantum communication and authentication protocol based on hyperentanglement against collective noise

    International Nuclear Information System (INIS)

    Chang Yan; Zhang Shi-Bin; Yan Li-Li; Han Gui-Hua

    2015-01-01

    Higher channel capacity and security are difficult to reach in a noisy channel. The loss of photons and the distortion of the qubit state are caused by noise. To solve these problems, in our study, a hyperentangled Bell state is used to design faithful deterministic secure quantum communication and authentication protocol over collective-rotation and collective-dephasing noisy channel, which doubles the channel capacity compared with using an ordinary Bell state as a carrier; a logical hyperentangled Bell state immune to collective-rotation and collective-dephasing noise is constructed. The secret message is divided into several parts to transmit, however the identity strings of Alice and Bob are reused. Unitary operations are not used. (paper)

  7. Simple group password-based authenticated key agreements for the integrated EPR information system.

    Science.gov (United States)

    Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

    2013-04-01

    The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

  8. On the security flaws in ID-based password authentication schemes for telecare medical information systems.

    Science.gov (United States)

    Mishra, Dheerendra

    2015-01-01

    Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

  9. A QR code based zero-watermarking scheme for authentication of medical images in teleradiology cloud.

    Science.gov (United States)

    Seenivasagam, V; Velumani, R

    2013-01-01

    Healthcare institutions adapt cloud based archiving of medical images and patient records to share them efficiently. Controlled access to these records and authentication of images must be enforced to mitigate fraudulent activities and medical errors. This paper presents a zero-watermarking scheme implemented in the composite Contourlet Transform (CT)-Singular Value Decomposition (SVD) domain for unambiguous authentication of medical images. Further, a framework is proposed for accessing patient records based on the watermarking scheme. The patient identification details and a link to patient data encoded into a Quick Response (QR) code serves as the watermark. In the proposed scheme, the medical image is not subjected to degradations due to watermarking. Patient authentication and authorized access to patient data are realized on combining a Secret Share with the Master Share constructed from invariant features of the medical image. The Hu's invariant image moments are exploited in creating the Master Share. The proposed system is evaluated with Checkmark software and is found to be robust to both geometric and non geometric attacks.

  10. A QR Code Based Zero-Watermarking Scheme for Authentication of Medical Images in Teleradiology Cloud

    Directory of Open Access Journals (Sweden)

    V. Seenivasagam

    2013-01-01

    Full Text Available Healthcare institutions adapt cloud based archiving of medical images and patient records to share them efficiently. Controlled access to these records and authentication of images must be enforced to mitigate fraudulent activities and medical errors. This paper presents a zero-watermarking scheme implemented in the composite Contourlet Transform (CT—Singular Value Decomposition (SVD domain for unambiguous authentication of medical images. Further, a framework is proposed for accessing patient records based on the watermarking scheme. The patient identification details and a link to patient data encoded into a Quick Response (QR code serves as the watermark. In the proposed scheme, the medical image is not subjected to degradations due to watermarking. Patient authentication and authorized access to patient data are realized on combining a Secret Share with the Master Share constructed from invariant features of the medical image. The Hu’s invariant image moments are exploited in creating the Master Share. The proposed system is evaluated with Checkmark software and is found to be robust to both geometric and non geometric attacks.

  11. Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks.

    Science.gov (United States)

    Moon, Jongho; Lee, Donghoon; Lee, Youngsook; Won, Dongho

    2017-04-25

    User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.'s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme.

  12. Performance Evaluation of Public Key Based Authentication in Future Mobile Communication Systems

    Directory of Open Access Journals (Sweden)

    Kambourakis Georgios

    2004-01-01

    Full Text Available While mobile hosts are evolving into full-IP enabled devices, there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism in mobile communication systems beyond 3G (B3G. Work has already begun on such an “all-IP” end-to-end solution, commonly referred to as 4G systems. Fully fledged integration between heterogeneous networks, such as 2.5G, UMTS, WLAN, Bluetooth, and the Internet, demands fully compatible, time-tested, and reliable mechanisms to depend on. SSL protocol has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future wireless environments. In this paper, we discuss existing problems related to authentication and key agreement (AKA procedures, such as compromised authentication vectors attacks, as they appear in current 2/2.5G/3G mobile communication systems, and propose how SSL, combined with public key infrastructure (PKI elements, can be used to overcome these vulnerabilities. In this B3G environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespective of the underlying network technology. Furthermore, we analyze the effectiveness of such a solution, based on measurements of a “prototype” implementation. Performance measurements indicate that SSL-based authentication can be possible in terms of service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users.

  13. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

    Directory of Open Access Journals (Sweden)

    Alavalapati Goutham Reddy

    Full Text Available Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

  14. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography

    Science.gov (United States)

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. PMID:27163786

  15. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

    Science.gov (United States)

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

  16. Research and Mass Deployment of Non-cognitive Authentication Strategy Based on Campus Wireless Network

    Directory of Open Access Journals (Sweden)

    Huangfu Dapeng

    2018-01-01

    Full Text Available With the rapid development of Internet +, the dependence on wireless networks and wireless terminals are increasing. Campus wireless network has become the main network of teachers and students in campus on the internet. As there are uneven clients and a wide variety of intelligent terminals now. Simplified authentication and network security become the most urgent problem for wireless network. This paper used the Portal + Mac authentication method to realize the non-cognitive authentication of teachers and students on basis of the analysis of the advantages and disadvantages of mainstream authentication of campus wireless network, such as 802.1X authentication, Portal authentication, Mac authentication and DHCP authentication. Teachers and students only need portal certification at the first time, then surf the internet with non-perceived authentication at the second time and later. This method increases network security, and is better to meet the needs of teachers and students.

  17. A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network

    Science.gov (United States)

    Lai, Yan-Ming; Cheng, Pu-Jen; Lee, Cheng-Chi; Ku, Chia-Yi

    2016-01-01

    Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN) based on tickets. Unfortunately, Li et al.’s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.’s protocol includes the use of high-quality tamper-proof devices (TPDs), and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client’s privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay. PMID:27171160

  18. A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network.

    Directory of Open Access Journals (Sweden)

    Yan-Ming Lai

    Full Text Available Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN based on tickets. Unfortunately, Li et al.'s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.'s protocol includes the use of high-quality tamper-proof devices (TPDs, and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client's privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay.

  19. An efficient and adaptive mutual authentication framework for heterogeneous wireless sensor network-based applications.

    Science.gov (United States)

    Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

    2014-02-11

    Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications.

  20. An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications

    Directory of Open Access Journals (Sweden)

    Pardeep Kumar

    2014-02-01

    Full Text Available Robust security is highly coveted in real wireless sensor network (WSN applications since wireless sensors’ sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring. The proposed framework offers: (i key initialization; (ii secure network (cluster formation (i.e., mutual authentication and dynamic key establishment; (iii key revocation; and (iv new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications.

  1. Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

    Science.gov (United States)

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

    2014-05-01

    Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

  2. Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing.

    Science.gov (United States)

    Ehatisham-Ul-Haq, Muhammad; Azam, Muhammad Awais; Loo, Jonathan; Shuang, Kai; Islam, Syed; Naeem, Usman; Amin, Yasar

    2017-09-06

    Smartphones are context-aware devices that provide a compelling platform for ubiquitous computing and assist users in accomplishing many of their routine tasks anytime and anywhere, such as sending and receiving emails. The nature of tasks conducted with these devices has evolved with the exponential increase in the sensing and computing capabilities of a smartphone. Due to the ease of use and convenience, many users tend to store their private data, such as personal identifiers and bank account details, on their smartphone. However, this sensitive data can be vulnerable if the device gets stolen or lost. A traditional approach for protecting this type of data on mobile devices is to authenticate users with mechanisms such as PINs, passwords, and fingerprint recognition. However, these techniques are vulnerable to user compliance and a plethora of attacks, such as smudge attacks. The work in this paper addresses these challenges by proposing a novel authentication framework, which is based on recognizing the behavioral traits of smartphone users using the embedded sensors of smartphone, such as Accelerometer, Gyroscope and Magnetometer. The proposed framework also provides a platform for carrying out multi-class smart user authentication, which provides different levels of access to a wide range of smartphone users. This work has been validated with a series of experiments, which demonstrate the effectiveness of the proposed framework.

  3. Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing

    Science.gov (United States)

    Ehatisham-ul-Haq, Muhammad; Azam, Muhammad Awais; Loo, Jonathan; Shuang, Kai; Islam, Syed; Naeem, Usman; Amin, Yasar

    2017-01-01

    Smartphones are context-aware devices that provide a compelling platform for ubiquitous computing and assist users in accomplishing many of their routine tasks anytime and anywhere, such as sending and receiving emails. The nature of tasks conducted with these devices has evolved with the exponential increase in the sensing and computing capabilities of a smartphone. Due to the ease of use and convenience, many users tend to store their private data, such as personal identifiers and bank account details, on their smartphone. However, this sensitive data can be vulnerable if the device gets stolen or lost. A traditional approach for protecting this type of data on mobile devices is to authenticate users with mechanisms such as PINs, passwords, and fingerprint recognition. However, these techniques are vulnerable to user compliance and a plethora of attacks, such as smudge attacks. The work in this paper addresses these challenges by proposing a novel authentication framework, which is based on recognizing the behavioral traits of smartphone users using the embedded sensors of smartphone, such as Accelerometer, Gyroscope and Magnetometer. The proposed framework also provides a platform for carrying out multi-class smart user authentication, which provides different levels of access to a wide range of smartphone users. This work has been validated with a series of experiments, which demonstrate the effectiveness of the proposed framework. PMID:28878177

  4. An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications

    Science.gov (United States)

    Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

    2014-01-01

    Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications. PMID:24521942

  5. Lossless Authentication Watermarking Based on Adaptive Modular Arithmetic

    Directory of Open Access Journals (Sweden)

    H. Yang

    2010-04-01

    Full Text Available Reversible watermarking schemes based on modulo-256 addition may cause annoying salt-and-pepper noise. To avoid the salt-and-pepper noise, a reversible watermarking scheme using human visual perception characteristics and adaptive modular arithmetic is proposed. First, a high-bit residual image is obtained by extracting the most significant bits (MSB of the original image, and a new spatial visual perception model is built according to the high-bit residual image features. Second, the watermark strength and the adaptive divisor of modulo operation for each pixel are determined by the visual perception model. Finally, the watermark is embedded into different least significant bits (LSB of original image with adaptive modulo addition. The original image can be losslessly recovered if the stego-image has not been altered. Extensive experiments show that the proposed algorithm eliminates the salt-and-pepper noise effectively, and the visual quality of the stego-image with the proposed algorithm has been dramatically improved over some existing reversible watermarking algorithms. Especially, the stegoimage of this algorithm has about 9.9864 dB higher PSNR value than that of modulo-256 addition based reversible watermarking scheme.

  6. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

    Science.gov (United States)

    Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-06-23

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

  7. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

    Science.gov (United States)

    Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-01-01

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

  8. Identity-Based Motivation: Constraints and Opportunities in Consumer Research

    OpenAIRE

    Shavitt, Sharon; Torelli, Carlos J.; Wong, Jimmy

    2009-01-01

    This commentary underscores the integrative nature of the identity-based motivation model (Oyserman, 2009). We situate the model within existing literatures in psychology and consumer behavior, and illustrate its novel elements with research examples. Special attention is devoted to, 1) how product- and brand-based affordances constrain identity-based motivation processes and, 2) the mindsets and action tendencies that can be triggered by specific cultural identities in pursuit of consumer go...

  9. Simulation-Based Performance Evaluation of Predictive-Hashing Based Multicast Authentication Protocol

    Directory of Open Access Journals (Sweden)

    Seonho Choi

    2012-12-01

    Full Text Available A predictive-hashing based Denial-of-Service (DoS resistant multicast authentication protocol was proposed based upon predictive-hashing, one-way key chain, erasure codes, and distillation codes techniques [4, 5]. It was claimed that this new scheme should be more resistant to various types of DoS attacks, and its worst-case resource requirements were derived in terms of coarse-level system parameters including CPU times for signature verification and erasure/distillation decoding operations, attack levels, etc. To show the effectiveness of our approach and to analyze exact resource requirements in various attack scenarios with different parameter settings, we designed and implemented an attack simulator which is platformindependent. Various attack scenarios may be created with different attack types and parameters against a receiver equipped with the predictive-hashing based protocol. The design of the simulator is explained, and the simulation results are presented with detailed resource usage statistics. In addition, resistance level to various types of DoS attacks is formulated with a newly defined resistance metric. By comparing these results to those from another approach, PRABS [8], we show that the resistance level of our protocol is greatly enhanced even in the presence of many attack streams.

  10. Identity's identities

    DEFF Research Database (Denmark)

    Jensen, Kim Ebensgaard

    -specialized language in which it also serves a number of functions – some of which are quite fundamental to society as such. In other words, the lexeme identity is a polysemic word and has multiple, well, identities. Given that it appears to have a number of functions in a variety of registers, including terminologies...... in Academic English and more everyday-based English, identity as a lexeme is definitely worth having a look at. This paper presents a lexicological study of identity in which some of its senses are identified and their behaviors in actual discourse are observed. Drawing on data from the 2011 section...... of the Corpus of Contemporary American English, a behavioral profile of the distributional characteristics of identity is set up. Behavioral profiling is a lexicographical method developed by the corpus linguist Stefan Th. Gries which, by applying semantic ID tagging and statistical analysis, provides a fine...

  11. Identity-Based Motivation: Constraints and Opportunities in Consumer Research

    Science.gov (United States)

    Shavitt, Sharon; Torelli, Carlos J.; Wong, Jimmy

    2009-01-01

    This commentary underscores the integrative nature of the identity-based motivation model (Oyserman, 2009). We situate the model within existing literatures in psychology and consumer behavior, and illustrate its novel elements with research examples. Special attention is devoted to, 1) how product- and brand-based affordances constrain identity-based motivation processes and, 2) the mindsets and action tendencies that can be triggered by specific cultural identities in pursuit of consumer goals. Future opportunities are suggested for researching the antecedents of product meanings and relevant identities. PMID:20161045

  12. Identity-Based Motivation: Constraints and Opportunities in Consumer Research.

    Science.gov (United States)

    Shavitt, Sharon; Torelli, Carlos J; Wong, Jimmy

    2009-07-01

    This commentary underscores the integrative nature of the identity-based motivation model (Oyserman, 2009). We situate the model within existing literatures in psychology and consumer behavior, and illustrate its novel elements with research examples. Special attention is devoted to, 1) how product- and brand-based affordances constrain identity-based motivation processes and, 2) the mindsets and action tendencies that can be triggered by specific cultural identities in pursuit of consumer goals. Future opportunities are suggested for researching the antecedents of product meanings and relevant identities.

  13. Design of a Super-Pixel-Based Quantum Secure Authentication Demonstrator

    NARCIS (Netherlands)

    Toebes, Chris; Tentrup, Tristan B.H.; Pinkse, Pepijn W.H.

    2017-01-01

    Quantum Secure Authentication (QSA) is a method recently developed to authenticate a multiple-scattering key [1]. Previous implementations only showed proof-of-principle setups. We present a design of a compact and robust demonstration device for Quantum Secure Authentication. The challenge and

  14. Authenticating a tamper-resistant module in a base station router

    NARCIS (Netherlands)

    Bosch, H.G.P.; Kraml, M.; Mullender, Sape J.; Polakos, P.; Samuel, L.G.

    2007-01-01

    The present invention provides a method involving a tamper-resistant module and an authentication server. The method includes receiving, at the tamper-resistant module, information encrypted using a first secret key stored in the authentication server. The method also includes authenticating the

  15. Qubit authentication

    International Nuclear Information System (INIS)

    Curty, Marcos; Santos, David J.; Perez, Esther; Garcia-Fernandez, Priscila

    2002-01-01

    Secure communication requires message authentication. In this paper we address the problem of how to authenticate quantum information sent through a quantum channel between two communicating parties with the minimum amount of resources. Specifically, our objective is to determine whether one elementary quantum message (a qubit) can be authenticated with a key of minimum length. We show that, unlike the case of classical-message quantum authentication, this is not possible

  16. Multi-image encryption based on synchronization of chaotic lasers and iris authentication

    Science.gov (United States)

    Banerjee, Santo; Mukhopadhyay, Sumona; Rondoni, Lamberto

    2012-07-01

    A new technique of transmitting encrypted combinations of gray scaled and chromatic images using chaotic lasers derived from Maxwell-Bloch's equations has been proposed. This novel scheme utilizes the general method of solution of a set of linear equations to transmit similar sized heterogeneous images which are a combination of monochrome and chromatic images. The chaos encrypted gray scaled images are concatenated along the three color planes resulting in color images. These are then transmitted over a secure channel along with a cover image which is an iris scan. The entire cryptology is augmented with an iris-based authentication scheme. The secret messages are retrieved once the authentication is successful. The objective of our work is briefly outlined as (a) the biometric information is the iris which is encrypted before transmission, (b) the iris is used for personal identification and verifying for message integrity, (c) the information is transmitted securely which are colored images resulting from a combination of gray images, (d) each of the images transmitted are encrypted through chaos based cryptography, (e) these encrypted multiple images are then coupled with the iris through linear combination of images before being communicated over the network. The several layers of encryption together with the ergodicity and randomness of chaos render enough confusion and diffusion properties which guarantee a fool-proof approach in achieving secure communication as demonstrated by exhaustive statistical methods. The result is vital from the perspective of opening a fundamental new dimension in multiplexing and simultaneous transmission of several monochromatic and chromatic images along with biometry based authentication and cryptography.

  17. CENTERA: A Centralized Trust-Based Efficient Routing Protocol with Authentication for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Ayman Tajeddine

    2015-02-01

    Full Text Available In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN. CENTERA utilizes the more powerful base station (BS to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of “bad” nodes. By periodically accumulating these simple local observations and approximating the nodes’ battery lives, the BS draws a global view of the network, calculates three quality metrics—maliciousness, cooperation, and compatibility—and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates “bad”, “misbehaving” or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node’s bad/probation level with repeated “bad” behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to “good” nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations.

  18. CENTERA: A Centralized Trust-Based Efficient Routing Protocol with Authentication for Wireless Sensor Networks †

    Science.gov (United States)

    Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

    2015-01-01

    In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of “bad” nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics—maliciousness, cooperation, and compatibility—and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates “bad”, “misbehaving” or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated “bad” behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to “good” nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations. PMID:25648712

  19. CENTERA: a centralized trust-based efficient routing protocol with authentication for wireless sensor networks.

    Science.gov (United States)

    Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

    2015-02-02

    In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of "bad" nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics-maliciousness, cooperation, and compatibility-and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates "bad", "misbehaving" or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated "bad" behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to "good" nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations.

  20. A Fingerprint Encryption Scheme Based on Irreversible Function and Secure Authentication

    Directory of Open Access Journals (Sweden)

    Yijun Yang

    2015-01-01

    Full Text Available A fingerprint encryption scheme based on irreversible function has been designed in this paper. Since the fingerprint template includes almost the entire information of users’ fingerprints, the personal authentication can be determined only by the fingerprint features. This paper proposes an irreversible transforming function (using the improved SHA1 algorithm to transform the original minutiae which are extracted from the thinned fingerprint image. Then, Chinese remainder theorem is used to obtain the biokey from the integration of the transformed minutiae and the private key. The result shows that the scheme has better performance on security and efficiency comparing with other irreversible function schemes.

  1. An improved biometrics-based remote user authentication scheme with user anonymity.

    Science.gov (United States)

    Khan, Muhammad Khurram; Kumari, Saru

    2013-01-01

    The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An's scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An's scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

  2. An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity

    Directory of Open Access Journals (Sweden)

    Muhammad Khurram Khan

    2013-01-01

    Full Text Available The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An’s scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An’s scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

  3. A Secure Mobile-Based Authentication System for e-Banking

    Science.gov (United States)

    Rifà-Pous, Helena

    Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable. We propose a challenge-response based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.

  4. A New Transcendence Model of Identity Construction

    Science.gov (United States)

    Elliott, Christopher L. Wilcox

    2012-01-01

    What does it mean for college men to be authentic? How can we support their efforts to transcend their own immediate needs? And what roles do trusted others play in one's construction of identity? This article describes a preliminary new theoretical model--a Transcendence Model of Identity Construction--based on original research studying…

  5. Sensing pressure for authentication

    NARCIS (Netherlands)

    Henderson, N.J.; White, N.M.; Veldhuis, Raymond N.J.; Hartel, Pieter H.; Slump, Cornelis H.

    The use of signals resulting from tapping a rhythm on a pressure sensor is explored for authentication. The features used for authentication can be divided into rhythm and waveform features. This paper studies the use of waveform features. A verification scheme based on prototype waveforms is

  6. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Science.gov (United States)

    Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  7. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Directory of Open Access Journals (Sweden)

    Jaewook Jung

    Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  8. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

    Science.gov (United States)

    Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

  9. RFID-based Electronic Identity Security Cloud Platform in Cyberspace

    OpenAIRE

    Bing Chen; Chengxiang Tan; Bo Jin; Xiang Zou; Yuebo Dai

    2012-01-01

    With the moving development of networks, especially Internet of Things, electronic identity administration in cyberspace is becoming more and more important. And personal identity management in cyberspace associated with individuals in reality has been one significant and urgent task for the further development of information construction in China. So this paper presents a RFID-based electronic identity security cloud platform in cyberspace to implement an efficient security management of cyb...

  10. Design of a MEMS-based retina scanning system for biometric authentication

    Science.gov (United States)

    Woittennek, Franziska; Knobbe, Jens; Pügner, Tino; Schelinski, Uwe; Grüger, Heinrich

    2014-05-01

    There is an increasing need for reliable authentication for a number of applications such as e commerce. Common authentication methods based on ownership (ID card) or knowledge factors (password, PIN) are often prone to manipulations and may therefore be not safe enough. Various inherence factor based methods like fingerprint, retinal pattern or voice identifications are considered more secure. Retina scanning in particular offers both low false rejection rate (FRR) and low false acceptance rate (FAR) with about one in a million. Images of the retina with its characteristic pattern of blood vessels can be made with either a fundus camera or laser scanning methods. The present work describes the optical design of a new compact retina laser scanner which is based on MEMS (Micro Electric Mechanical System) technology. The use of a dual axis micro scanning mirror for laser beam deflection enables a more compact and robust design compared to classical systems. The scanner exhibits a full field of view of 10° which corresponds to an area of 4 mm2 on the retinal surface surrounding the optical disc. The system works in the near infrared and is designed for use under ambient light conditions, which implies a pupil diameter of 1.5 mm. Furthermore it features a long eye relief of 30 mm so that it can be conveniently used by persons wearing glasses. The optical design requirements and the optical performance are discussed in terms of spot diagrams and ray fan plots.

  11. Security Enhancement of Knowledge-based User Authentication through Keystroke Dynamics

    Directory of Open Access Journals (Sweden)

    Roy Soumen

    2016-01-01

    Full Text Available Keystroke Dynamics is a behavioural biometrics characteristic in Biometric science, which solve the issues in user identification or verification. In Knowledge-based user authentication technique, we compromise with PIN or password which is unsafe due to different type of attacks. It is good to choose password with the combination of upper and lower case letter with some digits and symbols, but which is very hard to remember or generally we forget to distinguish those passwords for different access control systems. Our system not only takes the users’ entered texts but their typing style is also account for. In our experiment, we have not taken hard password type texts, we have chosen some daily used words where users are habituated and comfortable at typing and we obtained the consisting typing pattern. Different distance-based and data mining algorithms we have applied on collected typing pattern and obtained impressive results. As per our experiment, if we use keystroke dynamics in existing knowledge based user authentication system with minimum of five daily used common texts then it increases the security level up to 97.6% to 98.2% (if we remove some of the irrelevant feature sets.

  12. Secure Communication and Information Exchange using Authenticated Ciphertext Policy Attribute-Based Encryption in Mobile Ad-hoc Network

    Directory of Open Access Journals (Sweden)

    Samsul Huda

    2016-08-01

    Full Text Available MANETs are considered as suitable for commercial applications such as law enforcement, conference meeting, and sharing information in a student classroom and critical services such as military operations, disaster relief, and rescue operations. Meanwhile, in military operation especially in the battlefield in freely medium which naturally needs high mobility and flexibility. Thus, applying MANETs make these networks vulnerable to various types of attacks such aspacket eavesdropping, data disseminating, message replay, message modification, and especially privacy issue. In this paper, we propose a secure communication and information exchange in MANET with considering secure adhoc routing and secure information exchange. Regarding privacy issue or anonymity, we use a reliable asymmetric encryption which protecting user privacy by utilizing insensitive user attributes as user identity, CP-ABE (Ciphertext-Policy Attribute-Based Encryption cryptographic scheme. We also design protocols to implement the proposed scheme for various battlefied scenarios in real evironment using embedded devices. Our experimental results showed that the additional of HMAC (Keyed-Hash Message Authentication Code and AES (Advanced Encryption standard schemes using processor 1.2GHz only take processing time about 4.452 ms,  we can confirm that our approach by using CP-ABE with added HMAC and AES schemes make low overhead.

  13. Time to unravel the conceptual confusion of authenticity and fidelity and their contribution to learning within simulation-based nurse education. A discussion paper.

    Science.gov (United States)

    Bland, Andrew J; Topping, Annie; Tobbell, Jane

    2014-07-01

    High-fidelity patient simulation is a method of education increasingly utilised by educators of nursing to provide authentic learning experiences. Fidelity and authenticity, however, are not conceptually equivalent. Whilst fidelity is important when striving to replicate a life experience such as clinical practice, authenticity can be produced with low fidelity. A challenge for educators of undergraduate nursing is to ensure authentic representation of the clinical situation which is a core component for potential success. What is less clear is the relationship between fidelity and authenticity in the context of simulation based learning. Authenticity does not automatically follow fidelity and as a result, educators of nursing cannot assume that embracing the latest technology-based educational tools will in isolation provide a learning environment perceived authentic by the learner. As nursing education programmes increasingly adopt simulators that offer the possibility of representing authentic real world situations, there is an urgency to better articulate and understand the terms fidelity and authenticity. Without such understanding there is a real danger that simulation as a teaching and learning resource in nurse education will never reach its potential and be misunderstood, creating a potential barrier to learning. This paper examines current literature to promote discussion within nurse education, concluding that authenticity in the context of simulation-based learning is complex, relying on far more than engineered fidelity. Copyright © 2014 Elsevier Ltd. All rights reserved.

  14. Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

    Science.gov (United States)

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Xie, Dong; Yang, Yixian

    2015-06-01

    The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

  15. Sensor-fusion-based biometric identity verification

    International Nuclear Information System (INIS)

    Carlson, J.J.; Bouchard, A.M.; Osbourn, G.C.; Martinez, R.F.; Bartholomew, J.W.; Jordan, J.B.; Flachs, G.M.; Bao, Z.; Zhu, L.

    1998-02-01

    Future generation automated human biometric identification and verification will require multiple features/sensors together with internal and external information sources to achieve high performance, accuracy, and reliability in uncontrolled environments. The primary objective of the proposed research is to develop a theoretical and practical basis for identifying and verifying people using standoff biometric features that can be obtained with minimal inconvenience during the verification process. The basic problem involves selecting sensors and discovering features that provide sufficient information to reliably verify a person's identity under the uncertainties caused by measurement errors and tactics of uncooperative subjects. A system was developed for discovering hand, face, ear, and voice features and fusing them to verify the identity of people. The system obtains its robustness and reliability by fusing many coarse and easily measured features into a near minimal probability of error decision algorithm

  16. Press touch code: A finger press based screen size independent authentication scheme for smart devices

    Science.gov (United States)

    Ranak, M. S. A. Noman; Nor, Nur Nadiah Hanim Binti Mohd; Zamli, Kamal Z.

    2017-01-01

    Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)—a.k.a., Force Touch in Apple’s MacBook, Apple Watch, ZTE’s Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on—is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme. PMID:29084262

  17. Press touch code: A finger press based screen size independent authentication scheme for smart devices.

    Science.gov (United States)

    Ranak, M S A Noman; Azad, Saiful; Nor, Nur Nadiah Hanim Binti Mohd; Zamli, Kamal Z

    2017-01-01

    Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)-a.k.a., Force Touch in Apple's MacBook, Apple Watch, ZTE's Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on-is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme.

  18. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Science.gov (United States)

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  19. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Directory of Open Access Journals (Sweden)

    Chang-Seop Park

    2014-01-01

    Full Text Available After two recent security attacks against implantable medical devices (IMDs have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient’s life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician’s treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  20. Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

    Science.gov (United States)

    Park, Chang-Seop

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  1. Press touch code: A finger press based screen size independent authentication scheme for smart devices.

    Directory of Open Access Journals (Sweden)

    M S A Noman Ranak

    Full Text Available Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT-a.k.a., Force Touch in Apple's MacBook, Apple Watch, ZTE's Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on-is transformed into a new type of code, named Press Touch Code (PTC. We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme.

  2. Implementation procedure for a fingerprint based matching and authentication system using filterbank for e-commerce applications

    International Nuclear Information System (INIS)

    Choudhry, B.S.; Baloch, A.K.; Pathan, A.H.

    2004-01-01

    The issue of secure online transactions is of almost importance in the present day world of Internet based commercial applications. Accurate authentication of a person before he or she is allowed to use a resource is very important. On the other hand biometrics is fast developing as a reliable and accurate system for person identification. Biometrics can be the answer to most of the security related problems of the online commercial world. Finger based matching and authentication systems are one of the most reliable systems that can be used for security applications. In this paper, we present a detailed description and implementation procedure for a fingerprint based matching and authentication system using Filterbank approach. The algorithm has been found to give good performance for low quality images. (author)

  3. Authenticity through VR-based documentation of cultural heritage. A theoretical approach based on conservation and documentation practices

    Directory of Open Access Journals (Sweden)

    Jesús Muñoz Morcillo

    2017-05-01

    Full Text Available The visualization of 3D reconstructed artifacts often requires significant computing resources. The implementation of an object in  a  virtual  reality  (VR  application  even necessitates the  reduction  of  the polygonal  mesh.  Consequently,  the communication and dissemination of “authentic” 3D reconstructions via immersive VR technologies has been a nearly impossible  feat for  many  researchers. However,  is the  issue really  computing resources,  or is it rather  the notion  of authenticity in an “auratic” sense, i.e., an excessive focus on physical evidence and survey data? In the present paper, we will discuss the authenticity requirements for virtual archaeology as set by the Seville Principles(2011, and we will analyse some limitations related to the current approaches. Furthermore, we will propose a pluralistic notion based on the contextualization of 3D objects in VR environments with synesthetic (i.e. multisensory information. This new notion of authenticity  relies  on  conservation meanings rather than  physical  features.  In line  with  this  approach,  two  case studies will be commented: the multimodal 3D-documentation of the Jupiter Column(2AD in Ladenburg, and the VR-based  re-enactment of  a  modern  work  of  art,  the  audio-kinetic  sculpture Kaleidophonic  Dog(1967  by  Stephan  von Huene. These two projects provide valuable data for a revision of the notion of authenticity in both virtual archaeology and art conservation.

  4. Strong Authentication Protocol based on Java Crypto Chip as a Secure Element

    Directory of Open Access Journals (Sweden)

    Majid Mumtaz

    2016-10-01

    Full Text Available Smart electronic devices and gadgets and their applications are becoming more and more popular. Most of those devices and their applications handle personal, financial, medical and other sensitive data that require security and privacy protection. In this paper we describe one aspect of such protection – user authentication protocol based on the use of X.509 certificates. The system uses Public Key Infrastructure (PKI, challenge/response protocol, mobile proxy servers, and Java cards with crypto capabilities used as a Secure Element. Innovative design of the protocol, its implementation, and evaluation results are described. In addition to end-user authentication, the described solution also supports the use of X.509 certificates for additional security services – confidentiality, integrity, and non-repudiation of transactions and data in an open network environment. The system uses Application Programming Interfaces (APIs to access Java cards functions and credentials that can be used as add-ons to enhance any mobile application with security features and services.

  5. Smartphone-based secure authenticated session sharing in Internet of Personal Things

    Science.gov (United States)

    Krishnan, Ram; Ninglekhu, Jiwan

    2015-03-01

    In the context of password-based authentication, a user can only memorize limited number of usernames and passwords. They are generally referred to as user-credentials. Longer character length of passwords further adds complication in mastering them. The expansion of the Internet and our growing dependency on it, has made it almost impossible for us to handle the big pool of user-credentials. Using simple, same or similar passwords is considered a poor practice, as it can easily be compromised by password cracking tools and social engineering attacks. Therefore, a robust and painless technique to manage personal credentials for websites is desirable. In this paper, a novel technique for user-credentials management via a smart mobile device such as a smartphone in a local network is proposed. We present a secure user-credential management scheme in which user's account login (username) and password associated with websites domain name is saved into the mobile device's database using a mobile application. We develop a custom browser extension application for client and use it to import user's credentials linked with the corresponding website from the mobile device via the local Wi-Fi network connection. The browser extension imports and identifies the authentication credentials and pushes them into the target TextBox locations in the webpage, ready for the user to execute. This scheme is suitably demonstrated between two personal devices in a local network.

  6. Sustainable and Practical Firmware Upgrade for Wireless Access Point Using Password-Based Authentication

    Directory of Open Access Journals (Sweden)

    Jaejin Jang

    2016-08-01

    Full Text Available Wireless access points (WAPs are devices that provide Internet connectivity to devices such as desktops, laptops, smartphones, and tablets. Hence, it is important to provide sufficient availability to devices and security for the traffic that is routed by a WAP. However, attackers can decrease the network bandwidth or obtain the traffic including private data such as search histories, login information, and device usage patterns by exploiting the vulnerabilities in firmware upgrades to install malicious firmware. To address this problem, we propose a sustainable and practical firmware upgrade for a WAP using password-based authentication. The proposed upgrade protocol ensures security by adding freshness to the firmware whenever a firmware upgrade occurs. This freshness is different for each event and each firmware; therefore, even if the freshness of one firmware is exposed, the others are secure. In addition, confidentiality, integrity, and authentication are ensured. Furthermore, the proposed protocol can be easily implemented and adapted to WAPs. Experiments are performed to evaluate the upgrade time, resource usage, and code size in wired and wireless connected environments by implementing a prototype and analyzing the security of the protocol. The results show that the proposed upgrade is secure and practical.

  7. R2NA: Received Signal Strength (RSS Ratio-Based Node Authentication for Body Area Network

    Directory of Open Access Journals (Sweden)

    Yang Wu

    2013-12-01

    Full Text Available The body area network (BAN is an emerging branch of wireless sensor networks for personalized applications. The services in BAN usually have a high requirement on security, especially for the medical diagnosis. One of the fundamental directions to ensure security in BAN is how to provide node authentication. Traditional research using cryptography relies on prior secrets shared among nodes, which leads to high resource cost. In addition, most existing non-cryptographic solutions exploit out-of-band (OOB channels, but they need the help of additional hardware support or significant modifications to the system software. To avoid the above problems, this paper presents a proximity-based node authentication scheme, which only uses wireless modules equipped on sensors. With only one sensor and one control unit (CU in BAN, we could detect a unique physical layer characteristic, namely, the difference between the received signal strength (RSS measured on different devices in BAN. Through the above-mentioned particular difference, we can tell whether the sender is close enough to be legitimate. We validate our scheme through both theoretical analysis and experiments, which are conducted on the real Shimmer nodes. The results demonstrate that our proposed scheme has a good security performance.

  8. A Remote User Authentication Scheme with Anonymity for Mobile Devices

    Directory of Open Access Journals (Sweden)

    Soobok Shin

    2012-04-01

    Full Text Available With the rapid growth of information technologies, mobile devices have been utilized in a variety of services such as e-commerce. When a remote server provides such e-commerce services to a user, it must verify the legitimacy of the user over an insecure communication channel. Therefore, remote user authentication has been widely deployed to verify the legitimacy of remote user login requests using mobile devices like smart cards. In this paper we propose a smart card-based authentication scheme that provides both user anonymity and mutual authentication between a remote server and a user. The proposed authentication scheme is a simple and efficient system applicable to the limited resource and low computing performance of the smart card. The proposed scheme provides not only resilience to potential attacks in the smart card-based authentication scheme, but also secure authentication functions. A smart card performs a simple one-way hash function, the operations of exclusive-or and concatenation in the authentication phase of the proposed scheme. The proposed scheme also provides user anonymity using a dynamic identity and key agreement, and secure password change.

  9. Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments.

    Science.gov (United States)

    Yang, Li; Zheng, Zhiming

    2018-01-01

    According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.

  10. An Advanced Encryption Standard Powered Mutual Authentication Protocol Based on Elliptic Curve Cryptography for RFID, Proven on WISP

    Directory of Open Access Journals (Sweden)

    Alaauldin Ibrahim

    2017-01-01

    Full Text Available Information in patients’ medical histories is subject to various security and privacy concerns. Meanwhile, any modification or error in a patient’s medical data may cause serious or even fatal harm. To protect and transfer this valuable and sensitive information in a secure manner, radio-frequency identification (RFID technology has been widely adopted in healthcare systems and is being deployed in many hospitals. In this paper, we propose a mutual authentication protocol for RFID tags based on elliptic curve cryptography and advanced encryption standard. Unlike existing authentication protocols, which only send the tag ID securely, the proposed protocol could also send the valuable data stored in the tag in an encrypted pattern. The proposed protocol is not simply a theoretical construct; it has been coded and tested on an experimental RFID tag. The proposed scheme achieves mutual authentication in just two steps and satisfies all the essential security requirements of RFID-based healthcare systems.

  11. Efficient authentication scheme based on near-ring root extraction problem

    Science.gov (United States)

    Muthukumaran, V.; Ezhilmaran, D.

    2017-11-01

    An authentication protocolis the type of computer communication protocol or cryptography protocol specifically designed for transfer of authentication data between two entities. We have planned a two new entity authentication scheme on the basis of root extraction problem near-ring in this article. We suggest that this problem is suitably difficult to serve as a cryptographic assumption over the platform of near-ring N. The security issues also discussed.

  12. Do We Need to Design Course-Based Undergraduate Research Experiences for Authenticity?

    Science.gov (United States)

    Rowland, Susan; Pedwell, Rhianna; Lawrie, Gwen; Lovie-Toon, Joseph; Hung, Yu

    2016-01-01

    The recent push for more authentic teaching and learning in science, technology, engineering, and mathematics indicates a shared agreement that undergraduates require greater exposure to professional practices. There is considerable variation, however, in how "authentic" science education is defined. In this paper we present our definition of authenticity as it applies to an "authentic" large-scale undergraduate research experience (ALURE); we also look to the literature and the student voice for alternate perceptions around this concept. A metareview of science education literature confirmed the inconsistency in definitions and application of the notion of authentic science education. An exploration of how authenticity was explained in 604 reflections from ALURE and traditional laboratory students revealed contrasting and surprising notions and experiences of authenticity. We consider the student experience in terms of alignment with 1) the intent of our designed curriculum and 2) the literature definitions of authentic science education. These findings contribute to the conversation surrounding authenticity in science education. They suggest two things: 1) educational experiences can have significant authenticity for the participants, even when there is no purposeful design for authentic practice, and 2) the continuing discussion of and design for authenticity in UREs may be redundant. © 2016 S. Rowland et al. CBE—Life Sciences Education © 2016 The American Society for Cell Biology. This article is distributed by The American Society for Cell Biology under license from the author(s). It is available to the public under an Attribution–Noncommercial–Share Alike 3.0 Unported Creative Commons License (http://creativecommons.org/licenses/by-nc-sa/3.0).

  13. Sustainable Development Mechanism of Food Culture’s Translocal Production Based on Authenticity

    Directory of Open Access Journals (Sweden)

    Guojun Zeng

    2014-10-01

    Full Text Available Food culture is a kind of non-material culture with authenticity. To achieve sustainable development of translocal heritage and food culture, we must protect its authenticity. By selecting the cases of the Dongbeiren Flavor Dumpling Restaurant and the Daozanjia Northeast Dumpling Restaurant and using the in-depth interview method, this study discusses how northeastern Cuisine in Guangzhou balances the inheritance and innovation of authenticity, how producers and customers negotiate, and how to realize sustainable development. The main conclusions are: first, there are two different paths of translocal food culture production, which are “authentic food culture production” and “differentiated food culture production”. Second, what translocal enterprises produce is not objective authenticity, but constructive authenticity, or even existential authenticity. Third, compared with differentiated food culture production, authentic food culture production is helpful for the sustainable development of local food culture production. It protects the locality while transmitting and developing the local culture. Fourth, translocal food culture production is a process in which the producers and consumers continue to interact to maintain a state of equilibrium, which informs the sustainable development mechanism with a high degree of authenticity.

  14. Development of authentication code for multi-access optical code division multiplexing based quantum key distribution

    Science.gov (United States)

    Taiwo, Ambali; Alnassar, Ghusoon; Bakar, M. H. Abu; Khir, M. F. Abdul; Mahdi, Mohd Adzir; Mokhtar, M.

    2018-05-01

    One-weight authentication code for multi-user quantum key distribution (QKD) is proposed. The code is developed for Optical Code Division Multiplexing (OCDMA) based QKD network. A unique address assigned to individual user, coupled with degrading probability of predicting the source of the qubit transmitted in the channel offer excellent secure mechanism against any form of channel attack on OCDMA based QKD network. Flexibility in design as well as ease of modifying the number of users are equally exceptional quality presented by the code in contrast to Optical Orthogonal Code (OOC) earlier implemented for the same purpose. The code was successfully applied to eight simultaneous users at effective key rate of 32 bps over 27 km transmission distance.

  15. A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

    Science.gov (United States)

    Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

    2017-12-03

    The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

  16. A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

    Directory of Open Access Journals (Sweden)

    Tsung-Hung Lin

    2017-12-01

    Full Text Available The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA. PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

  17. An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Chun-Ta Li

    2013-07-01

    Full Text Available Wireless sensor networks (WSNs can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs. Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.

  18. An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

    Science.gov (United States)

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-07-24

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

  19. A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

    Science.gov (United States)

    Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

    2013-06-01

    The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

  20. Towards second-generation smart card-based authentication in health information systems: the secure server model.

    Science.gov (United States)

    Hallberg, J; Hallberg, N; Timpka, T

    2001-01-01

    Conventional smart card-based authentication systems used in health care alleviate some of the security issues in user and system authentication. Existing models still do not cover all security aspects. To enable new protective measures to be developed, an extended model of the authentication process is presented. This model includes a new entity referred to as secure server. Assuming a secure server, a method where the smart card is aware of the status of the terminal integrity verification becomes feasible. The card can then act upon this knowledge and restrict the exposure of sensitive information to the terminal as required in order to minimize the risks. The secure server model can be used to illuminate the weaknesses of current approaches and the need for extensions which alleviate the resulting risks.

  1. A Multifactor Secure Authentication System for Wireless Payment

    Science.gov (United States)

    Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

    Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

  2. An enhanced PSO-DEFS based feature selection with biometric authentication for identification of diabetic retinopathy

    Directory of Open Access Journals (Sweden)

    Umarani Balakrishnan

    2016-11-01

    Full Text Available Recently, automatic diagnosis of diabetic retinopathy (DR from the retinal image is the most significant research topic in the medical applications. Diabetic macular edema (DME is the major reason for the loss of vision in patients suffering from DR. Early identification of the DR enables to prevent the vision loss and encourage diabetic control activities. Many techniques are developed to diagnose the DR. The major drawbacks of the existing techniques are low accuracy and high time complexity. To overcome these issues, this paper proposes an enhanced particle swarm optimization-differential evolution feature selection (PSO-DEFS based feature selection approach with biometric authentication for the identification of DR. Initially, a hybrid median filter (HMF is used for pre-processing the input images. Then, the pre-processed images are embedded with each other by using least significant bit (LSB for authentication purpose. Simultaneously, the image features are extracted using convoluted local tetra pattern (CLTrP and Tamura features. Feature selection is performed using PSO-DEFS and PSO-gravitational search algorithm (PSO-GSA to reduce time complexity. Based on some performance metrics, the PSO-DEFS is chosen as a better choice for feature selection. The feature selection is performed based on the fitness value. A multi-relevance vector machine (M-RVM is introduced to classify the 13 normal and 62 abnormal images among 75 images from 60 patients. Finally, the DR patients are further classified by M-RVM. The experimental results exhibit that the proposed approach achieves better accuracy, sensitivity, and specificity than the existing techniques.

  3. A Broker-based approach for GEOSS authentication/authorization services

    Science.gov (United States)

    Santoro, Mattia; Nativi, Stefano

    2015-04-01

    The Group on Earth Observation (GEO) is a voluntary partnership of governments and international organizations coordinating efforts to build a Global Earth Observation System of Systems (GEOSS). GEOSS aims to achieve societal benefits through voluntary contribution and sharing of resources to better understand the relationships between the society and the environment where we live. The GEOSS Common Infrastructure (GCI) implements a digital infrastructure (e-infrastructure) that coordinates access to these systems, interconnecting and harmonizing their data, applications, models, and products. The GCI component implementing the needed interoperability arrangements to interconnect the data systems contributing to GEOSS is the GEO DAB (Discovery and Access Broker). This provides a unique entry point to which client applications (i.e. the portals and apps) can connect for exploiting (search, discover, and access) resources available through GCI. The GEO DAB implements the brokering approach (Nativi et al., 2013) to build a flexible and scalable System of Systems. GEOSS data providers ask for information about who accessed their resources and, in some cases, want to limit the data download. GEOSS users ask for a profiled interaction with the system based on their needs and expertise level. This raised the need for an enrichment of GEO DAB functionalities, i.e. user authentication/authorization. Besides, authentication and authorization is necessary for GEOSS to provide moderated social services - e.g. feedback messages, data "fit for use" comments, etc. In the development of this new functionality, the need to support existing and well-used users' credentials (e.g. Google, Twitter, etc.) stems from GEOSS principles to build on existing systems and lower entry-barriers for users. To cope with these requirements and face the heterogeneity of technologies used by the different data systems and client applications, a broker-based approach for the authentication

  4. An authenticated image encryption scheme based on chaotic maps and memory cellular automata

    Science.gov (United States)

    Bakhshandeh, Atieh; Eslami, Ziba

    2013-06-01

    This paper introduces a new image encryption scheme based on chaotic maps, cellular automata and permutation-diffusion architecture. In the permutation phase, a piecewise linear chaotic map is utilized to confuse the plain-image and in the diffusion phase, we employ the Logistic map as well as a reversible memory cellular automata to obtain an efficient and secure cryptosystem. The proposed method admits advantages such as highly secure diffusion mechanism, computational efficiency and ease of implementation. A novel property of the proposed scheme is its authentication ability which can detect whether the image is tampered during the transmission or not. This is particularly important in applications where image data or part of it contains highly sensitive information. Results of various analyses manifest high security of this new method and its capability for practical image encryption.

  5. An Enhanced Dynamic Mutual Authentication Scheme for Smart Card Based Networks

    OpenAIRE

    S. Santhosh Baboo; K. Gokulraj

    2012-01-01

    Network security is the prevailing and challenging factor in computer communications. Computer security and communication security are interrelated and essential features in the internetworking system. Network security is ascertained by many factors like authentication, authorization, digital signatures, cryptography, steganography etc. Among them authentication is playing an important role in networked communications, where the communicating partners are to be identified each other legit...

  6. The Role of Authenticity in Design-Based Learning Environments: The Case of Engineering Education

    Science.gov (United States)

    Strobel, J.; Wang, J.; Weber, N. R.; Dyehouse, M.

    2013-01-01

    The term "authenticity" is pervasive in the education literature in general and specifically in the design education and engineering education literature; yet, the construct is often used un-reflected and ill defined. The purpose of this paper is (1) to critically examine current conceptualizations of authenticity as principles to design learning…

  7. Brand new authentic places

    DEFF Research Database (Denmark)

    Stender, Marie

    the relation and interplay between the two. This study strives to fill this gap by ethnographically tracing the process from design to occupancy including the role of branding as a means to create authenticity. The concept of authenticity is often associated with old houses and neighbourhoods, but also in new......How are places and material surroundings ascribed with meaning when new residential neighbourhoods are designed, branded and taken into use? Existing research on housing, neighbourhoods and urban design tends to take the perspective of either the architect or the user rather than to explore...... neighbourhoods stories of authenticity seems to be of great importance giving value and identity to place and people. By way of design and branding new places are implied with notions of the real, the original and the unique referring to e.g. its historical past, architectural uniqueness, sustainability or sense...

  8. Two-Factor User Authentication with Key Agreement Scheme Based on Elliptic Curve Cryptosystem

    Directory of Open Access Journals (Sweden)

    Juan Qu

    2014-01-01

    Full Text Available A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel. Up to now, various two-factor user authentication schemes have been proposed. However, most of them are vulnerable to smart card loss attack, offline password guessing attack, impersonation attack, and so on. In this paper, we design a password remote user authentication with key agreement scheme using elliptic curve cryptosystem. Security analysis shows that the proposed scheme has high level of security. Moreover, the proposed scheme is more practical and secure in contrast to some related schemes.

  9. Secure Biometric Multi-Logon System Based on Current Authentication Technologies

    Science.gov (United States)

    Tait, Bobby L.

    The need for accurate authentication in the current IT world is of utmost importance. Users rely on current IT technologies to facilitate in day to day interactions with nearly all environments. Strong authentication technologies like the various biometric technologies have been in existence for many years. Many of these technologies, for instance fingerprint biometrics, have reached maturity. However, passwords and pins are still the most commonly used authentication mechanisms at this stage. An average user has to be authenticated in various situations during daily interaction with his or her environment, by means of a pin or a password. This results in many different passwords and pins that the user has to remember. The user will eventually either start documenting these passwords and pins, or often, simply use the same password and pin for all authentication situations.

  10. Improving mathematical problem solving ability through problem-based learning and authentic assessment for the students of Bali State Polytechnic

    Science.gov (United States)

    Darma, I. K.

    2018-01-01

    This research is aimed at determining: 1) the differences of mathematical problem solving ability between the students facilitated with problem-based learning model and conventional learning model, 2) the differences of mathematical problem solving ability between the students facilitated with authentic and conventional assessment model, and 3) interaction effect between learning and assessment model on mathematical problem solving. The research was conducted in Bali State Polytechnic, using the 2x2 experiment factorial design. The samples of this research were 110 students. The data were collected using a theoretically and empirically-validated test. Instruments were validated by using Aiken’s approach of technique content validity and item analysis, and then analyzed using anova stylistic. The result of the analysis shows that the students facilitated with problem-based learning and authentic assessment models get the highest score average compared to the other students, both in the concept understanding and mathematical problem solving. The result of hypothesis test shows that, significantly: 1) there is difference of mathematical problem solving ability between the students facilitated with problem-based learning model and conventional learning model, 2) there is difference of mathematical problem solving ability between the students facilitated with authentic assessment model and conventional assessment model, and 3) there is interaction effect between learning model and assessment model on mathematical problem solving. In order to improve the effectiveness of mathematics learning, collaboration between problem-based learning model and authentic assessment model can be considered as one of learning models in class.

  11. Writing the Book…Literally: The Convergence of Authentic Intellectual Work (AIW) and Project-Based Learning (PBL)

    Science.gov (United States)

    Buckmiller, Tom M.; Kruse, Jerrid W.

    2015-01-01

    Using the Project-Based Learning (PBL) and Authentic Intellectual Work (AIW) models, we sought to create coursework that had value beyond the classroom. Refinements in the self-publishing book industry provide the opportunity to present student work to a larger audience and in a different, more engaging format. With the help of free software, our…

  12. Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things

    Directory of Open Access Journals (Sweden)

    Anup Kumar Maurya

    2017-10-01

    Full Text Available To improve the quality of service and reduce the possibility of security attacks, a secure and efficient user authentication mechanism is required for Wireless Sensor Networks (WSNs and the Internet of Things (IoT. Session key establishment between the sensor node and the user is also required for secure communication. In this paper, we perform the security analysis of A.K.Das’s user authentication scheme (given in 2015, Choi et al.’s scheme (given in 2016, and Park et al.’s scheme (given in 2016. The security analysis shows that their schemes are vulnerable to various attacks like user impersonation attack, sensor node impersonation attack and attacks based on legitimate users. Based on the cryptanalysis of these existing protocols, we propose a secure and efficient authenticated session key establishment protocol which ensures various security features and overcomes the drawbacks of existing protocols. The formal and informal security analysis indicates that the proposed protocol withstands the various security vulnerabilities involved in WSNs. The automated validation using AVISPA and Scyther tool ensures the absence of security attacks in our scheme. The logical verification using the Burrows-Abadi-Needham (BAN logic confirms the correctness of the proposed protocol. Finally, the comparative analysis based on computational overhead and security features of other existing protocol indicate that the proposed user authentication system is secure and efficient. In future, we intend to implement the proposed protocol in real-world applications of WSNs and IoT.

  13. Scalable Content Authentication in H.264/SVC Videos Using Perceptual Hashing based on Dempster-Shafer theory

    Directory of Open Access Journals (Sweden)

    Ye Dengpan

    2012-09-01

    Full Text Available The content authenticity of the multimedia delivery is important issue with rapid development and widely used of multimedia technology. Till now many authentication solutions had been proposed, such as cryptology and watermarking based methods. However, in latest heterogeneous network the video stream transmission has been coded in scalable way such as H.264/SVC, there is still no good authentication solution. In this paper, we firstly summarized related works and proposed a scalable content authentication scheme using a ratio of different energy (RDE based perceptual hashing in Q/S dimension, which is used Dempster-Shafer theory and combined with the latest scalable video coding (H.264/SVC construction. The idea of aldquo;sign once and verify in scalable wayardquo; can be realized. Comparing with previous methods, the proposed scheme based on perceptual hashing outperforms previous works in uncertainty (robustness and efficiencies in the H.264/SVC video streams. At last, the experiment results verified the performance of our scheme.

  14. dLocAuth: a dynamic multifactor authentication scheme for mCommerce applications using independent location-based obfuscation

    Science.gov (United States)

    Kuseler, Torben; Lami, Ihsan A.

    2012-06-01

    This paper proposes a new technique to obfuscate an authentication-challenge program (named LocProg) using randomly generated data together with a client's current location in real-time. LocProg can be used to enable any handsetapplication on mobile-devices (e.g. mCommerce on Smartphones) that requires authentication with a remote authenticator (e.g. bank). The motivation of this novel technique is to a) enhance the security against replay attacks, which is currently based on using real-time nonce(s), and b) add a new security factor, which is location verified by two independent sources, to challenge / response methods for authentication. To assure a secure-live transaction, thus reducing the possibility of replay and other remote attacks, the authors have devised a novel technique to obtain the client's location from two independent sources of GPS on the client's side and the cellular network on authenticator's side. The algorithm of LocProg is based on obfuscating "random elements plus a client's data" with a location-based key, generated on the bank side. LocProg is then sent to the client and is designed so it will automatically integrate into the target application on the client's handset. The client can then de-obfuscate LocProg if s/he is within a certain range around the location calculated by the bank and if the correct personal data is supplied. LocProg also has features to protect against trial/error attacks. Analysis of LocAuth's security (trust, threat and system models) and trials based on a prototype implementation (on Android platform) prove the viability and novelty of LocAuth.

  15. In-gel and OFFGEL-based proteomic approach for authentication of meat species from minced meat and meat products.

    Science.gov (United States)

    Naveena, Basappa M; Jagadeesh, Deepak S; Kamuni, Veeranna; Muthukumar, Muthupalani; Kulkarni, Vinayak V; Kiran, Mohan; Rapole, Srikanth

    2018-02-01

    Fraudulent mislabelling of processed meat products on a global scale that cannot be detected using conventional techniques necessitates sensitive, robust and accurate methods of meat authentication to ensure food safety and public health. In the present study, we developed an in-gel (two-dimensional gel electrophoresis, 2DE) and OFFGEL-based proteomic method for authenticating raw and cooked water buffalo (Bubalus bubalis), sheep (Ovis aries) and goat (Caprus hircus) meat and their mixes. The matrix-assisted liquid desorption/ionization time-of-flight mass spectrometric analysis of proteins separated using 2DE or OFFGEL electrophoresis delineated species-specific peptide biomarkers derived from myosin light chain 1 and 2 (MLC1 and MLC2) of buffalo-sheep-goat meat mix in definite proportions at 98:1:1, 99:0.5:0.5 and 99.8:0.1:0.1 that were found stable to resist thermal processing. In-gel and OFFGEL-based proteomic approaches are efficient in authenticating meat mixes spiked at minimum 1.0% and 0.1% levels, respectively, in triple meat mix for both raw and cooked samples. The study demonstrated that authentication of meat from a complex mix of three closely related species requires identification of more than one species-specific peptide due to close similarity between their amino acid sequences. © 2017 Society of Chemical Industry. © 2017 Society of Chemical Industry.

  16. An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems.

    Science.gov (United States)

    Lee, Tian-Fu

    2013-12-01

    A smartcard-based authentication and key agreement scheme for telecare medicine information systems enables patients, doctors, nurses and health visitors to use smartcards for secure login to medical information systems. Authorized users can then efficiently access remote services provided by the medicine information systems through public networks. Guo and Chang recently improved the efficiency of a smartcard authentication and key agreement scheme by using chaotic maps. Later, Hao et al. reported that the scheme developed by Guo and Chang had two weaknesses: inability to provide anonymity and inefficient double secrets. Therefore, Hao et al. proposed an authentication scheme for telecare medicine information systems that solved these weaknesses and improved performance. However, a limitation in both schemes is their violation of the contributory property of key agreements. This investigation discusses these weaknesses and proposes a new smartcard-based authentication and key agreement scheme that uses chaotic maps for telecare medicine information systems. Compared to conventional schemes, the proposed scheme provides fewer weaknesses, better security, and more efficiency.

  17. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

    Directory of Open Access Journals (Sweden)

    Dongwoo Kang

    Full Text Available The Proxy Mobile IPv6 (PMIPv6 is a network-based mobility management protocol that allows a Mobile Node(MN connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG. As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

  18. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

    Science.gov (United States)

    Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick; Won, Dongho

    2017-01-01

    The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

  19. Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

    Directory of Open Access Journals (Sweden)

    Jongho Moon

    2017-01-01

    Full Text Available Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

  20. Secure and robust authentication for DC MicroGrids based on power talk communication

    DEFF Research Database (Denmark)

    Angjelichinoski, Marko; Danzi, Pietro; Stefanovic, Cedomir

    2017-01-01

    We propose a novel framework for secure and reliable authentication of Distributed Energy Resources to the centralized secondary/tertiary control system of a DC MicroGrid (MG), networked using the IEEE 802.11 wireless interface. The key idea is to perform the authentication using power talk...... - a powerline communication technique executed by the primary control loops of the power electronic converters. In addition, the scheme also promotes direct and active participation of the control system in the authentication process, a feature not commonly encountered in current networked control systems...

  1. Authentic Leadership: Strategy of the Implementation of Madrasah Management of Change

    Directory of Open Access Journals (Sweden)

    Aan Komariah

    2017-12-01

    Full Text Available Implementing the management of madrasah change starts from an authentic leadership. Authentic leadership is the identity of a head of madrasah in developing value-based educational system. His identity is seen from his sincerity in working, his kindness in treating people and the sharpness of his mind in determining the future of the organization. The authentic leadership of madrasah should represent the identity of moslem morality with work orientation on the sincerity of being a STAF+B (Siddiq, Tablig, Amanah, Fathonah + Brave leader. Leading the madrasah in the context of implementing management of change is not enough to be pious but it requires courage to take strategic and innovative decisions in realizing a qualified madrasah. This research aims to find an authentic leadership strategy model for management of change by head of madrasah. The research was conducted on the head of madrasah in Pangandaran Regency. The results show that the application of authentic leadership can build madrasah changes by empowering the Professional Learning Community (PLC in which 4CS strategy is implemented in a reciprocal (cumsuis-Casing, Communicating, Competencies, Contribution, Sample. The followers can identify who the authentic leader is by finding the integrity of identity that represents in: his mind is vision; his heart is good and his legs work hard.

  2. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

    Science.gov (United States)

    Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

    2016-08-16

    In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

  3. Differentiating Authentic Adenophorae Radix from Its Adulterants in Commercially-Processed Samples Using Multiplexed ITS Sequence-Based SCAR Markers

    Directory of Open Access Journals (Sweden)

    Byeong Cheol Moon

    2017-06-01

    Full Text Available Determining the precise botanical origin of a traditional herbal medicine is important for basic quality control. In both the Chinese and Korean herbal pharmacopoeia, authentic Adenophorae Radix is defined as the roots of Adenophora stricta and Adenophora triphylla. However, the roots of Codonopsis lanceolata, Codonopsis pilosula, and Glehnia littoralis are frequently distributed as Adenophorae Radix in Korean herbal markets. Unfortunately, correctly identifying dried roots is difficult using conventional methods because the roots of those species are morphologically similar. Therefore, we developed DNA-based markers for the identification of authentic Adenophorae Radix and its common adulterants in commercially-processed samples. To develop a reliable method to discriminate between Adenophorae Radix and its adulterants, we sequenced the nuclear ribosomal DNA internal transcribed spacers (nrDNA-ITS and designed sequence-characterized amplified region (SCAR primers specific to the authentic and adulterant species. Using these primers, we developed SCAR markers for each species and established a multiplex-PCR method that can authenticate the four herbal medicines in a single PCR reaction. Furthermore, we confirmed that commercially-processed herbal medicines, which often have degraded DNA, could be assessed with our method. Therefore, our method is a reliable genetic tool to protect against adulteration and to standardize the quality of Adenophorae Radix.

  4. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jaewook Jung

    2016-08-01

    Full Text Available In wireless sensor networks (WSNs, a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

  5. Comment on ‘Authenticated quantum secret sharing with quantum dialogue based on Bell states’

    Science.gov (United States)

    Gao, Gan; Wang, Yue; Wang, Dong; Ye, Liu

    2018-02-01

    In the paper (2016 Phys. Scr. 91 085101), Abulkasim et al proposed a authenticated quantum secret sharing scheme. We study the security of the multiparty case in the proposed scheme and find that it is not secure.

  6. Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

    Science.gov (United States)

    Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

    2015-01-01

    Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

  7. Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

    Directory of Open Access Journals (Sweden)

    Yanrong Lu

    Full Text Available Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

  8. Template characterization and correlation algorithm created from segmentation for the iris biometric authentication based on analysis of textures implemented on a FPGA

    International Nuclear Information System (INIS)

    Giacometto, F J; Vilardy, J M; Torres, C O; Mattos, L

    2011-01-01

    Among the most used biometric signals to set personal security permissions, taker increasingly importance biometric iris recognition based on their textures and images of blood vessels due to the rich in these two unique characteristics that are unique to each individual. This paper presents an implementation of an algorithm characterization and correlation of templates created for biometric authentication based on iris texture analysis programmed on a FPGA (Field Programmable Gate Array), authentication is based on processes like characterization methods based on frequency analysis of the sample, and frequency correlation to obtain the expected results of authentication.

  9. BIOMETRIC AUTHENTICATION USING NONPARAMETRIC METHODS

    OpenAIRE

    S V Sheela; K R Radhika

    2010-01-01

    The physiological and behavioral trait is employed to develop biometric authentication systems. The proposed work deals with the authentication of iris and signature based on minimum variance criteria. The iris patterns are preprocessed based on area of the connected components. The segmented image used for authentication consists of the region with large variations in the gray level values. The image region is split into quadtree components. The components with minimum variance are determine...

  10. An Authenticated Key Agreement Scheme Based on Cyclic Automorphism Subgroups of Random Orders

    Directory of Open Access Journals (Sweden)

    Yang Jun

    2017-01-01

    Full Text Available Group-based cryptography is viewed as a modern cryptographic candidate solution to blocking quantum computer attacks, and key exchange protocols on the Internet are one of the primitives to ensure the security of communication. In 2016 Habeeb et al proposed a “textbook” key exchange protocol based on the semidirect product of two groups, which is insecure for use in real-world applications. In this paper, after discarding the unnecessary disguising notion of semidirect product in the protocol, we establish a simplified yet enhanced authenticated key agreement scheme based on cyclic automorphism subgroups of random orders by making hybrid use of certificates and symmetric-key encryption as challenge-and-responses in the public-key setting. Its passive security is formally analyzed, which is relative to the cryptographic hardness assumption of a computational number-theoretic problem. Cryptanalysis of this scheme shows that it is secure against the intruder-in-the-middle attack even in the worst case of compromising the signatures, and provides explicit key confirmation to both parties.

  11. A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP

    OpenAIRE

    Zhang, Liping; Tang, Shanyu; Zhu, Shaohui

    2016-01-01

    Session Initiation Protocol (SIP) is an essential part of most Voice over Internet Protocol (VoIP) architecture. Although SIP provides attractive features, it is exposed to various security threats, and so an efficient and secure authentication scheme is sought to enhance the security of SIP. Several attempts have been made to address the tradeoff problem between security and efficiency, but designing a successful authenticated key agreement protocol for SIP is still a challenging task from t...

  12. Geospatial Authentication

    Science.gov (United States)

    Lyle, Stacey D.

    2009-01-01

    A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server.

  13. Integrating authentic scientific research in a conservation course–based undergraduate research experience

    Science.gov (United States)

    Sorensen, Amanda E.; Corral, Lucia; Dauer, Jenny M.; Fontaine, Joseph J.

    2018-01-01

    Course-based undergraduate research experiences (CUREs) have been developed to overcome barriers including students in research. However, there are few examples of CUREs that take place in a conservation and natural resource context with students engaging in field research. Here, we highlight the development of a conservation-focused CURE integrated to a research program, research benefits, student self-assessment of learning, and perception of the CURE. With the additional data, researchers were able to refine species distribution models and facilitate management decisions. Most students reported gains in their scientific skills, felt they had engaged in meaningful, real-world research. In student reflections on how this experience helped clarify their professional intentions, many reported being more likely to enroll in graduate programs and seek employment related to science. Also interesting was all students reported being more likely to talk with friends, family, or the public about wildlife conservation issues after participating, indicating that courses like this can have effects beyond the classroom, empowering students to be advocates and translators of science. Field-based, conservation-focused CUREs can create meaningful conservation and natural resource experiences with authentic scientific teaching practices.

  14. Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

    Science.gov (United States)

    Li, Xiong; Niu, Jianwei; Karuppiah, Marimuthu; Kumari, Saru; Wu, Fan

    2016-12-01

    Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

  15. FAST PALMPRINT AUTHENTICATION BY SOBEL CODE METHOD

    Directory of Open Access Journals (Sweden)

    Jyoti Malik

    2011-05-01

    Full Text Available The ideal real time personal authentication system should be fast and accurate to automatically identify a person’s identity. In this paper, we have proposed a palmprint based biometric authentication method with improvement in time and accuracy, so as to make it a real time palmprint authentication system. Several edge detection methods, wavelet transform, phase congruency etc. are available to extract line feature from the palmprint. In this paper, Multi-scale Sobel Code operators of different orientations (0?, 45?, 90?, and 135? are applied to the palmprint to extract Sobel-Palmprint features in different direc- tions. The Sobel-Palmprint features extracted are stored in Sobel- Palmprint feature vector and matched using sliding window with Hamming Distance similarity measurement method. The sliding win- dow method is accurate but time taking process. In this paper, we have improved the sliding window method so that the matching time reduces. It is observed that there is 39.36% improvement in matching time. In addition, a Min Max Threshold Range (MMTR method is proposed that helps in increasing overall system accuracy by reducing the False Acceptance Rate (FAR. Experimental results indicate that the MMTR method improves the False Acceptance Rate drastically and improvement in sliding window method reduces the comparison time. The accuracy improvement and matching time improvement leads to proposed real time authentication system.

  16. Designing a framework for a unified electronic identity system ...

    African Journals Online (AJOL)

    In this paper, a Unified Identity System is proposed where single electronic identity (eID) is issued that can be used across the various platforms of business transaction. The activity/state diagram of the model is presented, and the means of authentication is based on the Secure Assertion Markup Language (SAML) ...

  17. Secure ADS-B authentication system and method

    Science.gov (United States)

    Viggiano, Marc J (Inventor); Valovage, Edward M (Inventor); Samuelson, Kenneth B (Inventor); Hall, Dana L (Inventor)

    2010-01-01

    A secure system for authenticating the identity of ADS-B systems, including: an authenticator, including a unique id generator and a transmitter transmitting the unique id to one or more ADS-B transmitters; one or more ADS-B transmitters, including a receiver receiving the unique id, one or more secure processing stages merging the unique id with the ADS-B transmitter's identification, data and secret key and generating a secure code identification and a transmitter transmitting a response containing the secure code and ADSB transmitter's data to the authenticator; the authenticator including means for independently determining each ADS-B transmitter's secret key, a receiver receiving each ADS-B transmitter's response, one or more secure processing stages merging the unique id, ADS-B transmitter's identification and data and generating a secure code, and comparison processing comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code and providing an authentication signal based on the comparison result.

  18. Species Authentication of Common Meat Based on PCR Analysis of the Mitochondrial COI Gene.

    Science.gov (United States)

    Dai, Zhenyu; Qiao, Jiao; Yang, Siran; Hu, Shen; Zuo, Jingjing; Zhu, Weifeng; Huang, Chunhong

    2015-07-01

    Adulteration of meat products and costly animal-derived commodities with their inferior/cheaper counterparts is a grievous global problem. Species authentication is still technical challenging, especially to those deep processed products. The present study described the design of seven sets of species-specific primer based on a high heterozygous region of mitochondrial cytochrome c oxidase subunit I (COI) gene. These primers were proven to have high species specificity and no cross-reactions and unexpected products to different DNA source. Multiplex PCR assay was achieved for rapid and economical identification of four commonly consumed meats (pork, beef, chicken, and mutton). The conventional PCR assay was sensitive down to 0.001 ng of DNA template in the reactant. The developed method was also powerful in detecting as low as 0.1-mg adulterated pork (0.05 % in wt/wt) in an artificial counterfeited mutton. Validation test showed that the assay is specific, reproducible, and robust in commercial deep processed meats, leatherware, and feather commodities. This proposed method will be greatly beneficial to the consumers, food industry, leather, and feather commodity manufacture.

  19. A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function.

    Science.gov (United States)

    Xu, He; Ding, Jie; Li, Peng; Zhu, Feng; Wang, Ruchuan

    2018-03-02

    With the fast development of the Internet of Things, Radio Frequency Identification (RFID) has been widely applied into many areas. Nevertheless, security problems of the RFID technology are also gradually exposed, when it provides life convenience. In particular, the appearance of a large number of fake and counterfeit goods has caused massive loss for both producers and customers, for which the clone tag is a serious security threat. If attackers acquire the complete information of a tag, they can then obtain the unique identifier of the tag by some technological means. In general, because there is no extra identifier of a tag, it is difficult to distinguish an original tag and its clone one. Once the legal tag data is obtained, attackers can be able to clone this tag. Therefore, this paper shows an efficient RFID mutual verification protocol. This protocol is based on the Physical Unclonable Function (PUF) and the lightweight cryptography to achieve efficient verification of a single tag. The protocol includes three process: tag recognition, mutual verification and update. The tag recognition is that the reader recognizes the tag; mutual verification is that the reader and tag mutually verify the authenticity of each other; update is supposed to maintain the latest secret key for the following verification. Analysis results show that this protocol has a good balance between performance and security.

  20. Security enhancement mechanism based on contextual authentication and role analysis for 2G-RFID systems.

    Science.gov (United States)

    Tang, Wan; Chen, Min; Ni, Jin; Yang, Ximin

    2011-01-01

    The traditional Radio Frequency Identification (RFID) system, in which the information maintained in tags is passive and static, has no intelligent decision-making ability to suit application and environment dynamics. The Second-Generation RFID (2G-RFID) system, referred as 2G-RFID-sys, is an evolution of the traditional RFID system to ensure better quality of service in future networks. Due to the openness of the active mobile codes in the 2G-RFID system, the realization of conveying intelligence brings a critical issue: how can we make sure the backend system will interpret and execute mobile codes in the right way without misuse so as to avoid malicious attacks? To address this issue, this paper expands the concept of Role-Based Access Control (RBAC) by introducing context-aware computing, and then designs a secure middleware for backend systems, named Two-Level Security Enhancement Mechanism or 2L-SEM, in order to ensure the usability and validity of the mobile code through contextual authentication and role analysis. According to the given contextual restrictions, 2L-SEM can filtrate the illegal and invalid mobile codes contained in tags. Finally, a reference architecture and its typical application are given to illustrate the implementation of 2L-SEM in a 2G-RFID system, along with the simulation results to evaluate how the proposed mechanism can guarantee secure execution of mobile codes for the system.

  1. Security Enhancement Mechanism Based on Contextual Authentication and Role Analysis for 2G-RFID Systems

    Directory of Open Access Journals (Sweden)

    Ximin Yang

    2011-06-01

    Full Text Available The traditional Radio Frequency Identification (RFID system, in which the information maintained in tags is passive and static, has no intelligent decision-making ability to suit application and environment dynamics. The Second-Generation RFID (2G-RFID system, referred as 2G-RFID-sys, is an evolution of the traditional RFID system to ensure better quality of service in future networks. Due to the openness of the active mobile codes in the 2G-RFID system, the realization of conveying intelligence brings a critical issue: how can we make sure the backend system will interpret and execute mobile codes in the right way without misuse so as to avoid malicious attacks? To address this issue, this paper expands the concept of Role-Based Access Control (RBAC by introducing context-aware computing, and then designs a secure middleware for backend systems, named Two-Level Security Enhancement Mechanism or 2L-SEM, in order to ensure the usability and validity of the mobile code through contextual authentication and role analysis. According to the given contextual restrictions, 2L-SEM can filtrate the illegal and invalid mobile codes contained in tags. Finally, a reference architecture and its typical application are given to illustrate the implementation of 2L-SEM in a 2G-RFID system, along with the simulation results to evaluate how the proposed mechanism can guarantee secure execution of mobile codes for the system.

  2. Subjective and Objective Work-Based Identity Consequences

    NARCIS (Netherlands)

    Botha, F.C.; Roodt, G.; van de Bunt-Kokhuis, S.G.M.; Jansen, P.G.W.; Roodt, G.

    2015-01-01

    The aim of this chapter is to provide a systematic literature review on the selected consequences of work-based identity (WI). The first section of the chapter includes the following subjective consequences: self-report measures on personal alienation, helping behaviour (H-OCB), burnout (consisting

  3. Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

    International Nuclear Information System (INIS)

    Xie Qi; Hu Bin; Chen Ke-Fei; Liu Wen-Hao; Tan Xiao

    2015-01-01

    In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. (paper)

  4. Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

    Science.gov (United States)

    Xie, Qi; Hu, Bin; Chen, Ke-Fei; Liu, Wen-Hao; Tan, Xiao

    2015-11-01

    In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. Project supported by the Natural Science Foundation of Zhejiang Province, China (Grant No. LZ12F02005), the Major State Basic Research Development Program of China (Grant No. 2013CB834205), and the National Natural Science Foundation of China (Grant No. 61070153).

  5. An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.

    Science.gov (United States)

    Moon, Jongho; Choi, Younsung; Kim, Jiye; Won, Dongho

    2016-03-01

    Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.

  6. DNA-based techniques for authentication of processed food and food supplements.

    Science.gov (United States)

    Lo, Yat-Tung; Shaw, Pang-Chui

    2018-02-01

    Authentication of food or food supplements with medicinal values is important to avoid adverse toxic effects, provide consumer rights, as well as for certification purpose. Compared to morphological and spectrometric techniques, molecular authentication is found to be accurate, sensitive and reliable. However, DNA degradation and inclusion of inhibitors may lead to failure in PCR amplification. This paper reviews on the existing DNA extraction and PCR protocols, and the use of small size DNA markers with sufficient discriminative power for molecular authentication. Various emerging new molecular techniques such as isothermal amplification for on-site diagnosis, next-generation sequencing for high-throughput species identification, high resolution melting analysis for quick species differentiation, DNA array techniques for rapid detection and quantitative determination in food products are also discussed. Copyright © 2017 Elsevier Ltd. All rights reserved.

  7. Remote Biometrics for Robust Persistent Authentication

    DEFF Research Database (Denmark)

    Ingwar, Mads Ingerslew; Jensen, Christian D.

    2014-01-01

    This paper examines the problem of providing a robust non-invasive authentication service for mobile users in a smart environment. We base our work on the persistent authentication model (PAISE), which relies on available sensors to track principals from the location where they authenticate, e.......g., through a smart card based access control system, to the location where the authentication is required by a location-based service. The PAISE model is extended with remote biometrics to prevent the decay of authentication confidence when authenticated users encounter and interact with other users...... in the environment. The result is a calm approach to authentication, where mobile users are transparently authenticated towards the system, which allows the provision of location-based services. The output of the remote biometrics are fused using error-rate-based fusion to solve a common problem that occurs in score...

  8. Undergraduate Biology Lab Courses: Comparing the Impact of Traditionally Based "Cookbook" and Authentic Research-Based Courses on Student Lab Experiences

    Science.gov (United States)

    Brownell, Sara E.; Kloser, Matthew J.; Fukami, Tadishi; Shavelson, Rich

    2012-01-01

    Over the past decade, several reports have recommended a shift in undergraduate biology laboratory courses from traditionally structured, often described as "cookbook," to authentic research-based experiences. This study compares a cookbook-type laboratory course to a research-based undergraduate biology laboratory course at a Research 1…

  9. Evaluation of a DNA-based method for spice/herb authentication, so you do not have to worry about what is in your curry, buon appetito!

    Science.gov (United States)

    Osathanunkul, Maslin; Ounjai, Sarawut; Osathanunkul, Rossarin; Madesis, Panagiotis

    2017-01-01

    It is long believed that some spices may help protect against certain chronic conditions. Spices are usually parts of plants that have been powdered into small pieces. Have you ever wondered what the curry powder in your dish is made of? The aim of this work was to develop an appropriate DNA-based method for assessment of spice identity. Selecting the best marker for species recognition in the Zingiberaceae family. Six DNA regions were investigated in silico, including ITS, matK, rbcL, rpoC, trnH-psbA and trnL. Then, only four regions (ITS, matK, rbcL and trnH-psbA) were included in the simulated HRM (High-resolution Melting) analysis as the results from previous analysis showed that rpoC and trnL may not be suitable to be used to identify Zingiberaceae species in HRM analysis based on both the percentage of nucleotide variation and GC content. Simulated HRM analysis was performed to test the feasibility of Bar-HRM. We found that ITS2 is the most effective region to be used for identification of the studied species and thus was used in laboratory HRM analysis. All seven tested Zingiberaceae plants were then able to be distinguished using the ITS2 primers in laboratory HRM. Most importantly the melting curves gained from fresh and dried tissue overlapped, which is a crucial outcome for the applicability of the analysis. The method could be used in an authentication test for dried products. In the authentication test, only one of seven store-sold Zingiberaceae products that were tested contained the species listed on their labels, while we found substitution/contamination of the tested purchased products in the rest.

  10. Evaluation of a DNA-based method for spice/herb authentication, so you do not have to worry about what is in your curry, buon appetito!

    Directory of Open Access Journals (Sweden)

    Maslin Osathanunkul

    Full Text Available It is long believed that some spices may help protect against certain chronic conditions. Spices are usually parts of plants that have been powdered into small pieces. Have you ever wondered what the curry powder in your dish is made of? The aim of this work was to develop an appropriate DNA-based method for assessment of spice identity. Selecting the best marker for species recognition in the Zingiberaceae family. Six DNA regions were investigated in silico, including ITS, matK, rbcL, rpoC, trnH-psbA and trnL. Then, only four regions (ITS, matK, rbcL and trnH-psbA were included in the simulated HRM (High-resolution Melting analysis as the results from previous analysis showed that rpoC and trnL may not be suitable to be used to identify Zingiberaceae species in HRM analysis based on both the percentage of nucleotide variation and GC content. Simulated HRM analysis was performed to test the feasibility of Bar-HRM. We found that ITS2 is the most effective region to be used for identification of the studied species and thus was used in laboratory HRM analysis. All seven tested Zingiberaceae plants were then able to be distinguished using the ITS2 primers in laboratory HRM. Most importantly the melting curves gained from fresh and dried tissue overlapped, which is a crucial outcome for the applicability of the analysis. The method could be used in an authentication test for dried products. In the authentication test, only one of seven store-sold Zingiberaceae products that were tested contained the species listed on their labels, while we found substitution/contamination of the tested purchased products in the rest.

  11. The application of NMR-based milk metabolite analysis in milk authenticity identification.

    Science.gov (United States)

    Li, Qiangqiang; Yu, Zunbo; Zhu, Dan; Meng, Xianghe; Pang, Xiumei; Liu, Yue; Frew, Russell; Chen, He; Chen, Gang

    2017-07-01

    Milk is an important food component in the human diet and is a target for fraud, including many unsafe practices. For example, the unscrupulous adulteration of soymilk into bovine and goat milk or of bovine milk into goat milk in order to gain profit without declaration is a health risk, as the adulterant source and sanitary history are unknown. A robust and fit-for-purpose technique is required to enforce market surveillance and hence protect consumer health. Nuclear magnetic resonance (NMR) is a powerful technique for characterization of food products based on measuring the profile of metabolites. In this study, 1D NMR in conjunction with multivariate chemometrics as well as 2D NMR was applied to differentiate milk types and to identify milk adulteration. Ten metabolites were found which differed among milk types, hence providing characteristic markers for identifying the milk. These metabolites were used to establish mathematical models for milk type differentiation. The limit of quantification (LOQ) of adulteration was 2% (v/v) for soymilk in bovine milk, 2% (v/v) for soymilk in goat milk and 5% (v/v) for bovine milk in goat milk, with relative standard deviation (RSD) less than 10%, which can meet the needs of daily inspection. The NMR method described here is effective for milk authenticity identification, and the study demonstrates that the NMR-based milk metabolite analysis approach provides a means of detecting adulteration at expected levels and can be used for dairy quality monitoring. © 2016 Society of Chemical Industry. © 2016 Society of Chemical Industry.

  12. Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments

    Science.gov (United States)

    Zheng, Zhiming

    2018-01-01

    According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks. PMID:29534085

  13. Software Authentication

    International Nuclear Information System (INIS)

    Wolford, J.K.; Geelhood, B.D.; Hamilton, V.A.; Ingraham, J.; MacArthur, D.W.; Mitchell, D.J.; Mullens, J.A.; Vanier, P. E.; White, G.K.; Whiteson, R.

    2001-01-01

    The effort to define guidance for authentication of software for arms control and nuclear material transparency measurements draws on a variety of disciplines and has involved synthesizing established criteria and practices with newer methods. Challenges include the need to protect classified information that the software manipulates as well as deal with the rapid pace of innovation in the technology of nuclear material monitoring. The resulting guidance will shape the design of future systems and inform the process of authentication of instruments now being developed. This paper explores the technical issues underlying the guidance and presents its major tenets

  14. Appreciation of Authenticity Promotes Curiosity: Implications for Object-Based Learning in Museums

    Science.gov (United States)

    Bunce, Louise

    2016-01-01

    Museum professionals suppose that interacting with authentic objects promotes curiosity and engagement, but this has not been tested. In this research, children and adults visiting the Oxford University Museum of Natural History were shown a taxidermied rabbit or rabbit skeleton. They were asked "Is it real?," "Why?" and were…

  15. Privacy-preserving biometric authentication and matching via lattice-based encryption

    NARCIS (Netherlands)

    Patsakis, C.; Rest, J. van; Chorás, M.; Bouroche, M.

    2016-01-01

    The continuous dependence on electronic media has radically changed our interactions, many of which are now performed online. In many occasions users need to authenticate to remote machines, but the hostile environment of the Internet may severely expose users and service providers. To counter these

  16. Authentic Education by Providing a Situation for Student-Selected Problem-Based Learning

    Science.gov (United States)

    Strimel, Greg

    2014-01-01

    Students are seldom given an authentic experience within school that allows them the opportunity to solve real-life complex engineering design problems that have meaning to their lives and/ or the greater society. They are often confined to learning environments that are limited by the restrictions set by course content for assessment purposes and…

  17. Improving a Field School Curriculum Using Modularized Lessons and Authentic Case-Based Learning

    Science.gov (United States)

    Rea, Roy V.; Hodder, Dexter P.

    2007-01-01

    University course evaluations are replete with student comments expressing frustration with taking time out of work, paying money for, and putting energy into field education projects that lack authentic "real-world" problem-solving objectives. Here, we describe a model for field school education that borrows on pedagogical tools such as…

  18. Authentic Game-Based Learning and Teachers' Dilemmas in Reconstructing Professional Practice

    Science.gov (United States)

    Chee, Yam San; Mehrotra, Swati; Ong, Jing Chuan

    2015-01-01

    Teachers who attempt pedagogical innovation with authentic digital games face significant challenges because such games instantiate open systems of learner activity, inviting enquiry learning rather than knowledge acquisition. However, school environments are normatively sanctioned cultural spaces where direct instruction and high-stakes tests are…

  19. Threshold Cryptography-based Group Authentication (TCGA) Scheme for the Internet of Things (IoT)

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Prasad, Neeli R.; Prasad, Ramjee

    2014-01-01

    Internet of things (IoT) is an emerging paradigm where the devices around us (persistent and non-persistent) are connected to each other to provide seamless communication, and contextual services. In the IoT, each device cannot be authenticated in the short time due to unbounded number of devices...

  20. User authentication based on the NFC host-card-emulation technology

    Science.gov (United States)

    Kološ, Jan; Kotyrba, Martin

    2017-11-01

    This paper deals with implementation of algorithms for data exchange between mobile devices supporting NFC HCE (Host-Card-Emulation) and a contactless NFC reader communicating in a read/write mode. This solution provides multiplatform architecture for data exchange between devices with a focus on safe and simple user authentication.

  1. ELT RESEARCH PAPERS AS AUTHENTIC MATERIALS IN TEACHING RESEARCH-BASED ARTICLE WRITING: A CASE IN INDONESIAN CONTEXT

    Directory of Open Access Journals (Sweden)

    M. Ali Ghufron

    2017-09-01

    Full Text Available There are strong shreds of evidence that the choice of instructional materials has large effects on students’ achievement. This study was to assess the efficacy of using ELT research papers as authentic materials in teaching research-based article writing. This study was aimed at revealing whether or not there is a significant difference in students’ writing skill in terms of ELT research paper writing between the students who were taught by using ELT research papers as authentic materials and those who were taught by using textbook materials provided by the faculty. This study belongs to a quasi-experimental study with an experimental and control group pretest-posttest design. The population of this study was 75 students from the fourth semester of English Education Study Program of IKIP PGRI Bojonegoro, East Java, Indonesia. The sample was selected through cluster random sampling and consisted of 50 students that were divided into two groups. The instrument used to collect the data was a writing test. Consequently, normality and homogeneity of the data were tested. A t-test was used to compare the mean of the two groups. The hypothesis was designed and tested at 0.05 level of significance. The results revealed that there is a significant difference in students’ academic writing skill between the students who were taught by using the ELT research papers as authentic materials and those who were taught by using textbook materials. The t-test revealed that t-value is higher than t-table (6.07>2.01. Therefore it is concluded that the authentic instructional materials could significantly improve students’ academic writing skill.

  2. An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography.

    Science.gov (United States)

    Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Naqvi, Husnain; Khan, Muhammad Khurram

    2015-11-01

    Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

  3. An Improved Digital Signature Protocol to Multi-User Broadcast Authentication Based on Elliptic Curve Cryptography in Wireless Sensor Networks (WSNs

    Directory of Open Access Journals (Sweden)

    Hamed Bashirpour

    2018-03-01

    Full Text Available In wireless sensor networks (WSNs, users can use broadcast authentication mechanisms to connect to the target network and disseminate their messages within the network. Since data transfer for sensor networks is wireless, as a result, attackers can easily eavesdrop deployed sensor nodes and the data sent between them or modify the content of eavesdropped data and inject false data into the sensor network. Hence, the implementation of the message authentication mechanisms (in order to avoid changes and injecting messages into the network of wireless sensor networks is essential. In this paper, we present an improved protocol based on elliptic curve cryptography (ECC to accelerate authentication of multi-user message broadcasting. In comparison with previous ECC-based schemes, complexity and computational overhead of proposed scheme is significantly decreased. Also, the proposed scheme supports user anonymity, which is an important property in broadcast authentication schemes for WSNs to preserve user privacy and user untracking.

  4. A Reputation-Based Identity Management Model for Cloud Computing

    Directory of Open Access Journals (Sweden)

    Lifa Wu

    2015-01-01

    Full Text Available In the field of cloud computing, most research on identity management has concentrated on protecting user data. However, users typically leave a trail when they access cloud services, and the resulting user traceability can potentially lead to the leakage of sensitive user information. Meanwhile, malicious users can do harm to cloud providers through the use of pseudonyms. To solve these problems, we introduce a reputation mechanism and design a reputation-based identity management model for cloud computing. In the model, pseudonyms are generated based on a reputation signature so as to guarantee the untraceability of pseudonyms, and a mechanism that calculates user reputation is proposed, which helps cloud service providers to identify malicious users. Analysis verifies that the model can ensure that users access cloud services anonymously and that cloud providers assess the credibility of users effectively without violating user privacy.

  5. System and method for authentication

    Science.gov (United States)

    Duerksen, Gary L.; Miller, Seth A.

    2015-12-29

    Described are methods and systems for determining authenticity. For example, the method may include providing an object of authentication, capturing characteristic data from the object of authentication, deriving authentication data from the characteristic data of the object of authentication, and comparing the authentication data with an electronic database comprising reference authentication data to provide an authenticity score for the object of authentication. The reference authentication data may correspond to one or more reference objects of authentication other than the object of authentication.

  6. Using Physical Context-Based Authentication against External Attacks: Models and Protocols

    Directory of Open Access Journals (Sweden)

    Wilson S. Melo

    2018-01-01

    Full Text Available Modern systems are increasingly dependent on the integration of physical processes and information technologies. This trend is remarkable in applications involving sensor networks, cyberphysical systems, and Internet of Things. Despite its complexity, such integration results in physical context information that can be used to improve security, especially authentication. In this paper, we show that entities sharing the same physical context can use it for establishing a secure communication channel and protecting each other against external attacks. We present such approach proposing a theoretical model for generating unique bitstreams. Two different protocols are suggested. Each one is evaluated using probabilistic analysis and simulation. In the end, we implement the authentication mechanism in a case study using networks radio signal as physical event generator. The results demonstrate the performance of each of the protocols and their suitability for applications in real world.

  7. A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System.

    Science.gov (United States)

    Mohit, Prerna; Amin, Ruhul; Karati, Arijit; Biswas, G P; Khan, Muhammad Khurram

    2017-04-01

    Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

  8. Authentic, Original, and Valuable

    DEFF Research Database (Denmark)

    Tupasela, Aaro Mikael; Tamminen, Sakari

    2015-01-01

    The idea of genetic authenticity and origin has been an important issue within genetics for decades for scientific, political, and economic reasons. The question of where species and populations come from, as well as the linking of genetic traits to particular geographical locations, has resurfaced....... Using the case of human and non-human genetics to compare and contrast the various facets associated with genetic identity, we seek to develop a broader picture of the ways in which genetics plays an important role in stabilizing categories of origin....

  9. Evolution of the Brain Computing Interface (BCI and Proposed Electroencephalography (EEG Signals Based Authentication Model

    Directory of Open Access Journals (Sweden)

    Ramzan Qaseem

    2018-01-01

    Full Text Available With current advancements in the field of Brain Computer interface it is required to study how it will affect the other technologies currently in use. In this paper, the authors motivate the need of Brain Computing Interface in the era of IoT (Internet of Things, and analyze how BCI in the presence of IoT could have serious privacy breach if not protected by new kind of more secure protocols. Security breach and hacking has been around for a long time but now we are sensitive towards data as our lives depend on it. When everything is interconnected through IoT and considering that we control all interconnected things by means of our brain using BCI (Brain Computer Interface, the meaning of security breach becomes much more sensitive than in the past. This paper describes the old security methods being used for authentication and how they can be compromised. Considering the sensitivity of data in the era of IoT, a new form of authentication is required, which should incorporate BCI rather than usual authentication techniques.

  10. Authentication techniques for smart cards

    International Nuclear Information System (INIS)

    Nelson, R.A.

    1994-02-01

    Smart card systems are most cost efficient when implemented as a distributed system, which is a system without central host interaction or a local database of card numbers for verifying transaction approval. A distributed system, as such, presents special card and user authentication problems. Fortunately, smart cards offer processing capabilities that provide solutions to authentication problems, provided the system is designed with proper data integrity measures. Smart card systems maintain data integrity through a security design that controls data sources and limits data changes. A good security design is usually a result of a system analysis that provides a thorough understanding of the application needs. Once designers understand the application, they may specify authentication techniques that mitigate the risk of system compromise or failure. Current authentication techniques include cryptography, passwords, challenge/response protocols, and biometrics. The security design includes these techniques to help prevent counterfeit cards, unauthorized use, or information compromise. This paper discusses card authentication and user identity techniques that enhance security for microprocessor card systems. It also describes the analysis process used for determining proper authentication techniques for a system

  11. Cultivating College Students' National Culture Identity Based on English Education

    Science.gov (United States)

    Yuan, Yang; Fang, Lu

    2016-01-01

    Our country is a multi-ethnic country with plentiful national culture achievements, and the development of the national culture shows a trend of diversity, so cultural identity construction is particularly important. Article analyzes the concept of national identity, the relation between cultural identity and ethnic identity, the present situation…

  12. A secure effective dynamic group password-based authenticated key agreement scheme for the integrated EPR information system

    Directory of Open Access Journals (Sweden)

    Vanga Odelu

    2016-01-01

    Full Text Available With the rapid growth of the Internet, a lot of electronic patient records (EPRs have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password-based authenticated key agreement protocol for the integrated EPR information system (SGPAKE. However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool and show that our scheme is secure against passive and active attacks.

  13. Authenticity and commoditization at home

    DEFF Research Database (Denmark)

    Stender, Marie

    This paper investigates how interest and affect are entangled in the built environment of new Danish homes. The paper unfolds tensions and conflicts in the process from design through branding to occupancy of the house, and the relationship between authenticity and commoditization is explored....... In Denmark, the concept of authenticity is often associated with old houses. By way of design and branding, though, new neighbourhoods are made authentic, referring to their historical past, architectural uniqueness or sense of community. Based on a fieldwork in three new residential buildings in Copenhagen......, the paper explores the inherent paradox of the staging of authenticity. Rather than viewing the house solely from the perspective of the resident, the study ethnographically traces the entire process from design to occupancy in order to investigate how notions of value and authenticity are negotiated...

  14. Integrated analytical assets aid botanical authenticity and adulteration management.

    Science.gov (United States)

    Simmler, Charlotte; Graham, James G; Chen, Shao-Nong; Pauli, Guido F

    2017-11-22

    This article reviews and develops a perspective for the meaning of authenticity in the context of quality assessment of botanical materials and the challenges associated with discerning adulterations vs. contaminations vs. impurities. Authentic botanicals are by definition non-adulterated, a mutually exclusive relationship that is confirmed through the application of a multilayered set of analytical methods designed to validate the (chemo)taxonomic identity of a botanical and certify that it is devoid of any adulteration. In practice, the ever-increasing sophistication in the process of intentional adulteration, as well as the growing number of botanicals entering the market, altogether necessitate a constant adaptation and reinforcement of authentication methods with new approaches, especially new technologies. This article summarizes the set of analytical methods - classical and contemporary - that can be employed in the authentication of botanicals. Particular emphasis is placed on the application of untargeted metabolomics and chemometrics. An NMR-based untargeted metabolomic model is proposed as a rapid, systematic, and complementary screening for the discrimination of authentic vs. potentially adulterated botanicals. Such analytical model can help advance the evaluation of botanical integrity in natural product research. Copyright © 2017. Published by Elsevier B.V.

  15. A Survey of Authentication Schemes in Telecare Medicine Information Systems.

    Science.gov (United States)

    Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

    2017-01-01

    E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

  16. Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

    Science.gov (United States)

    Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

    2016-10-01

    Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security

  17. Eggspectation: organic egg authentication method challenged with produce from ten different countries

    NARCIS (Netherlands)

    Ruth, van S.M.; Koot, A.H.; Brouwer, S.E.; Boivin, N.; Carcea, M.; Zerva, C.N.; Haugen, J.E.; Hohl, A.; Koroglu, D.; Mafra, I.; Rom, S.

    2013-01-01

    Many consumers are willing to pay a higher price for organic eggs. Since these eggs retail at a higher price than conventional eggs and their identity is difficult to verify, they are susceptible to fraud. For the authentication of Dutch eggs RIKILT developed an analytical test method based on

  18. Authentic Teachers: Student Criteria Perceiving Authenticity of Teachers

    Science.gov (United States)

    De Bruyckere, Pedro; Kirschner, Paul A.

    2016-01-01

    Authenticity is seen by many as a key for good learning and education. There is talk of authentic instruction, authentic learning, authentic problems, authentic assessment, authentic tools and authentic teachers. The problem is that while authenticity is an often-used adjective describing almost all aspects of teaching and learning, the concept…

  19. Efficient Fair Exchange from Identity-Based Signature

    Science.gov (United States)

    Yum, Dae Hyun; Lee, Pil Joong

    A fair exchange scheme is a protocol by which two parties Alice and Bob exchange items or services without allowing either party to gain advantages by quitting prematurely or otherwise misbehaving. To this end, modern cryptographic solutions use a semi-trusted arbitrator who involves only in cases where one party attempts to cheat or simply crashes. We call such a fair exchange scheme optimistic. When no registration is required between the signer and the arbitrator, we say that the fair exchange scheme is setup free. To date, the setup-free optimist fair exchange scheme under the standard RSA assumption was only possible from the generic construction of [12], which uses ring signatures. In this paper, we introduce a new setup-free optimistic fair exchange scheme under the standard RSA assumption. Our scheme uses the GQ identity-based signature and is more efficient than [12]. The construction can also be generalized by using various identity-based signature schemes. Our main technique is to allow each user to choose his (or her) own “random” public key in the identitybased signature scheme.

  20. Final report for the network authentication investigation and pilot.

    Energy Technology Data Exchange (ETDEWEB)

    Eldridge, John M.; Dautenhahn, Nathan; Miller, Marc M.; Wiener, Dallas J; Witzke, Edward L.

    2006-11-01

    New network based authentication mechanisms are beginning to be implemented in industry. This project investigated different authentication technologies to see if and how Sandia might benefit from them. It also investigated how these mechanisms can integrate with the Sandia Two-Factor Authentication Project. The results of these investigations and a network authentication path forward strategy are documented in this report.

  1. Digital Image Authentication Algorithm Based on Fragile Invisible Watermark and MD-5 Function in the DWT Domain

    Directory of Open Access Journals (Sweden)

    Nehad Hameed Hussein

    2015-04-01

    Full Text Available Using watermarking techniques and digital signatures can better solve the problems of digital images transmitted on the Internet like forgery, tampering, altering, etc. In this paper we proposed invisible fragile watermark and MD-5 based algorithm for digital image authenticating and tampers detecting in the Discrete Wavelet Transform DWT domain. The digital image is decomposed using 2-level DWT and the middle and high frequency sub-bands are used for watermark and digital signature embedding. The authentication data are embedded in number of the coefficients of these sub-bands according to the adaptive threshold based on the watermark length and the coefficients of each DWT level. These sub-bands are used because they are less sensitive to the Human Visual System (HVS and preserve high image fidelity. MD-5 and RSA algorithms are used for generating the digital signature from the watermark data that is also embedded in the medical image. We apply the algorithm on number of medical images. The Electronic Patient Record (EPR is used as watermark data. Experiments demonstrate the effectiveness of our algorithm in terms of robustness, invisibility, and fragility. Watermark and digital signature can be extracted without the need to the original image.

  2. Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems.

    Science.gov (United States)

    Lee, Tian-Fu

    2014-12-01

    Telecare medicine information systems provide a communicating platform for accessing remote medical resources through public networks, and help health care workers and medical personnel to rapidly making correct clinical decisions and treatments. An authentication scheme for data exchange in telecare medicine information systems enables legal users in hospitals and medical institutes to establish a secure channel and exchange electronic medical records or electronic health records securely and efficiently. This investigation develops an efficient and secure verified-based three-party authentication scheme by using extended chaotic maps for data exchange in telecare medicine information systems. The proposed scheme does not require server's public keys and avoids time-consuming modular exponential computations and scalar multiplications on elliptic curve used in previous related approaches. Additionally, the proposed scheme is proven secure in the random oracle model, and realizes the lower bounds of messages and rounds in communications. Compared to related verified-based approaches, the proposed scheme not only possesses higher security, but also has lower computational cost and fewer transmissions. Copyright © 2014 Elsevier Ireland Ltd. All rights reserved.

  3. Tibetan Interpretations of Authenticity

    DEFF Research Database (Denmark)

    Sobisch, Jan-Ulrich

    2015-01-01

    The four means of authentication are arguments for the authentication of Buddhist teachings in a Tibetan tradition. Different traditions emphasize different means of authentication. These reveal interesting facts about the self-image of these traditions.......The four means of authentication are arguments for the authentication of Buddhist teachings in a Tibetan tradition. Different traditions emphasize different means of authentication. These reveal interesting facts about the self-image of these traditions....

  4. Tools for Authentication

    International Nuclear Information System (INIS)

    White, G.

    2008-01-01

    Many recent Non-proliferation and Arms Control software projects include a software authentication component. In this context, 'authentication' is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. In addition to visual inspection by knowledgeable computer scientists, automated tools are needed to highlight suspicious code constructs both to aid the visual inspection and to guide program development. While many commercial tools are available for portions of the authentication task, they are proprietary, and have limited extensibility. An open-source, extensible tool can be customized to the unique needs of each project (projects can have both common and custom rules to detect flaws and security holes). Any such extensible tool must be based on a complete language compiler infrastructure, that is, one that can parse and digest the full language through its standard grammar. ROSE is precisely such a compiler infrastructure developed within DOE. ROSE is a robust source-to-source analysis and optimization infrastructure currently addressing large, million-line DOE applications in C, C++, and FORTRAN. This year, it has been extended to support the automated analysis of binaries. We continue to extend ROSE to address a number of security-specific requirements and apply it to software authentication for Non-proliferation and Arms Control projects. We will give an update on the status of our work

  5. Tools for Authentication

    Energy Technology Data Exchange (ETDEWEB)

    White, G

    2008-07-09

    Many recent Non-proliferation and Arms Control software projects include a software authentication component. In this context, 'authentication' is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. In addition to visual inspection by knowledgeable computer scientists, automated tools are needed to highlight suspicious code constructs both to aid the visual inspection and to guide program development. While many commercial tools are available for portions of the authentication task, they are proprietary, and have limited extensibility. An open-source, extensible tool can be customized to the unique needs of each project (projects can have both common and custom rules to detect flaws and security holes). Any such extensible tool must be based on a complete language compiler infrastructure, that is, one that can parse and digest the full language through its standard grammar. ROSE is precisely such a compiler infrastructure developed within DOE. ROSE is a robust source-to-source analysis and optimization infrastructure currently addressing large, million-line DOE applications in C, C++, and FORTRAN. This year, it has been extended to support the automated analysis of binaries. We continue to extend ROSE to address a number of security-specific requirements and apply it to software authentication for Non-proliferation and Arms Control projects. We will give an update on the status of our work.

  6. An Accurate and Efficient User Authentication Mechanism on Smart Glasses Based on Iris Recognition

    Directory of Open Access Journals (Sweden)

    Yung-Hui Li

    2017-01-01

    Full Text Available In modern society, mobile devices (such as smart phones and wearable devices have become indispensable to almost everyone, and people store personal data in devices. Therefore, how to implement user authentication mechanism for private data protection on mobile devices is a very important issue. In this paper, an intelligent iris recognition mechanism is designed to solve the problem of user authentication in wearable smart glasses. Our contributions include hardware and software. On the hardware side, we design a set of internal infrared camera modules, including well-designed infrared light source and lens module, which is able to take clear iris images within 2~5 cm. On the software side, we propose an innovative iris segmentation algorithm which is both efficient and accurate to be used on smart glasses device. Another improvement to the traditional iris recognition is that we propose an intelligent Hamming distance (HD threshold adaptation method which dynamically fine-tunes the HD threshold used for verification according to empirical data collected. Our final system can perform iris recognition with 66 frames per second on a smart glasses platform with 100% accuracy. As far as we know, this system is the world’s first application of iris recognition on smart glasses.

  7. Authentication of commercial spices based on the similarities between gas chromatographic fingerprints.

    Science.gov (United States)

    Matsushita, Takaya; Zhao, Jing Jing; Igura, Noriyuki; Shimoda, Mitsuya

    2018-06-01

    A simple and solvent-free method was developed for the authentication of commercial spices. The similarities between gas chromatographic fingerprints were measured using similarity indices and multivariate data analyses, as morphological differentiation between dried powders and small spice particles was challenging. The volatile compounds present in 11 spices (i.e. allspice, anise, black pepper, caraway, clove, coriander, cumin, dill, fennel, star anise, and white pepper) were extracted by headspace solid-phase microextraction, and analysed by gas chromatography-mass spectrometry. The largest 10 peaks were selected from each total ion chromatogram, and a total of 65 volatiles were tentatively identified. The similarity indices (i.e. the congruence coefficients) were calculated using the data matrices of the identified compound relative peak areas to differentiate between two sets of fingerprints. Where pairs of similar fingerprints produced high congruence coefficients (>0.80), distinctive volatile markers were employed to distinguish between these samples. In addition, hierarchical cluster analysis and principal component analysis were performed to visualise the similarity among fingerprints, and the analysed spices were grouped and characterised according to their distinctive major components. This method is suitable for screening unknown spices, and can therefore be employed to evaluate the quality and authenticity of various spices. © 2017 Society of Chemical Industry. © 2017 Society of Chemical Industry.

  8. Multifactor Authentication: Its Time Has Come

    Directory of Open Access Journals (Sweden)

    Jim Reno

    2013-08-01

    Full Text Available Transactions of any value must be authenticated to help prevent online crime. Even seemingly innocent interactions, such as social media postings, can have serious consequences if used fraudulently. A key problem in modern online interactions is establishing the identity of the user without alienating the user. Historically, almost all online authentications have been implemented using simple passwords, but increasingly these methods are under attack. Multifactor authentication requires the presentation of two or more of the three authentication factor types: “What you know”, “What you have”, and “What you are”. After presentation, each factor must be validated by the other party for authentication to occur. Multifactor authentication is a potential solution to the authentication problem, and it is beginning to be implemented at websites operated by well-known companies. This article surveys the different mechanisms used to implement multifactor authentication. How a site chooses to implement multifactor authentication affects security as well as the overall user experience.

  9. Quantum broadcast communication and authentication protocol with a quantum one-time pad

    International Nuclear Information System (INIS)

    Chang Yan; Xu Chun-Xiang; Zhang Shi-Bin; Yan Li-Li

    2014-01-01

    A quantum broadcast communication and authentication protocol with a quantum one-time pad based on the Greenberger—Horne—Zeilinger state is proposed. A binary string is used to express the identity of the receiver, which is encoded as a single sequence of photons. The encoded photon sequence acts as a detection sequence and implements authentication. An XOR operation serves as a one-time pad and is used to ensure the security of the protocol. The binary string is reused even in a noisy channel and proves to be unconditionally secure. In contrast with the protocols proposed by Wang et al. [Chin. Phys. 16 1868 (2007)] and Yang et al. [Chin. Phys. B 19 070304 (2010)], the protocol in this study implements the identity authentication with a reusable binary string; no hash function or local unitary operation is used. The protocol in this study is also easier to implement and highly efficient without losing security. (general)

  10. AIS authentication

    CERN Multimedia

    2006-01-01

    Users are invited to use the NICE password for AIS authentication. As announced in CNL June-August 2006 (see http://www.cerncourier.com/articles/cnl/3/6/14/1) it is possible to use the NICE username and password to log on to AIS. The procedure is now fully operational and users can themselves reset the AIS password such that the NICE password will be used for authentication required by AIS applications. We strongly recommend CERN users who have a NICE account (this is the case of most users) to do this, with the objective to reduce the number of passwords they need to remember. This can be achieved very easily, directly from the Change Password option on the AIS login (https://aislogin.cern.ch/). Users should just select the '[Change Password]' option displayed at the bottom of the page, provide the 'Old Password' and then click on the button 'Use Nice password' followed by 'Submit'. Change Password option on the AIS login windowSetting the AIS password - Use Nice Password It should be noted that the proce...

  11. A CoAP-Based Network Access Authentication Service for Low-Power Wide Area Networks: LO-CoAP-EAP

    Directory of Open Access Journals (Sweden)

    Dan Garcia-Carrillo

    2017-11-01

    Full Text Available The Internet-of-Things (IoT landscape is expanding with new radio technologies. In addition to the Low-Rate Wireless Personal Area Network (LR-WPAN, the recent set of technologies conforming the so-called Low-Power Wide Area Networks (LP-WAN offers long-range communications, allowing one to send small pieces of information at a reduced energy cost, which promotes the creation of new IoT applications and services. However, LP-WAN technologies pose new challenges since they have strong limitations in the available bandwidth. In general, a first step prior to a smart object being able to gain access to the network is the process of network access authentication. It involves authentication, authorization and key management operations. This process is of vital importance for operators to control network resources. However, proposals for managing network access authentication in LP-WAN are tailored to the specifics of each technology, which could introduce interoperability problems in the future. In this sense, little effort has been put so far into providing a wireless-independent solution for network access authentication in the area of LP-WAN. To fill this gap, we propose a service named Low-Overhead CoAP-EAP (LO-CoAP-EAP, which is based on previous work designed for LR-WPAN. LO-CoAP-EAP integrates the use of Authentication, Authorization and Accounting (AAA infrastructures and the Extensible Authentication Protocol (EAP protocol. For this integration, we use the Constrained Application Protocol (CoAP to design a network authentication service independent of the type of LP-WAN technology. LO-CoAP-EAP represents a trade-off between flexibility, wireless technology independence, scalability and performance in LP-WAN.

  12. A CoAP-Based Network Access Authentication Service for Low-Power Wide Area Networks: LO-CoAP-EAP.

    Science.gov (United States)

    Garcia-Carrillo, Dan; Marin-Lopez, Rafael; Kandasamy, Arunprabhu; Pelov, Alexander

    2017-11-17

    The Internet-of-Things (IoT) landscape is expanding with new radio technologies. In addition to the Low-Rate Wireless Personal Area Network (LR-WPAN), the recent set of technologies conforming the so-called Low-Power Wide Area Networks (LP-WAN) offers long-range communications, allowing one to send small pieces of information at a reduced energy cost, which promotes the creation of new IoT applications and services. However, LP-WAN technologies pose new challenges since they have strong limitations in the available bandwidth. In general, a first step prior to a smart object being able to gain access to the network is the process of network access authentication. It involves authentication, authorization and key management operations. This process is of vital importance for operators to control network resources. However, proposals for managing network access authentication in LP-WAN are tailored to the specifics of each technology, which could introduce interoperability problems in the future. In this sense, little effort has been put so far into providing a wireless-independent solution for network access authentication in the area of LP-WAN. To fill this gap, we propose a service named Low-Overhead CoAP-EAP (LO-CoAP-EAP), which is based on previous work designed for LR-WPAN. LO-CoAP-EAP integrates the use of Authentication, Authorization and Accounting (AAA) infrastructures and the Extensible Authentication Protocol (EAP) protocol. For this integration, we use the Constrained Application Protocol (CoAP) to design a network authentication service independent of the type of LP-WAN technology. LO-CoAP-EAP represents a trade-off between flexibility, wireless technology independence, scalability and performance in LP-WAN.

  13. Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

    Directory of Open Access Journals (Sweden)

    Yuanyuan Zhang

    2015-01-01

    Full Text Available Since the concept of ubiquitous computing is firstly proposed by Mark Weiser, its connotation has been extending and expanding by many scholars. In pervasive computing application environment, many kinds of small devices containing smart cart are used to communicate with others. In 2013, Yang et al. proposed an enhanced authentication scheme using smart card for digital rights management. They demonstrated that their scheme is secure enough. However, Mishra et al. pointed out that Yang et al.’s scheme suffers from the password guessing attack and the denial of service attack. Moreover, they also demonstrated that Yang et al.’s scheme is not efficient enough when the user inputs an incorrect password. In this paper, we analyze Yang et al.’s scheme again, and find that their scheme is vulnerable to the session key attack. And, there are some mistakes in their scheme. To surmount the weakness of Yang et al.’s scheme, we propose a more efficient and provable secure digital rights management authentication scheme using smart card based on elliptic curve cryptography.

  14. AUTHENTIC LEADERSHIP IN EDUCATIONAL INSTITUTIONS

    Directory of Open Access Journals (Sweden)

    Nebojsa Pavlovic

    2015-06-01

    Full Text Available This work investigates authentic leadership models in the organizational culture of a school. The aim of this quantitative research is to define the factors of authentic leadership in educational institutions in order to provide answers to the questions related to the existence of specific authentic leadership in a school. The sample included 227 randomly selected directors of secondary and primary schools in the former Yugoslav republics: Serbia, Montenegro, and the Republic Srpska. The research included the use of an ALQ questionnaire for the estimation of leadership behavior. The components of authentic leadership are defined using factor analysis and other statistics techniques. The findings developed in this research indicated the fact that directors in educational institutions have a specific authentic leadership style. We suggest the concept of authentic leadership based on the four following factors: Communication-conformist, self-consciousness, self-discovery, and self-concept. Supporting these factors provides the directors with the possibility of obtaining a high level of authentic leadership.

  15. "Thick" Authenticity: New Media and Authentic Learning.

    Science.gov (United States)

    Shaffer, David Williamson; Resnick, Mitchel

    1999-01-01

    Discusses authenticity as it is applied to educational interventions and argues that the concept should be analyzed more closely. Describes four kinds of authenticity; analyzes how computational media are well-suited to support different aspects of authentic learning; and discusses connectivity, modeling, and pluralism. Contains 75 references.…

  16. Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

    OpenAIRE

    Wang, Chenyu; Xu, Guoai

    2017-01-01

    Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from ...

  17. A Novel Multifactor Authentication System Ensuring Usability and Security

    OpenAIRE

    Mathew, Gloriya; Thomas, Shiney

    2013-01-01

    User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or secure but not usable. While there are different types of authentication systems available alphanumeric password is the most commonly used authentication mechanism. But this method has significant drawbacks. An alternative solution to the text based authenti...

  18. Definition of Entity Authentication

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2010-01-01

    Authentication is considered a pre-requisite for communication security, but the definition of authentication is generally not agreed upon. Many attacks on authentication protocols are the result of misunderstanding of the goals of authentication. This state of affairs indicate limitations in the...

  19. The Potential of Using Brain Images for Authentication

    Directory of Open Access Journals (Sweden)

    Fanglin Chen

    2014-01-01

    Full Text Available Biometric recognition (also known as biometrics refers to the automated recognition of individuals based on their biological or behavioral traits. Examples of biometric traits include fingerprint, palmprint, iris, and face. The brain is the most important and complex organ in the human body. Can it be used as a biometric trait? In this study, we analyze the uniqueness of the brain and try to use the brain for identity authentication. The proposed brain-based verification system operates in two stages: gray matter extraction and gray matter matching. A modified brain segmentation algorithm is implemented for extracting gray matter from an input brain image. Then, an alignment-based matching algorithm is developed for brain matching. Experimental results on two data sets show that the proposed brain recognition system meets the high accuracy requirement of identity authentication. Though currently the acquisition of the brain is still time consuming and expensive, brain images are highly unique and have the potential possibility for authentication in view of pattern recognition.

  20. An Authentication Protocol for Future Sensor Networks.

    Science.gov (United States)

    Bilal, Muhammad; Kang, Shin-Gak

    2017-04-28

    Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN

  1. Authenticating the Leader

    DEFF Research Database (Denmark)

    Johnsen, Christian Garmann

    As authentic leadership, with its dictum of being true to the self, has become increasingly influential among practitioners and mainstream leadership scholars, critical writers have drawn attention to the negative consequences of this development. Yet, few scholars have investigated the problem...... of authentication within discourse of authentic leadership. If authentic leadership is to make any sense, it is necessary to be able to distinguish the authentic from the inauthentic leader – in other words, it is necessary to authenticate the leader. This paper uses Gilles Deleuze’s reading of Plato as the point...... of departure for discussing the problem of authentication – separating the authentic leader form the inauthentic one – in the leadership guru Bill George’s model of authentic leadership. By doing so, the paper offers a way of conceptualizing the problem of authenticating leaders, as well as challenging...

  2. Robustness of digital artist authentication

    DEFF Research Database (Denmark)

    Jacobsen, Robert; Nielsen, Morten

    In many cases it is possible to determine the authenticity of a painting from digital reproductions of the paintings; this has been demonstrated for a variety of artists and with different approaches. Common to all these methods in digital artist authentication is that the potential of the method...... is in focus, while the robustness has not been considered, i.e. the degree to which the data collection process influences the decision of the method. However, in order for an authentication method to be successful in practice, it needs to be robust to plausible error sources from the data collection....... In this paper we investigate the robustness of the newly proposed authenticity method introduced by the authors based on second generation multiresolution analysis. This is done by modelling a number of realistic factors that can occur in the data collection....

  3. A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

    Science.gov (United States)

    Das, Ashok Kumar

    2015-03-01

    An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

  4. A distributed authentication and authorization scheme for in-network big data sharing

    Directory of Open Access Journals (Sweden)

    Ruidong Li

    2017-11-01

    Full Text Available Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC to propose a Distributed Authentication and Authorization Scheme (DAAS, where an identity-based signature (IBS is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribute-based encryption (CP-ABE is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the interest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.

  5. Haunted by the authentic

    DEFF Research Database (Denmark)

    d'Ambrosio, Luigi

    2013-01-01

    and individual interviews with relevant guests at the Italian restaurant Sticchi’s in Aalborg, Denmark. Guests have been selected for qualitative interviews on the basis of the quantitative questionnaire that random guests have filled out in February 2013. Moreover, netnographic observation of the restaurant......Research description and purpose: The purpose of this investigation is to explore Danish guests’ experience when consuming ‘authentic’ Italian food in Italian restaurants in Denmark. In this context, the aim of the research is to engage in a discussion of the concept of authenticity in ethnic food...... consumption, and the guests’ experience with and reaction to the authentic culinary experience in ethnic restaurants in the consumers’ home country. Design/Methodology: The paper methodology is based on the use of mixed methods. A collection of primary quantitative and qualitative data through a questionnaire...

  6. Computer-assisted machine-to-human protocols for authentication of a RAM-based embedded system

    Science.gov (United States)

    Idrissa, Abdourhamane; Aubert, Alain; Fournel, Thierry

    2012-06-01

    Mobile readers used for optical identification of manufactured products can be tampered in different ways: with hardware Trojan or by powering up with fake configuration data. How a human verifier can authenticate the reader to be handled for goods verification? In this paper, two cryptographic protocols are proposed to achieve the verification of a RAM-based system through a trusted auxiliary machine. Such a system is assumed to be composed of a RAM memory and a secure block (in practice a FPGA or a configurable microcontroller). The system is connected to an input/output interface and contains a Non Volatile Memory where the configuration data are stored. Here, except the secure block, all the blocks are exposed to attacks. At the registration stage of the first protocol, the MAC of both the secret and the configuration data, denoted M0 is computed by the mobile device without saving it then transmitted to the user in a secure environment. At the verification stage, the reader which is challenged with nonces sendsMACs / HMACs of both nonces and MAC M0 (to be recomputed), keyed with the secret. These responses are verified by the user through a trusted auxiliary MAC computer unit. Here the verifier does not need to tract a (long) list of challenge / response pairs. This makes the protocol tractable for a human verifier as its participation in the authentication process is increased. In counterpart the secret has to be shared with the auxiliary unit. This constraint is relaxed in a second protocol directly derived from Fiat-Shamir's scheme.

  7. Multi-Factor Authentication: A Survey

    Directory of Open Access Journals (Sweden)

    Aleksandr Ometov

    2018-01-01

    Full Text Available Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authentication systems towards Multi-Factor Authentication (MFA starting from Single-Factor Authentication (SFA and through Two-Factor Authentication (2FA. Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir’s Secret Sharing (SSS scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.

  8. An Optimal Non-Interactive Message Authentication Protocol

    OpenAIRE

    Pasini, Sylvain; Vaudenay, Serge

    2006-01-01

    Vaudenay recently proposed a message authentication protocol which is interactive and based on short authenticated strings (SAS). We study here SAS-based non-interactive message authentication protocols (NIMAP). We start by the analysis of two popular non-interactive message authentication protocols. The first one is based on a collision-resistant hash function and was presented by Balfanz et al. The second protocol is based on a universal hash function family and was proposed by Gehrmann, Mi...

  9. Authenticating the Leader

    DEFF Research Database (Denmark)

    Garmann Johnsen, Christian

    2018-01-01

    In the wake of a series of corporate scandals, there has been a growing call for authentic leadership in order to ensure ethical conduct in contemporary organizations. Authentic leadership, however, depends upon the ability to draw a distinction between the authentic and inauthentic leader......’s inverted Platonism, the paper challenges the practice by which authentic leaders are distinguished from inauthentic leaders. In conclusion, the paper suggests that an adequate concept of authentic leadership should consider how ethics can occur when the authentic leader is able to critically reflect his...

  10. Privacy-Preserving Biometric Authentication: Challenges and Directions

    Directory of Open Access Journals (Sweden)

    Elena Pagnin

    2017-01-01

    Full Text Available An emerging direction for authenticating people is the adoption of biometric authentication systems. Biometric credentials are becoming increasingly popular as a means of authenticating people due to the wide range of advantages that they provide with respect to classical authentication methods (e.g., password-based authentication. The most characteristic feature of this authentication method is the naturally strong bond between a user and her biometric credentials. This very same advantageous property, however, raises serious security and privacy concerns in case the biometric trait gets compromised. In this article, we present the most challenging issues that need to be taken into consideration when designing secure and privacy-preserving biometric authentication protocols. More precisely, we describe the main threats against privacy-preserving biometric authentication systems and give directions on possible countermeasures in order to design secure and privacy-preserving biometric authentication protocols.

  11. An Authentication and Key Management Mechanism for Resource Constrained Devices in IEEE 802.11-based IoT Access Networks.

    Science.gov (United States)

    Kim, Ki-Wook; Han, Youn-Hee; Min, Sung-Gi

    2017-09-21

    Many Internet of Things (IoT) services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM) mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network domain and the IoT service domain. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 Key Management with the IEEE 802.1X authentication mechanism.

  12. A secret-sharing-based method for authentication of grayscale document images via the use of the PNG image with a data repair capability.

    Science.gov (United States)

    Lee, Che-Wei; Tsai, Wen-Hsiang

    2012-01-01

    A new blind authentication method based on the secret sharing technique with a data repair capability for grayscale document images via the use of the Portable Network Graphics (PNG) image is proposed. An authentication signal is generated for each block of a grayscale document image, which, together with the binarized block content, is transformed into several shares using the Shamir secret sharing scheme. The involved parameters are carefully chosen so that as many shares as possible are generated and embedded into an alpha channel plane. The alpha channel plane is then combined with the original grayscale image to form a PNG image. During the embedding process, the computed share values are mapped into a range of alpha channel values near their maximum value of 255 to yield a transparent stego-image with a disguise effect. In the process of image authentication, an image block is marked as tampered if the authentication signal computed from the current block content does not match that extracted from the shares embedded in the alpha channel plane. Data repairing is then applied to each tampered block by a reverse Shamir scheme after collecting two shares from unmarked blocks. Measures for protecting the security of the data hidden in the alpha channel are also proposed. Good experimental results prove the effectiveness of the proposed method for real applications.

  13. An Authentication and Key Management Mechanism for Resource Constrained Devices in IEEE 802.11-based IoT Access Networks

    Directory of Open Access Journals (Sweden)

    Ki-Wook Kim

    2017-09-01

    Full Text Available Many Internet of Things (IoT services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network domain and the IoT service domain. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 Key Management with the IEEE 802.1X authentication mechanism.

  14. A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

    Science.gov (United States)

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

    2014-09-01

    Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

  15. An improved authenticated key agreement protocol for telecare medicine information system.

    Science.gov (United States)

    Liu, Wenhao; Xie, Qi; Wang, Shengbao; Hu, Bin

    2016-01-01

    In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.'s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user's identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient's identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.'s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif.

  16. A reliable user authentication and key agreement scheme for Web-based Hospital-acquired Infection Surveillance Information System.

    Science.gov (United States)

    Wu, Zhen-Yu; Tseng, Yi-Ju; Chung, Yufang; Chen, Yee-Chun; Lai, Feipei

    2012-08-01

    With the rapid development of the Internet, both digitization and electronic orientation are required on various applications in the daily life. For hospital-acquired infection control, a Web-based Hospital-acquired Infection Surveillance System was implemented. Clinical data from different hospitals and systems were collected and analyzed. The hospital-acquired infection screening rules in this system utilized this information to detect different patterns of defined hospital-acquired infection. Moreover, these data were integrated into the user interface of a signal entry point to assist physicians and healthcare providers in making decisions. Based on Service-Oriented Architecture, web-service techniques which were suitable for integrating heterogeneous platforms, protocols, and applications, were used. In summary, this system simplifies the workflow of hospital infection control and improves the healthcare quality. However, it is probable for attackers to intercept the process of data transmission or access to the user interface. To tackle the illegal access and to prevent the information from being stolen during transmission over the insecure Internet, a password-based user authentication scheme is proposed for information integrity.

  17. Authentication Assurance Levels

    International Nuclear Information System (INIS)

    Kouzes, Richard T.; Cash, James R.; Devaney, David M.; Geelhood, Bruce D.; Hansen, Randy R.; Melton, Ronald B.; Pitts, W. Karl

    2002-01-01

    This Common Criteria approach has been applied to create a definition of Authentication Assurance Levels that can quantify the level of assurance reached for a system subject to a set of authentication procedures. The arms-control authentication application of the Common Criteria expands on more typical information security evaluations in that it must contend with information barriers and preclude sophisticated intentional subversion attempts.

  18. Critical elements in defining work-based identity in a post-apartheid South Africa

    Directory of Open Access Journals (Sweden)

    Sandra Lloyd

    2011-08-01

    Research purpose: The aim of the specific research questions was to determine which life sphere and life role elements, and which work-based identity facets were significant in forming work-based identity. Motivation for the study: The findings of the study will enable the formulation of an integrative definition of work-based identity applicable to the South African context. Research design, approach and method: Qualitative data was collected by means of unstructured interviews with 29 employees representing a range of job titles, levels and demographics in a large South African manufacturing company. A grounded theory approach (open and axial coding was used to analyse the data. Main findings: Distinctive individual self-definitions and a number of common themes integrating social and personal identity perspectives emerged from the data. These themes provided a sound basis for the proposed integrative model to define work-based identity. Practical/managerial implications: The findings of this research will assist human resource practitioners to develop training interventions and management strategies for the potential enhancement of work-based identities. This will result in a more engaged and harmonised workforce. Contribution/value-add: This was the first study of its kind to identify and delineate significant work-based identity elements for the formation of a work-based identity within a South African work context.

  19. Enhancing Authentication Models Characteristic Metrics via ...

    African Journals Online (AJOL)

    In this work, we derive the universal characteristic metrics set for authentication models based on security, usability and design issues. We then compute the probability of the occurrence of each characteristic metrics in some single factor and multifactor authentication models in order to determine the effectiveness of these ...

  20. Symmetric Key Authentication Services Revisited

    NARCIS (Netherlands)

    Crispo, B.; Popescu, B.C.; Tanenbaum, A.S.

    2004-01-01

    Most of the symmetric key authentication schemes deployed today are based on principles introduced by Needham and Schroeder [15] more than twenty years ago. However, since then, the computing environment has evolved from a LAN-based client-server world to include new paradigms, including wide area

  1. A Novel Image Authentication with Tamper Localization and Self-Recovery in Encrypted Domain Based on Compressive Sensing

    Directory of Open Access Journals (Sweden)

    Rui Zhang

    2018-01-01

    Full Text Available This paper proposes a novel tamper detection, localization, and recovery scheme for encrypted images with Discrete Wavelet Transformation (DWT and Compressive Sensing (CS. The original image is first transformed into DWT domain and divided into important part, that is, low-frequency part, and unimportant part, that is, high-frequency part. For low-frequency part contains the main information of image, traditional chaotic encryption is employed. Then, high-frequency part is encrypted with CS to vacate space for watermark. The scheme takes the processed original image content as watermark, from which the characteristic digest values are generated. Comparing with the existing image authentication algorithms, the proposed scheme can realize not only tamper detection and localization but also tamper recovery. Moreover, tamper recovery is based on block division and the recovery accuracy varies with the contents that are possibly tampered. If either the watermark or low-frequency part is tampered, the recovery accuracy is 100%. The experimental results show that the scheme can not only distinguish the type of tamper and find the tampered blocks but also recover the main information of the original image. With great robustness and security, the scheme can adequately meet the need of secure image transmission under unreliable conditions.

  2. Identities, Differences and Universality of Human Rights Based on Iranian Religious and Ethnic Identities

    Directory of Open Access Journals (Sweden)

    Babak Naderpour

    2013-11-01

    Full Text Available The concept of “Human rights” is the main signifier of the discourse of international community. Despite its growing use, widespread resonance and hegemony, there are different approaches and debates for its understanding ranging from universalism to relativism. In recent decades, the issue of human rights has seriously promoted and encouraged universal respect and observance especially from the perspective of “minority rights” including all fundamental freedoms for all, without any discrimination, as well as safeguarding religious, cultural and ethnic identities. This paper referring to the understanding of the concept of “minority” argues and investigates the stand of human and minority rights from two dimensions of international documents and Islam. Then, it focuses on the issue of minority rights in Islam reviewing indiscrimination, fundamental freedoms and rights as well as religious, cultural and ethnic identities of the minorities considered in Islam. The concepts like freedom, equal rights, no torture and mistreatment, and participation right of the minority groups included in the constitution of the Islamic Republic of Iran are the next issues discussed by the researcher. At the end, the fruits and challenges of the rights of the religious and ethnic minorities are discussed at the national and international levels and the obligations of legal-political management and the official duties and commitments of the Islamic Republic of Iran are mentioned. حقوق بشر دال مرکزی گفتمان جامعه بین المللی است. علیرغم غلبه گفتمانی این دال؛ رویکردها و قرائت های متفاوتی در فهم و اجراء آن وجود دارد که در دو سر طیف آن می توان از جهان گرایان و نسبیت گرایان قرار دارند. در دهه های اخیر در چارچوب پذیرش و احترام به تفاوت های دینی و قومی

  3. Multimodal Authentication Techniques For Staff Identification And ...

    African Journals Online (AJOL)

    PROF. OLIVER OSUAGWA

    2014-12-01

    Dec 1, 2014 ... securing and protecting our identity and valuable data have become areas of great concern ... authentication, verification, tracking and identification systems. It helps to ... managing access while protecting both the ..... Microsoft Operating System XP/Vista, ... range support of fingerprint readers and template.

  4. Constructing a knowledge-based identity: Experiences from working with intellectual capital statements

    DEFF Research Database (Denmark)

    Kjærgaard, Isa Jensen

    2003-01-01

    how it wishes to define its activities both externally and internally. The paper concludes that, by working with IC statements, a company can achieve a way of constructing a new identity. Furthermore, the process of creating an IC statement can legitimize the whole idea of changing towards a knowledge......This paper analyses the inter-relationship between organizational identity and intellectual capital (IC) statements and suggests the IC statement as a framework for developing a knowledge-based identity. The results are based on a case study of a Danish electricity transmission system company......, which started the process of changing its public provider identity towards a knowledge-based identity in a changing market by applying the framework of an IC statement. The IC statement, as a new way of defining and working with strategic company resources, makes it possible for a company to communicate...

  5. Identity-based estimation of greenhouse gas emissions from crop production

    DEFF Research Database (Denmark)

    Bennetzen, Eskild Hohlmann; Smith, Pete; Soussana, Jean-Francois

    2012-01-01

    reduction of emissions i.e. reducing emissions per unit of agricultural product rather than the absolute emissions per se. Hence the system productivity must be included in the same analysis. This paper presents the Kaya- Porter identity, derived from the Kaya identity, as a new way to calculate GHG...... (ha). These separate elements in the identity can be targeted in emissions reduction and mitigation policies and are useful to analyse past and current trends in emissions and to explore future scenarios. Using the Kaya-Porter identity we have performed a case study on Danish crop production and find...... emissions to have been reduced by 12% from 1992 to 2008, whilst yields per unit area have remained constant. Both land-based emissions and energy-based emissions have decreased, mainly due to a 41% reduction in nitrogen fertilizer use. The initial identity based analysis for crop production presented here...

  6. The Unique Context of Identity-Based Student Organizations in Developing Leadership.

    Science.gov (United States)

    Kodama, Corinne M; Laylo, Rhonda

    2017-09-01

    This chapter addresses the important role of identity-based student organizations in developing leadership, particularly for students who may feel marginalized because of their racial/ethnic, religious, or gender identities. Understanding the influence of these groups can help leadership educators develop a more inclusive and diverse perspective on student leadership development. © 2017 Wiley Periodicals, Inc., A Wiley Company.

  7. A Study on User Authentication Methodology Using Numeric Password and Fingerprint Biometric Information

    Directory of Open Access Journals (Sweden)

    Seung-hwan Ju

    2013-01-01

    Full Text Available The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

  8. A study on user authentication methodology using numeric password and fingerprint biometric information.

    Science.gov (United States)

    Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol; Kwak, Jin

    2013-01-01

    The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

  9. A Study on User Authentication Methodology Using Numeric Password and Fingerprint Biometric Information

    Science.gov (United States)

    Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol

    2013-01-01

    The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility. PMID:24151601

  10. Polymeric self-authenticating banknotes

    Science.gov (United States)

    Zientek, Paul

    1998-04-01

    This paper discusses a new concept in overt security called the self-authenticating banknote. The self-authenticating banknote concept is built around the transparent window feature of the polymer banknote. This feature allows the incorporation of transmission based optical devices on a banknote so that the user, by folding the note over on itself and looking through an optical device which is a part of the note itself, can visually inspect and verify certain security features on the banknote. This paper presents a number of examples of optical devices which are presently being developed for this purpose.

  11. Cloud-Based RFID Mutual Authentication Protocol without Leaking Location Privacy to the Cloud

    OpenAIRE

    Dong, Qingkuan; Tong, Jiaqing; Chen, Yuan

    2015-01-01

    With the rapid developments of the IoT (Internet of Things) and the cloud computing, cloud-based RFID systems attract more attention. Users can reduce their cost of deploying and maintaining the RFID system by purchasing cloud services. However, the security threats of cloud-based RFID systems are more serious than those of traditional RFID systems. In cloud-based RFID systems, the connection between the reader and the cloud database is not secure and cloud service provider is not trusted. Th...

  12. Increasing Skills in Writing Literature Study on Research-Based Learning Through Authentical Assessment Lecturing in Innovation Class of Social Science Learning

    Directory of Open Access Journals (Sweden)

    Naniek Sulistya Wardani

    2017-08-01

    Full Text Available The purpose of this study is to determine whether the improvement of literature review skills on research-based learning can be pursued through the authentic assessment of the lectures of the Innovation of Learning IPS of PGSD students. This type of research is a classroom action research, using a spiral model of C. Kemmis and Robin Mc. Taggart. The research procedure uses 2 cycles, each cycle consists of 3 stages namely, 1 action planning 2 implementation of action and observation, 3 reflection. The subjects of the study were all students of PGSD Class 2014 E of the subjects of Innovation of IPS Learning as much as 27 students consisting of 7 male students and 20 female students. Data collection techniques use observation and product assessment. Data analysis technique is a percentage technique that compares literacy review writing skills through authentic assessment in IPS lectures between cycles. The result of the research shows that there is an improvement of writing skill of study lecture study of IPS learning innovation, which is pursued through authentic assessment. This is evident from the improvement of writing skills worthy of achievement from cycle 1 to cycle 2 ie from 62.14% of 27 students increased to 72.60% of all students in cycle 2. Writing skills in research-based learning is a skill to express the idea of the problem , Organizing facts, concepts and principles, use of EYD grammar and grammar. Authentic assessment is an assessment consisting of connection aspects, reflection aspects, and feedback aspects

  13. Information fusion in personal biometric authentication based on the iris pattern

    International Nuclear Information System (INIS)

    Wang, Fenghua; Han, Jiuqiang

    2009-01-01

    Information fusion in biometrics has received considerable attention. This paper focuses on the application of information fusion techniques in iris recognition. To improve the reliability and accuracy of personal identification based on the iris pattern, this paper proposes the schemes of multialgorithmic fusion and multiinstance fusion. Multialgorithmic fusion integrates the improved phase algorithm and the DCT-based algorithm, and multiinstance fusion combines information from the left iris and the right iris of an individual. Both multialgorithmic fusion and multiinstance fusion are carried out at the matching score level and the support vector machine (SVM)-based fusion rule is utilized to generate fused scores for final decision. The experimental results on the noisy iris database UBIRIS demonstrate that the proposed fusion schemes can perform better than the single recognition systems, and further prove that information fusion techniques are feasible and effective to improve the accuracy and robustness of iris recognition especially under noisy conditions

  14. A hash based mutual RFID tag authentication protocol in telecare medicine information system.

    Science.gov (United States)

    Srivastava, Keerti; Awasthi, Amit K; Kaul, Sonam D; Mittal, R C

    2015-01-01

    Radio Frequency Identification (RFID) is a technology which has multidimensional applications to reduce the complexity of today life. Everywhere, like access control, transportation, real-time inventory, asset management and automated payment systems etc., RFID has its enormous use. Recently, this technology is opening its wings in healthcare environments, where potential applications include patient monitoring, object traceability and drug administration systems etc. In this paper, we propose a secure RFID-based protocol for the medical sector. This protocol is based on hash operation with synchronized secret. The protocol is safe against active and passive attacks such as forgery, traceability, replay and de-synchronization attack.

  15. Authentic Instruction and Technology Literacy

    Science.gov (United States)

    Cydis, Susan

    2015-01-01

    Technology integration is an important aspect of student competence in the 21st century. The use of technology in teaching and learning is a valuable practice for supporting student learning and engagement. Modelling the pedagogical practices that integrate authentic, performance-based opportunities for technology integration was the focus of a…

  16. Authentic subjectivity and social transformation

    Directory of Open Access Journals (Sweden)

    Michael O'Sullivan

    2016-10-01

    Full Text Available Holiness in the Christian tradition has often been understood in a way that devalues embodiment and practical engagement with the world of one’s time. The latter understanding, for example, led to Marx’s critique and repudiation of Christianity. Both interpretations of holiness can be understood as mistaken efforts to express the dynamism for authenticity in contextualised human subjectivity. Vatican 2 opposed both views by addressing itself to all people of good will, declaring that everyone was called to holiness, and that authentic Christian identity involved solidarity with the world of one’s time, especially those who are poor. Vatican 2, therefore, provided an authoritative faith foundation for holiness expressed through social commitment and for viewing social commitment on the part of people of good will in whatever state of life as a form of holiness. This vision was also the conviction of leading spirituality writers of the period, like Thomas Merton, and inspired liberation theologians and the Latin American Catholic bishops at their conference in Medellín a few years after the Council. The argument of this article is that the emergence and development of a non-dualist Christian spirituality is grounded methodologically in the correct appropriation of the common innate dynamism for authenticity in concrete human persons and lived spiritual experiences consistent with and capable of enhancing this dynamism.

  17. Authentic subjectivity and social transformation

    Directory of Open Access Journals (Sweden)

    Michael O'Sullivan

    2016-05-01

    Full Text Available Holiness in the Christian tradition has often been understood in a way that devalues embodiment and practical engagement with the world of one’s time. The latter understanding, for example, led to Marx’s critique and repudiation of Christianity. Both interpretations of holiness can be understood as mistaken efforts to express the dynamism for authenticity in contextualised human subjectivity. Vatican 2 opposed both views by addressing itself to all people of good will, declaring that everyone was called to holiness, and that authentic Christian identity involved solidarity with the world of one’s time, especially those who are poor. Vatican 2, therefore, provided an authoritative faith foundation for holiness expressed through social commitment and for viewing social commitment on the part of people of good will in whatever state of life as a form of holiness. This vision was also the conviction of leading spirituality writers of the period, like Thomas Merton, and inspired liberation theologians and the Latin American Catholic bishops at their conference in Medellín a few years after the Council. The argument of this article is that the emergence and development of a non-dualist Christian spirituality is grounded methodologically in the correct appropriation of the common innate dynamism for authenticity in concrete human persons and lived spiritual experiences consistent with and capable of enhancing this dynamism.

  18. PBL-SEE: An Authentic Assessment Model for PBL-Based Software Engineering Education

    Science.gov (United States)

    dos Santos, Simone C.

    2017-01-01

    The problem-based learning (PBL) approach has been successfully applied to teaching software engineering thanks to its principles of group work, learning by solving real problems, and learning environments that match the market realities. However, the lack of well-defined methodologies and processes for implementing the PBL approach represents a…

  19. Dual Colorimetric and Fluorescent Authentication Based on Semiconducting Polymer Dots for Anticounterfeiting Applications.

    Science.gov (United States)

    Tsai, Wei-Kai; Lai, Yung-Sheng; Tseng, Po-Jung; Liao, Chia-Hsien; Chan, Yang-Hsiang

    2017-09-13

    Semiconducting polymer dots (Pdots) have recently emerged as a novel type of ultrabright fluorescent probes that can be widely used in analytical sensing and material science. Here, we developed a dual visual reagent based on Pdots for anticounterfeiting applications. We first designed and synthesized two types of photoswitchable Pdots by incorporating photochromic dyes with multicolor semiconducting polymers to modulate their emission intensities and wavelengths. The resulting full-color Pdot assays showed that the colorimetric and fluorescent dual-readout abilities enabled the Pdots to serve as an anticounterfeiting reagent with low background interference. We also doped these Pdots into flexible substrates and prepared these Pdots as inks for pen handwriting as well as inkjet printing. We further applied this reagent in printing paper and checks for high-security anticounterfeiting purposes. We believe that this dual-readout method based on Pdots will create a new avenue for developing new generations of anticounterfeiting technologies.

  20. Optical image encryption system using nonlinear approach based on biometric authentication

    Science.gov (United States)

    Verma, Gaurav; Sinha, Aloka

    2017-07-01

    A nonlinear image encryption scheme using phase-truncated Fourier transform (PTFT) and natural logarithms is proposed in this paper. With the help of the PTFT, the input image is truncated into phase and amplitude parts at the Fourier plane. The phase-only information is kept as the secret key for the decryption, and the amplitude distribution is modulated by adding an undercover amplitude random mask in the encryption process. Furthermore, the encrypted data is kept hidden inside the face biometric-based phase mask key using the base changing rule of logarithms for secure transmission. This phase mask is generated through principal component analysis. Numerical experiments show the feasibility and the validity of the proposed nonlinear scheme. The performance of the proposed scheme has been studied against the brute force attacks and the amplitude-phase retrieval attack. Simulation results are presented to illustrate the enhanced system performance with desired advantages in comparison to the linear cryptosystem.

  1. Type-Based Automated Verification of Authenticity in Asymmetric Cryptographic Protocols

    DEFF Research Database (Denmark)

    Dahl, Morten; Kobayashi, Naoki; Sun, Yunde

    2011-01-01

    Gordon and Jeffrey developed a type system for verification of asymmetric and symmetric cryptographic protocols. We propose a modified version of Gordon and Jeffrey's type system and develop a type inference algorithm for it, so that protocols can be verified automatically as they are, without any...... type annotations or explicit type casts. We have implemented a protocol verifier SpiCa based on the algorithm, and confirmed its effectiveness....

  2. Recent advance in DNA-based traceability and authentication of livestock meat PDO and PGI products.

    Science.gov (United States)

    Nicoloso, Letizia; Crepaldi, Paola; Mazza, Raffaele; Ajmone-Marsan, Paolo; Negrini, Riccardo

    2013-04-01

    This review updates the available molecular techniques and technologies and discusses how they can be used for traceability, food control and enforcement activities. The review also provides examples on how molecular techniques succeeded to trace back unknowns to their breeds of origin, to fingerprint single individuals and to generate evidence in court cases. The examples demonstrate the potential of the DNA based traceability techniques and explore possibilities for translating the next generation genomics tools into a food and feed control and enforcement framework.

  3. Device interoperability and authentication for telemedical appliance based on the ISO/IEEE 11073 Personal Health Device (PHD) Standards.

    Science.gov (United States)

    Caranguian, Luther Paul R; Pancho-Festin, Susan; Sison, Luis G

    2012-01-01

    In this study, we focused on the interoperability and authentication of medical devices in the context of telemedical systems. A recent standard called the ISO/IEEE 11073 Personal Health Device (X73-PHD) Standards addresses the device interoperability problem by defining common protocols for agent (medical device) and manager (appliance) interface. The X73-PHD standard however has not addressed security and authentication of medical devices which is important in establishing integrity of a telemedical system. We have designed and implemented a security policy within the X73-PHD standards. The policy will enable device authentication using Asymmetric-Key Cryptography and the RSA algorithm as the digital signature scheme. We used two approaches for performing the digital signatures: direct software implementation and use of embedded security modules (ESM). The two approaches were evaluated and compared in terms of execution time and memory requirement. For the standard 2048-bit RSA, ESM calculates digital signatures only 12% of the total time for the direct implementation. Moreover, analysis shows that ESM offers more security advantage such as secure storage of keys compared to using direct implementation. Interoperability with other systems was verified by testing the system with LNI Healthlink, a manager software that implements the X73-PHD standard. Lastly, security analysis was done and the system's response to common attacks on authentication systems was analyzed and several measures were implemented to protect the system against them.

  4. Multiple-image authentication with a cascaded multilevel architecture based on amplitude field random sampling and phase information multiplexing.

    Science.gov (United States)

    Fan, Desheng; Meng, Xiangfeng; Wang, Yurong; Yang, Xiulun; Pan, Xuemei; Peng, Xiang; He, Wenqi; Dong, Guoyan; Chen, Hongyi

    2015-04-10

    A multiple-image authentication method with a cascaded multilevel architecture in the Fresnel domain is proposed, in which a synthetic encoded complex amplitude is first fabricated, and its real amplitude component is generated by iterative amplitude encoding, random sampling, and space multiplexing for the low-level certification images, while the phase component of the synthetic encoded complex amplitude is constructed by iterative phase information encoding and multiplexing for the high-level certification images. Then the synthetic encoded complex amplitude is iteratively encoded into two phase-type ciphertexts located in two different transform planes. During high-level authentication, when the two phase-type ciphertexts and the high-level decryption key are presented to the system and then the Fresnel transform is carried out, a meaningful image with good quality and a high correlation coefficient with the original certification image can be recovered in the output plane. Similar to the procedure of high-level authentication, in the case of low-level authentication with the aid of a low-level decryption key, no significant or meaningful information is retrieved, but it can result in a remarkable peak output in the nonlinear correlation coefficient of the output image and the corresponding original certification image. Therefore, the method realizes different levels of accessibility to the original certification image for different authority levels with the same cascaded multilevel architecture.

  5. Proposed on Device Capability based Authentication using AES-GCM for Internet of Things (IoT)

    DEFF Research Database (Denmark)

    Babar, Sachin D.; Mahalle, Parikshit N.; Prasad, Neeli R.

    2011-01-01

    Economics of scale in Internet of Things (IoT) presents new security challenges for ubiquitous devices in terms of authentication, addressing and embedded security. Currently available cryptographic techniques require further analysis to determine applicability to IoT. We introduce...

  6. Meaningful, Authentic and Place-Based Informal Science Education for 6-12 Students

    Science.gov (United States)

    Ito, E.; Dalbotten, D. M.

    2014-12-01

    American Indians are underrepresented in STEM and especially in Earth sciences. They have the lowest high school graduation rate and highest unemployment. On the other hand, tribes are in search of qualified young people to work in geo- and hydro-technical fields to manage reservations' natural resources. Dalbotten and her collaborators at the Fond du Lac Band of Lake Superior Chippewa and local 6-12 teachers ran a place-based but non-themed informal monthly science camps (gidakiimanaaniwigamig) for 7 years starting 2003. Camps were held on reservation and some activities focused on observing seasonal changes. The students enjoyed coming to the camps but the camp activities went largely unnoticed by the reservation itself. For the last 5 years, we and the same cast of characters from the gidakiimanaaniwigamig camps ran a very place-based, research-based camp program, manoomin. The research was focused on manoomin (wild rice) which is a culturally important plant and food that grows in local lakes and wetlands. Manmade changes in hydrology, toxic metals from mining, and changing weather patterns due to climate change threaten this precious resource. Our plan was for 6-12 students to investigate the past, the present and the future conditions of manoomin on and around the reservation. It became clear by 3rd year that the research project, as conceived, was overly ambitious and could not be completed at the level we hoped in a camp setting (6 weekend camps = 6 full days per year). However, students felt that they were involved in research that was beneficial to their reservation, reported gaining self-confidence to pursue a career in science, and stated a desired to obtain a college degree. They also became aware of STEM employment opportunities on reservation that they could aim for. The camps also fostered a trusting relationship between researchers at Fond du Lac resource managers and the U. of MN. Based on these experiences, we proposed a new format for these

  7. A novel RNA sequencing data analysis method for cell line authentication.

    Directory of Open Access Journals (Sweden)

    Erik Fasterius

    Full Text Available We have developed a novel analysis method that can interrogate the authenticity of biological samples used for generation of transcriptome profiles in public data repositories. The method uses RNA sequencing information to reveal mutations in expressed transcripts and subsequently confirms the identity of analysed cells by comparison with publicly available cell-specific mutational profiles. Cell lines constitute key model systems widely used within cancer research, but their identity needs to be confirmed in order to minimise the influence of cell contaminations and genetic drift on the analysis. Using both public and novel data, we demonstrate the use of RNA-sequencing data analysis for cell line authentication by examining the validity of COLO205, DLD1, HCT15, HCT116, HKE3, HT29 and RKO colorectal cancer cell lines. We successfully authenticate the studied cell lines and validate previous reports indicating that DLD1 and HCT15 are synonymous. We also show that the analysed HKE3 cells harbour an unexpected KRAS-G13D mutation and confirm that this cell line is a genuine KRAS dosage mutant, rather than a true isogenic derivative of HCT116 expressing only the wild type KRAS. This authentication method could be used to revisit the numerous cell line based RNA sequencing experiments available in public data repositories, analyse new experiments where whole genome sequencing is not available, as well as facilitate comparisons of data from different experiments, platforms and laboratories.

  8. A novel biometric authentication approach using ECG and EMG signals.

    Science.gov (United States)

    Belgacem, Noureddine; Fournier, Régis; Nait-Ali, Amine; Bereksi-Reguig, Fethi

    2015-05-01

    Security biometrics is a secure alternative to traditional methods of identity verification of individuals, such as authentication systems based on user name and password. Recently, it has been found that the electrocardiogram (ECG) signal formed by five successive waves (P, Q, R, S and T) is unique to each individual. In fact, better than any other biometrics' measures, it delivers proof of subject's being alive as extra information which other biometrics cannot deliver. The main purpose of this work is to present a low-cost method for online acquisition and processing of ECG signals for person authentication and to study the possibility of providing additional information and retrieve personal data from an electrocardiogram signal to yield a reliable decision. This study explores the effectiveness of a novel biometric system resulting from the fusion of information and knowledge provided by ECG and EMG (Electromyogram) physiological recordings. It is shown that biometrics based on these ECG/EMG signals offers a novel way to robustly authenticate subjects. Five ECG databases (MIT-BIH, ST-T, NSR, PTB and ECG-ID) and several ECG signals collected in-house from volunteers were exploited. A palm-based ECG biometric system was developed where the signals are collected from the palm of the subject through a minimally intrusive one-lead ECG set-up. A total of 3750 ECG beats were used in this work. Feature extraction was performed on ECG signals using Fourier descriptors (spectral coefficients). Optimum-Path Forest classifier was used to calculate the degree of similarity between individuals. The obtained results from the proposed approach look promising for individuals' authentication.

  9. Application of gas chromatography/flame ionization detector-based metabolite fingerprinting for authentication of Asian palm civet coffee (Kopi Luwak).

    Science.gov (United States)

    Jumhawan, Udi; Putri, Sastia Prama; Yusianto; Bamba, Takeshi; Fukusaki, Eiichiro

    2015-11-01

    Development of authenticity screening for Asian palm civet coffee, the world-renowned priciest coffee, was previously reported using metabolite profiling through gas chromatography/mass spectrometry (GC/MS). However, a major drawback of this approach is the high cost of the instrument and maintenance. Therefore, an alternative method is needed for quality and authenticity evaluation of civet coffee. A rapid, reliable and cost-effective analysis employing a universal detector, GC coupled with flame ionization detector (FID), and metabolite fingerprinting has been established for discrimination analysis of 37 commercial and non-commercial coffee beans extracts. gas chromatography/flame ionization detector (GC/FID) provided higher sensitivity over a similar range of detected compounds than GC/MS. In combination with multivariate analysis, GC/FID could successfully reproduce quality prediction from GC/MS for differentiation of commercial civet coffee, regular coffee and coffee blend with 50 wt % civet coffee content without prior metabolite details. Our study demonstrated that GC/FID-based metabolite fingerprinting can be effectively actualized as an alternative method for coffee authenticity screening in industries. Copyright © 2015. Published by Elsevier B.V.

  10. Quantum deterministic key distribution protocols based on the authenticated entanglement channel

    International Nuclear Information System (INIS)

    Zhou Nanrun; Wang Lijun; Ding Jie; Gong Lihua

    2010-01-01

    Based on the quantum entanglement channel, two secure quantum deterministic key distribution (QDKD) protocols are proposed. Unlike quantum random key distribution (QRKD) protocols, the proposed QDKD protocols can distribute the deterministic key securely, which is of significant importance in the field of key management. The security of the proposed QDKD protocols is analyzed in detail using information theory. It is shown that the proposed QDKD protocols can safely and effectively hand over the deterministic key to the specific receiver and their physical implementation is feasible with current technology.

  11. Quantum deterministic key distribution protocols based on the authenticated entanglement channel

    Energy Technology Data Exchange (ETDEWEB)

    Zhou Nanrun; Wang Lijun; Ding Jie; Gong Lihua [Department of Electronic Information Engineering, Nanchang University, Nanchang 330031 (China)], E-mail: znr21@163.com, E-mail: znr21@hotmail.com

    2010-04-15

    Based on the quantum entanglement channel, two secure quantum deterministic key distribution (QDKD) protocols are proposed. Unlike quantum random key distribution (QRKD) protocols, the proposed QDKD protocols can distribute the deterministic key securely, which is of significant importance in the field of key management. The security of the proposed QDKD protocols is analyzed in detail using information theory. It is shown that the proposed QDKD protocols can safely and effectively hand over the deterministic key to the specific receiver and their physical implementation is feasible with current technology.

  12. New flexible origination technology based on electron-beam lithography and its integration into security devices in combination with covert features based on DNA authentication

    Science.gov (United States)

    Drinkwater, John K.; Ryzi, Zbynek; Outwater, Chris S.

    2002-04-01

    Embossed diffractive optically variable devices are becoming increasingly familiar security items on plastic cards, banknotes, security documents and on branded goods and media to protect against counterfeit, protect copyright and to evidence tamper. Equally as this devices become both more widely available there is a pressing requirement for security technology upgrades to keep ahead of technology advances available to potential counterfeiters. This paper describes a new generation electron beam DOVID origination technology particularly suitable for high security applications. Covert marking of security devices is provided using the DNA matrix by creating and verifying unique DNA sequences. This integration of this into practical security features in combination with covert features based on DNA matrix authentication and other more straightforwardly authenticable features to provide multi- technology security solutions will be described.

  13. A Lattice-Based Identity-Based Proxy Blind Signature Scheme in the Standard Model

    Directory of Open Access Journals (Sweden)

    Lili Zhang

    2014-01-01

    Full Text Available A proxy blind signature scheme is a special form of blind signature which allowed a designated person called proxy signer to sign on behalf of original signers without knowing the content of the message. It combines the advantages of proxy signature and blind signature. Up to date, most proxy blind signature schemes rely on hard number theory problems, discrete logarithm, and bilinear pairings. Unfortunately, the above underlying number theory problems will be solvable in the postquantum era. Lattice-based cryptography is enjoying great interest these days, due to implementation simplicity and provable security reductions. Moreover, lattice-based cryptography is believed to be hard even for quantum computers. In this paper, we present a new identity-based proxy blind signature scheme from lattices without random oracles. The new scheme is proven to be strongly unforgeable under the standard hardness assumption of the short integer solution problem (SIS and the inhomogeneous small integer solution problem (ISIS. Furthermore, the secret key size and the signature length of our scheme are invariant and much shorter than those of the previous lattice-based proxy blind signature schemes. To the best of our knowledge, our construction is the first short lattice-based identity-based proxy blind signature scheme in the standard model.

  14. Development of swine-specific DNA markers for biosensor-based halal authentication.

    Science.gov (United States)

    Ali, M E; Hashim, U; Kashif, M; Mustafa, S; Che Man, Y B; Abd Hamid, S B

    2012-06-29

    The pig (Sus scrofa) mitochondrial genome was targeted to design short (15-30 nucleotides) DNA markers that would be suitable for biosensor-based hybridization detection of target DNA. Short DNA markers are reported to survive harsh conditions in which longer ones are degraded into smaller fragments. The whole swine mitochondrial-genome was in silico digested with AluI restriction enzyme. Among 66 AluI fragments, five were selected as potential markers because of their convenient lengths, high degree of interspecies polymorphism and intraspecies conservatism. These were confirmed by NCBI blast analysis and ClustalW alignment analysis with 11 different meat-providing animal and fish species. Finally, we integrated a tetramethyl rhodamine-labeled 18-nucleotide AluI fragment into a 3-nm diameter citrate-tannate coated gold nanoparticle to develop a swine-specific hybrid nanobioprobe for the determination of pork adulteration in 2.5-h autoclaved pork-beef binary mixtures. This hybrid probe detected as low as 1% pork in deliberately contaminated autoclaved pork-beef binary mixtures and no cross-species detection was recorded, demonstrating the feasibility of this type of probe for biosensor-based detection of pork adulteration of halal and kosher foods.

  15. The college journey and academic engagement: how metaphor use enhances identity-based motivation.

    Science.gov (United States)

    Landau, Mark J; Oyserman, Daphna; Keefer, Lucas A; Smith, George C

    2014-05-01

    People commonly talk about goals metaphorically as destinations on physical paths extending into the future or as contained in future periods. Does metaphor use have consequences for people's motivation to engage in goal-directed action? Three experiments examine the effect of metaphor use on students' engagement with their academic possible identity: their image of themselves as academically successful graduates. Students primed to frame their academic possible identity using the goal-as-journey metaphor reported stronger academic intention, and displayed increased effort on academic tasks, compared to students primed with a nonacademic possible identity, a different metaphoric framing (goal-as-contained-entity), and past academic achievements (Studies 1-2). This motivating effect persisted up to a week later as reflected in final exam performance (Study 3). Four experiments examine the cognitive processes underlying this effect. Conceptual metaphor theory posits that an accessible metaphor transfers knowledge between dissimilar concepts. As predicted in this paradigm, a journey-metaphoric framing of a possible academic identity transferred confidence in the procedure, or action sequence, required to attain that possible identity, which in turn led participants to perceive that possible identity as more connected to their current identity (Study 4). Drawing on identity-based motivation theory, we hypothesized that strengthened current/possible identity connection would mediate the journey framing's motivating effect. This mediational process predicted students' academic engagement (Study 5) and an online sample's engagement with possible identities in other domains (Study 6). Also as predicted, journey framing increased academic engagement particularly among students reporting a weak connection to their academic possible identity (Study 7).

  16. Interactions between facial emotion and identity in face processing: evidence based on redundancy gains.

    Science.gov (United States)

    Yankouskaya, Alla; Booth, David A; Humphreys, Glyn

    2012-11-01

    Interactions between the processing of emotion expression and form-based information from faces (facial identity) were investigated using the redundant-target paradigm, in which we specifically tested whether identity and emotional expression are integrated in a superadditive manner (Miller, Cognitive Psychology 14:247-279, 1982). In Experiments 1 and 2, participants performed emotion and face identity judgments on faces with sad or angry emotional expressions. Responses to redundant targets were faster than responses to either single target when a universal emotion was conveyed, and performance violated the predictions from a model assuming independent processing of emotion and face identity. Experiment 4 showed that these effects were not modulated by varying interstimulus and nontarget contingencies, and Experiment 5 demonstrated that the redundancy gains were eliminated when faces were inverted. Taken together, these results suggest that the identification of emotion and facial identity interact in face processing.

  17. Engaging Middle School Students in Authentic Research based on a summer research cruise

    Science.gov (United States)

    Manley, J.; Ellins, K. K.; Conte, M. H.

    2011-12-01

    In summer 2010, as a participant in the TXESS Revolution, a National Science Foundation (NSF)-sponsored professional development program for teachers in support of Earth and Space Science, I participated in a scientific research cruise led by Dr. Maureen Conte of the Bermuda Institute of Ocean Sciences (BIOS). The primary purpose of the cruise was to collect water samples from different ocean depths, make temperature and conductivity measurements, and retrieve biologic particle debris collection equipment deployed as part of the NSF-sponsored Oceanic Flux Program to measure particle fluxes in the deep Sargasso Sea. A secondary objective involved the collection of plastic debris floating within the sargassum grass trapped in the North Atlantic gyre in order to investigate plastic pollution. As a member of the science team I worked alongside of Dr. Conte, scientists and graduate students, giving me a personal experience to inspire my students' interest in the marine ecosystem. In the classroom, I used a Project Based Learning (PBL) approach to translate my experience and knowledge gained into productive learning for my students. With Project Based Learning, teams of students solve a real world, open-ended challenge problem through research and experimentation. In this Problem, the challenge was to design a virtual product to motivate ordinary people to change their habits regarding their use and improper disposal of plastics. Team products included websites, social network pages, and in-school announcements to create awareness about plastic pollution in the ocean. Fulfilling one of the basic principles of the PBL approach to provide student access to experts, cruise participant and University of North Carolina graduate student Bonnie Monteleone dedicated an entire day to speak with each of my classes about her experiences studying ocean plastics and answer their questions via SKYPE. In addition, Ms. Monteleone used her extensive contacts to post the best of my

  18. Authentication over Noisy Channels

    OpenAIRE

    Lai, Lifeng; Gamal, Hesham El; Poor, H. Vincent

    2008-01-01

    In this work, message authentication over noisy channels is studied. The model developed in this paper is the authentication theory counterpart of Wyner's wiretap channel model. Two types of opponent attacks, namely impersonation attacks and substitution attacks, are investigated for both single message and multiple message authentication scenarios. For each scenario, information theoretic lower and upper bounds on the opponent's success probability are derived. Remarkably, in both scenarios,...

  19. Authentication: Hot and cool

    OpenAIRE

    Cohen, E; Cohen, SA

    2012-01-01

    Seeking to shift the discussion of the concept of authenticity in tourism scholarship from the dominant concern with tourist experiences to the more sociological problem of the processes of authentication of tourist attractions, we conceptualize two analytically distinct, but practically often intersecting, modes of authentication of attractions, “cool” and “hot”. Through a range of examples, we demonstrate the implications of the two modes for the dynamics of the constitution of tourist attr...

  20. An Authentic Learning Environment Based on Video Project among Arabic Learners

    Directory of Open Access Journals (Sweden)

    Azman Che Mat

    2017-05-01

    Full Text Available Role playing is among the language activities that stimulate language learners to use the language they are learning. However, a successful activity is always challenging especially when the learners are beginners. Therefore, a special arrangement needs to be carried out by instructors. This article explores the use of storyboards, or ‘PCVA’, to help Arabic learners prepare for their video project based on role playing. Blended methods were used to collect data, namely surveys, interviews, and observations. The target participants were among degree students from second level (TAC451 and third level (TAC501 of Arabic course. The total number of the participants is 87 respondents. Interview and observation were conducted during consultation period and then, related information was documented for the purpose of the study. Descriptive analysis was implemented to interpret the data. The findings showed a positive feedback from the learners who were involved in the experiment.

  1. Building secure wireless access point based on certificate authentication and firewall captive portal

    Directory of Open Access Journals (Sweden)

    Soewito B.

    2014-03-01

    Full Text Available Wireless local area network or WLAN more vulnerability than wired network even though WLAN has many advantages over wired. Wireless networks use radio transmissions to carry data between end users and access point. Therefore, it is possible for someone to sit in your office building's lobby or parking lot or parking lot to eavesdrop on the wireless network communication. This paper discussed securing wires local area network used WPA2 Enterprise based PEAP MS-CHAP and Captive portal firewall. We also divided the network for employer and visitor to increase the level of security. Our experiment showed that the WLAN could be broken using the attacker tool such as airodump, aireply, and aircrack.

  2. Employment Discrimination Based on Sexual Orientation and Gender Identity in Pennsylvania

    OpenAIRE

    Mallory, Christy; Hasenbush, Amira

    2013-01-01

    Pennsylvania’s 174,000 LGBT workers are vulnerable to employment discrimination absent state or federal legal protections. While 33 Pennsylvania localities provide some protections, 69 percent of the state’s workforce could suffer discrimination without recourse based on their actual or perceived sexual orientation or gender identity. Pennsylvania teachers, factory workers and law enforcement officers have all faced workplace discrimination based on their sexual orientation or gender identity...

  3. Cognitive Hacking and Digital Government: Digital Identity

    OpenAIRE

    Paul Thompson

    2004-01-01

    Recently the National Center for Digital Government held a workshop on "The Virtual Citizen: Identity, Autonomy, and Accountability: A Civic Scenario Exploration of the Role of Identity in On-Line. Discussions at the workshop focused on five scenarios for future authentication policies with respect to digital identity. The underlying technologies considered for authentication were: biometrics: cryptography, with a focus on digital signatures; secure processing/computation; and reputation syst...

  4. Identity Management

    Data.gov (United States)

    Social Security Administration — Provides information for identity management services on the creation, modification and eventual deletion of accounts and entitlements based on user relationships on...

  5. A FPGA-based identity authority method in quantum key distribution system

    International Nuclear Information System (INIS)

    Cui Ke; Luo Chunli; Zhang Hongfei; Lin Shengzhao; Jin Ge; Wang Jian

    2012-01-01

    In this article, an identity authority method realized in hardware is developed which is used in quantum key distribution (QKD) systems. This method is based on LFSR-Teoplitz hashing matrix. Its benefits relay on its easy implementation in hardware and high secure coefficient. It can gain very high security by means of splitting part of the final key generated from QKD systems as the seed where it is required in the identity authority method. We propose an specific flow of the identity authority method according to the problems and features of the hardware. The proposed method can satisfy many kinds of QKD systems. (authors)

  6. Deconstructing Place Identity? Impacts of a "Racino" on Elora, Ontario, Canada

    Science.gov (United States)

    Shannon, Meghan; Mitchell, Clare J. A.

    2012-01-01

    The heritage-scape is a socially constructed place that provides locally crafted products, cuisine, and experiences to satisfy consumers' desire for authenticity. In this paper we question if the introduction of a functionally non-conforming structure causes an existing heritage-based place identity to dismantle (i.e. deconstruct). In 2003, a…

  7. FUSION BASED MULTIMODAL AUTHENTICATION IN BIOMETRICS USING CONTEXT-SENSITIVE EXPONENT ASSOCIATIVE MEMORY MODEL : A NOVEL APPROACH

    OpenAIRE

    P. E. S. N. Krishna Prasad; Pavan Kumar K; M. V. Ramakrishna; B. D. C. N. Prasad

    2013-01-01

    Biometrics is one of the primary key concepts of real application domains such as aadhar card, passport, pan card, etc. In such applications user can provide two to three biometrics patterns like face, finger, palm, signature, iris data, and so on. We considered face and finger patterns for encoding and then also for verification. Using this data we proposed a novel model for authentication in multimodal biometrics often called Context-Sensitive Exponent Associative Memory Mode...

  8. Bar-HRM for Authentication of Plant-Based Medicines: Evaluation of Three Medicinal Products Derived from Acanthaceae Species.

    Science.gov (United States)

    Osathanunkul, Maslin; Madesis, Panagiotis; de Boer, Hugo

    2015-01-01

    Medicinal plants are used as a popular alternative to synthetic drugs, both in developed and developing countries. The economic importance of the herbal and natural supplement industry is increasing every year. As the herbal industry grows, consumer safety is one issue that cannot be overlooked. Herbal products in Thai local markets are commonly sold without packaging or labels. Plant powders are stored in large bags or boxes, and therefore buying local herbal products poses a high risk of acquiring counterfeited, substituted and/or adulterated products. Due to these issues, a reliable method to authenticate products is needed. Here DNA barcoding was used in combination with High Resolution Melting analysis (Bar-HRM) to authenticate three medicinal Acanthaceae species (Acanthus ebracteatus, Andrographis paniculata and Rhinacanthus nasutus) commonly used in Thailand. The rbcL barcode was selected for use in primers design for HRM analysis to produce standard melting profiles of the selected species. Melting data from the HRM assay using the designed rbcL primers showed that the three chosen species could be distinguished from each other. HRM curves of all fifteen test samples indicated that three of tested products did not contain the indicated species. Two closely related species (A. paniculata and R. nasutus), which have a high level of morphological similarity, were interchanged with one another in three tested products. Incorrect information on packaging and labels of the tested herbal products was the cause of the results shown here. Morphological similarity among the species of interest also hindered the collection process. The Bar-HRM method developed here proved useful in aiding in the identification and authentication of herbal species in processed samples. In the future, species authentication through Bar-HRM could be used to promote consumer trust, as well as raising the quality of herbal products.

  9. Adapting a successful inquiry-based immersion program to create an Authentic, Hands- on, Field based Curriculum in Environmental Science at Barnard College

    Science.gov (United States)

    Kenna, T. C.; Pfirman, S.; Mailloux, B. J.; Martin, S.; Kelsey, R.; Bower, P.

    2008-12-01

    Adapting a successful inquiry-based immersion program to create an Authentic, Hands-on, Field based Curriculum in Environmental Science at Barnard College T. C. Kenna, S. Pfirman, B. J. Mailloux, M. Stute, R. Kelsey, and P. Bower By adapting a successful inquiry-based immersion program (SEA semester) to the typical college format of classes, we are improving the technical and quantitative skills of undergraduate women and minorities in environmental science and improving their critical thinking and problem-solving by exposing our students to open-ended real-world environmental issues. Our approach uses the Hudson River Estuary as a natural laboratory. In a series of hands-on inquiry-based activities, students use advanced equipment to collect data and samples. Each class session introduces new analytical and data analysis techniques. All classes have the connecting theme of the river. Working with real data is open-ended. Our major findings as indicated by surveys as well as journaling throughout the semester are that the field- based experience significantly contributed to student learning and engagement. Journaling responses indicated that nearly all students discussed the importance and excitement of an authentic research experience. Some students were frustrated with data irregularities, uncertainty in methods and data, and the general challenge of a curriculum with inherent ambiguity. The majority were satisfied with the aims of the course to provide an integrative experience. All students demonstrated transfer of learned skills. This project has had a significant impact on our undergraduate female students: several students have pursued senior thesis projects stemming from grant activities, stating that the field activities were the highlight of their semester. Some students love the experience and want more. Others decide that they want to pursue a different career. All learn how science is conducted and have a better foundation to understand concepts such

  10. Authenticity at work

    NARCIS (Netherlands)

    van den Bosch, Ralph

    2016-01-01

    Authenticity at work, loosely defined as the degree to which an individual stays true to their core self, has impact on workers in the workplace. This thesis shows that authenticity at work can be measured with a reliable and valid instrument: the IAM Work. Furthermore, results of this thesis show

  11. Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

    Directory of Open Access Journals (Sweden)

    Chenyu Wang

    2017-01-01

    Full Text Available Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from offline dictionary attack or fail to achieve forward secrecy and user anonymity. It is worth mentioning that we divide offline dictionary attacks into two categories: (1 the ones using the verification from smart cards and (2 the ones using the verification from the open channel. The second is more complicated and intractable than the first type. Such distinction benefits the exploration of better design principles. We also discuss some practical solutions to the two kinds of attacks, respectively. Furthermore, we proposed a reference model to deal with the first kind of attack and proved its effectiveness by taking one of our cryptanalysis schemes as an example.

  12. An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

    Science.gov (United States)

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

    2015-11-01

    In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

  13. Capturing Cognitive Processing Time for Active Authentication

    Science.gov (United States)

    2014-02-01

    the password with password -based access control to generate a hardened password [4]. Here, we present a biometric -based active authentication...typing rhythm (CTR), Support Vector Machine (SVM), Behavioral Biometrics 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU 18. NUMBER OF... biometrics , extracted from keystroke dynamics, as “something a user is” for active authentication. This scheme performs continual verification in the

  14. AUTHENTICITY IN THE BLOGOSPHERE

    Directory of Open Access Journals (Sweden)

    Waclaw Branicki

    2010-01-01

    Full Text Available The primary purpose of this article is to answer the question of whether writing a blog defined as a personal diary can help to better understand himself. Self-awareness is a prerequisite for authentic existence. In the first part analyzed the concept of authenticity. Pointed out the relationship of authenticity to the categories of freedom, truth and responsibility. The second part presents the relationship between authentic existence and the process of self-disclosure, which may take place in the blogosphere. In the third part presents the question whether a writing blog affects the level authenticity of existence. It was recognized that a key element of this phenomenon is the sense of responsibility.

  15. Work-Based Learning, Identity and Organisational Culture

    Science.gov (United States)

    Ahlgren, Linda; Tett, Lyn

    2010-01-01

    This paper discusses the ways in which employers view the contribution of work-based learning, how participating learners' experience the provision offered to them and how far work-based programmes can contribute to changing the discourse about learning from one of deficit to one of strengths. It draws on two complementary studies of work based…

  16. Instant Java password and authentication security

    CERN Document Server

    Mayoral, Fernando

    2013-01-01

    Filled with practical, step-by-step instructions and clear explanations for the most important and useful tasks. This book takes a hands-on approach to Java-based password hashing and authentication, detailing advanced topics in a recipe format.This book is ideal for developers new to user authentication and password security, and who are looking to get a good grounding in how to implement it in a reliable way.It's assumed that the reader will have some experience in Java already, as well as being familiar with the basic idea behind user authentication.

  17. 21 CFR 1311.110 - Requirements for obtaining an authentication credential-Individual practitioners eligible to use...

    Science.gov (United States)

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Requirements for obtaining an authentication... Prescriptions § 1311.110 Requirements for obtaining an authentication credential—Individual practitioners... credentialing office) may conduct identity proofing and authorize the issuance of the authentication credential...

  18. An Authentication and Key Management Mechanism for Resource Constrained Devices in IEEE 802.11-based IoT Access Networks

    OpenAIRE

    Kim, Ki-Wook; Han, Youn-Hee; Min, Sung-Gi

    2017-01-01

    Many Internet of Things (IoT) services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM) mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X aut...

  19. Privacy preservation and authentication on secure geographical routing in VANET

    Science.gov (United States)

    Punitha, A.; Manickam, J. Martin Leo

    2017-05-01

    Vehicular Ad hoc Networks (VANETs) play an important role in vehicle-to-vehicle communication as it offers a high level of safety and convenience to drivers. In order to increase the level of security and safety in VANETs, in this paper, we propose a Privacy Preservation and Authentication on Secure Geographical Routing Protocol (PPASGR) for VANET. It provides security by detecting and preventing malicious nodes through two directional antennas such as forward (f-antenna) and backward (b-antenna). The malicious nodes are detected by direction detection, consistency detection and conflict detection. The location of the trusted neighbour is identified using TNT-based location verification scheme after the implementation of the Vehicle Tamper Proof Device (VTPD), Trusted Authority (TA) is generated that produces the anonymous credentials. Finally, VTPD generates pseudo-identity using TA which retrieves the real identity of the sender. Through this approach, the authentication, integrity and confidentiality for routing packets can be achieved. The simulation results show that the proposed approach reduces the packet drop due to attack and improves the packet delivery ratio.

  20. Anonymous authentication and location privacy preserving schemes for LTE-A networks

    Directory of Open Access Journals (Sweden)

    Zaher Jabr Haddad

    2017-11-01

    Full Text Available Long Term Evaluation Advanced (LTE-A is the third generation partnership project for cellular network that allows subscribers to roam into networks (i.e., the Internet and wireless connections using spacial purpose base-stations, such as wireless access points and home node B. In such LTE-A based networks, neither base-stations, nor the Internet and wireless connections are trusted because base-stations are operated by un-trusted subscribers. Attackers may exploit these vulnerabilities to violate the privacy of the LTE-A subscribers. On the other hand, the tradeoff between privacy and authentication is another challenge in such networks. Therefore, in this paper, we propose two anonymous authentication schemes based on one-time pseudonymes and Schnorr Zero Knowledge Protocols. Instead of the international mobile subscriber identity, these schemes enable the user equipment, base-stations and mobility management entity to mutually authenticate each others and update the location of the user equipment without evolving the home subscriber server. The security analysis demonstrate that the proposed schemes thwart security and privacy attacks, such as malicious, international mobile subscriber identity catching, and tracking attacks. Additionally, our proposed schemes preserve the location privacy of user equipment since no entity except the mobility management entity and Gate-Way Mobile Location Center can link between the pseudonymes and the international mobile subscriber identity. Also attackers have no knowledge about international mobile subscriber identity. Hence, the proposed schemes achieve backward/forward secrecy. Furthermore, the performance evaluation shows that the proposed handover schemes impose a small overhead on the mobile nodes and it has smaller computation and communication overheads than those in other schemes.

  1. Discovering your authentic leadership.

    Science.gov (United States)

    George, Bill; Sims, Peter; McLean, Andrew N; Mayer, Diana

    2007-02-01

    The ongoing problems in business leadership over the past five years have underscored the need for a new kind of leader in the twenty-first century: the authentic leader. Author Bill George, a Harvard Business School professor and the former chairman and CEO of Medtronic, and his colleagues, conducted the largest leadership development study ever undertaken. They interviewed 125 business leaders from different racial, religious, national, and socioeconomic backgrounds to understand how leaders become and remain authentic. Their interviews showed that you do not have to be born with any particular characteristics or traits to lead. You also do not have to be at the top of your organization. Anyone can learn to be an authentic leader. The journey begins with leaders understanding their life stories. Authentic leaders frame their stories in ways that allow them to see themselves not as passive observers but as individuals who learn from their experiences. These leaders make time to examine their experiences and to reflect on them, and in doing so they grow as individuals and as leaders. Authentic leaders also work hard at developing self-awareness through persistent and often courageous self-exploration. Denial can be the greatest hurdle that leaders face in becoming self-aware, but authentic leaders ask for, and listen to, honest feedback. They also use formal and informal support networks to help them stay grounded and lead integrated lives. The authors argue that achieving business results over a sustained period of time is the ultimate mark of authentic leadership. It may be possible to drive short-term outcomes without being authentic, but authentic leadership is the only way to create long-term results.

  2. Four Year-Olds Use Norm-Based Coding for Face Identity

    Science.gov (United States)

    Jeffery, Linda; Read, Ainsley; Rhodes, Gillian

    2013-01-01

    Norm-based coding, in which faces are coded as deviations from an average face, is an efficient way of coding visual patterns that share a common structure and must be distinguished by subtle variations that define individuals. Adults and school-aged children use norm-based coding for face identity but it is not yet known if pre-school aged…

  3. An efficient and provable secure revocable identity-based encryption scheme.

    Directory of Open Access Journals (Sweden)

    Changji Wang

    Full Text Available Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters' identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters.

  4. [Review of the book What about me? : The struggle for identity in a market-based society, Paul Verhaeghe, 2014

    NARCIS (Netherlands)

    Nienass, Benjamin; Trautmann, Stefan

    In his book What about me? The struggle for identity in a market-based society, clinical psychologist and psychotherapist Paul Verhaeghe tries to elucidate the link between neo-liberal society, identity, and mental health. Verhaeghe starts from the observation that our identity is shaped by the

  5. A Review Of Authentication Methods

    OpenAIRE

    Nilesh A. Lal; Salendra Prasad; Mohammed Farik

    2015-01-01

    Authentication is process of granting a user access to an information system. There are three main types of authentication mechanisms password entry smart card and biometric. Each authentication mechanism functions differently and has their strengths and weakness. In this paper we review different types of authentication mechanisms their vulnerabilities and recommend novel solutions.

  6. A Review Of Authentication Methods

    Directory of Open Access Journals (Sweden)

    Nilesh A. Lal

    2015-08-01

    Full Text Available Authentication is process of granting a user access to an information system. There are three main types of authentication mechanisms password entry smart card and biometric. Each authentication mechanism functions differently and has their strengths and weakness. In this paper we review different types of authentication mechanisms their vulnerabilities and recommend novel solutions.

  7. Richard Peters and Valuing Authenticity

    Science.gov (United States)

    Degenhardt, M. A. B.

    2009-01-01

    Richard Peters has been praised for the authenticity of his philosophy, and inquiry into aspects of the development of his philosophy reveals a profound authenticity. Yet authenticity is something he seems not to favour. The apparent paradox is resolved by observing historical changes in the understanding of authenticity as an important value.…

  8. Location-assured, multifactor authentication on smartphones via LTE communication

    Science.gov (United States)

    Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

    2013-05-01

    With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client's current location, thus defines the important aspects of "who", "when", and "where" of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client's location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client's Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE's Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client's claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication.

  9. Persistent Authentication in Smart Environments

    DEFF Research Database (Denmark)

    Hansen, Mads Syska; Kirschmeyer, Martin; Jensen, Christian D.

    2008-01-01

    present a proof-of-concept implementation of the proposed mechanism, which employs camera based tracking with a single stationary 3D camera that uses the "time of flight" principle. A preliminary evaluation of the proposed mechanism indicates that persistent authentication is technically possible...... with the proposed hardware. The proposed model is sufficiently general to allow the addition of more cameras or supplemental tracking technologies, which will improve the robustness and scalability of the proposed mechanism....

  10. Robust general N user authentication scheme in a centralized quantum communication network via generalized GHZ states

    Science.gov (United States)

    Farouk, Ahmed; Batle, J.; Elhoseny, M.; Naseri, Mosayeb; Lone, Muzaffar; Fedorov, Alex; Alkhambashi, Majid; Ahmed, Syed Hassan; Abdel-Aty, M.

    2018-04-01

    Quantum communication provides an enormous advantage over its classical counterpart: security of communications based on the very principles of quantum mechanics. Researchers have proposed several approaches for user identity authentication via entanglement. Unfortunately, these protocols fail because an attacker can capture some of the particles in a transmitted sequence and send what is left to the receiver through a quantum channel. Subsequently, the attacker can restore some of the confidential messages, giving rise to the possibility of information leakage. Here we present a new robust General N user authentication protocol based on N-particle Greenberger-Horne-Zeilinger (GHZ) states, which makes eavesdropping detection more effective and secure, as compared to some current authentication protocols. The security analysis of our protocol for various kinds of attacks verifies that it is unconditionally secure, and that an attacker will not obtain any information about the transmitted key. Moreover, as the number of transferred key bits N becomes larger, while the number of users for transmitting the information is increased, the probability of effectively obtaining the transmitted authentication keys is reduced to zero.

  11. Guidelines on stepping up the authentication component in AAIs implementing the AARC BPA (AARC-G029)

    OpenAIRE

    AARC Consortium Partners; AppInt members

    2018-01-01

    A number of research community use cases require users to verify their identity by using more than one type of credentials, for instance using password authentication, together with some physical object such as a phone or usb stick that generates tokens/pins, etc. At the same time, there are services that may require an already logged in user to re-authenticate using a stronger authentication mechanism when accessing sensitive resources. Authentication step-up is then needed to improve the or...

  12. Security extension for the Canetti-Krawczyk model in identity-based systems

    Institute of Scientific and Technical Information of China (English)

    LI Xinghua; MA Jianfeng; SangJae Moon

    2005-01-01

    The Canetti-Krawczyk (CK) model is a formalism for the analysis of keyexchange protocols, which can guarantee many security properties for the protocols proved secure by this model. But we find this model lacks the ability to guarantee key generation center (KGC) forward secrecy, which is an important security property for key-agreement protocols based on Identity. The essential reason leading to this weakness is that it does not fully consider the attacker's capabilities. In this paper, the CK model is accordingly extended with a new additional attacker's capability of the KGC corruption in Identity-based systems, which enables it to support KGC forward secrecy.

  13. Pursuing Authenticity From Process to Outcome in a Community-Based Participatory Research Study of Intimate Partner Violence and HIV Vulnerability in North Karnataka, India.

    Science.gov (United States)

    Blanchard, Andrea Katryn; Sangha, Chaitanya Aids Tadegattuva Mahila; Nair, Sapna G; Thalinja, Raghavendra; Srikantamurthy, H S; Ramanaik, Satyanaryana; Javalkar, Prakash; Pillai, Priya; Isac, Shajy; Collumbien, Martine; Heise, Lori; Bhattacharjee, Parinita; Bruce, Sharon Gail

    2017-01-01

    Community-based participatory research has been seen to hold great promise by researchers aiming to bridge research and action in global health programs and practice. However, there is still much debate around whether achieving authenticity in terms of in-depth collaboration between community and academic partners is possible while pursuing academic expectations for quality. This article describes the community-based methodology for a qualitative study to explore intimate partner violence and HIV/AIDS among women in sex work, or female sex workers, and their male partners in Karnataka, South India. Developed through collaborative processes, the study methodology followed an interpretive approach to qualitative inquiry, with three key components including long-term partnerships, knowledge exchange, and orientation toward action. We then discuss lessons learned on how to pursue authenticity in terms of truly collaborative processes with inherent value that also contribute to, rather than hinder, the instrumental goal of enhancing the quality and relevance of the research outcomes. © The Author(s) 2016.

  14. eBiometrics: an enhanced multi-biometrics authentication technique for real-time remote applications on mobile devices

    Science.gov (United States)

    Kuseler, Torben; Lami, Ihsan; Jassim, Sabah; Sellahewa, Harin

    2010-04-01

    The use of mobile communication devices with advance sensors is growing rapidly. These sensors are enabling functions such as Image capture, Location applications, and Biometric authentication such as Fingerprint verification and Face & Handwritten signature recognition. Such ubiquitous devices are essential tools in today's global economic activities enabling anywhere-anytime financial and business transactions. Cryptographic functions and biometric-based authentication can enhance the security and confidentiality of mobile transactions. Using Biometric template security techniques in real-time biometric-based authentication are key factors for successful identity verification solutions, but are venerable to determined attacks by both fraudulent software and hardware. The EU-funded SecurePhone project has designed and implemented a multimodal biometric user authentication system on a prototype mobile communication device. However, various implementations of this project have resulted in long verification times or reduced accuracy and/or security. This paper proposes to use built-in-self-test techniques to ensure no tampering has taken place on the verification process prior to performing the actual biometric authentication. These techniques utilises the user personal identification number as a seed to generate a unique signature. This signature is then used to test the integrity of the verification process. Also, this study proposes the use of a combination of biometric modalities to provide application specific authentication in a secure environment, thus achieving optimum security level with effective processing time. I.e. to ensure that the necessary authentication steps and algorithms running on the mobile device application processor can not be undermined or modified by an imposter to get unauthorized access to the secure system.

  15. A Taxonomy for Enhancing Usability, Flexibility, and Security of User Authentication

    Directory of Open Access Journals (Sweden)

    Susan Gottschlich

    2017-12-01

    Full Text Available Two technology trends – a move toward software defined capabilities and toward networked devices – support both unprecedented innovations and requirements for security. A fundamental aspect of security is user authentication, which allows devices and software applications to establish their user’s identity and identity is in turn used to establish which of its capabilities the user is authorized to access. While multiple authentication steps, known as multifactor authentication, are being used more widely throughout the military, government, businesses, and consumer sectors, the selection and implementation of which authentication factors to require is typically defined by security policy. Security policy is in turn typically established by a security organization that may have no formal metrics or means to guide its selection of authentication factors. This paper will present a taxonomy for describing authentication factors including important attributes that characterize authentication robustness to aid in the selection of factors that are consistent with the user’s mission. One particular authentication factor that I have developed will be discussed in the context of this taxonomy to motivate the need to broaden current definitions and security policies. The ultimate goal of this paper is to inspire the development of standards for authentication technologies to both support mission aware authentication innovation and to inform decision making about security policies concerning user authentication and authorization. Further, this paper aims to demonstrate that such an approach will fundamentally enhance both security and usability of increasingly networked, software-defined devices, equipment and software applications.

  16. ECG authentication in post-exercise situation.

    Science.gov (United States)

    Dongsuk Sung; Jeehoon Kim; Myungjun Koh; Kwangsuk Park

    2017-07-01

    Human authentication based on electrocardiogram (ECG) has been a remarkable issue for recent ten years. This paper proposed an authentication technology with the ECG data recorded after the harsh exercise. 55 subjects voluntarily attended to this experiment. A stepper was used as an exercise equipment. The subjects are asked to do stepper for 5 minutes and their ECG signals are acquired before and after the exercise in rest, sitting posture. Linear discriminant analysis (LDA) was used for both feature extraction and classification. Even though, within the first 1 minute recording, the subject recognition accuracy was 59.64%, which is too low to utilize, after one minute the accuracy was higher than 90% and it increased up to 96.22% within 5 minutes, which is plausible to use in authentication circumstances. Therefore, we have concluded that ECG authentication techniques will be able to be used after 1 minute of catching breath.

  17. STUDENTS’ POTENTIAL FOR AUTHENTIC LEADERSHIP

    OpenAIRE

    Djurdja Solesa-Grijak; Dragan Solesa; Nedjo Kojic

    2015-01-01

    To know yourself and to act accordingly has been seen as a moral imperative throughout history. The aim of this research was to determine potential of students for authentic leadership and relation between their authentic personality and potential for authentic leadership. The sample consisted of students (N=133) from Serbia (male – 59% and female – 41%). The average age of students was M=21.9. Instruments used were Authenticity Scale (Wood et al., 2008) and Authentic Leadership Self-Assessme...

  18. Identification and Authentication Policy

    National Research Council Canada - National Science Library

    Gimble, Thomas

    1999-01-01

    .... We will accomplish the audit objective in two phases. In this phase, we reviewed current DoD Component policies on the use of identification and authentication controls to access information systems...

  19. Identity Assemblages

    DEFF Research Database (Denmark)

    Horn, Line Helverskov

    The study aims at exploring how identity is enacted within the context of a two-year programme in Service, Hospitality, and Tourism Management (SHTM). This research thus investigates how students and educators go about their daily lives in different educational contexts both on and off campus...... as a contribution to the body of literature of ANT-based studies. Second, it contributes to existing identity theories by exemplifying a socio-material approach to identity issues. Third, the study enables reflections upon how educational institutions as fundamentally identity-producing organisations acknowledge...

  20. Authenticated Secure Container System (ASCS)

    International Nuclear Information System (INIS)

    1991-01-01

    Sandia National Laboratories developed an Authenticated Secure Container System (ASCS) for the International Atomic Energy Agency (IAEA). Agency standard weights and safeguards samples can be stored in the ASCS to provide continuity of knowledge. The ASCS consists of an optically clear cover, a base containing the Authenticated Item Monitoring System (AIMS) transmitter, and the AIMS receiver unit for data collection. The ASCS will provide the Inspector with information concerning the status of the system, during a surveillance period, such as state of health, tampering attempts, and movement of the container system. The secure container is located inside a Glove Box with the receiver located remotely from the Glove Box. AIMS technology uses rf transmission from the secure container to the receiver to provide a record of state of health and tampering. The data is stored in the receiver for analysis by the Inspector during a future inspection visit. 2 refs