The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Location-based Services (LBS) are a kind of important applications which identify the resources close to users, i.e. return the nearest gas stations, restaurants, banks etc, as well as identification of the optimal route to reach destination according to user position. However, privacy threat is the inherent problem in LBS as the location data is very effective for service provisioning. Thus, we focus...
Recently Lu et al. proposed a modified anonymous two-factor authenticated key exchange protocol to eliminate the security weaknesses of Xie et al.'s scheme. They hence claimed that their scheme is immune to possible well-known attacks. However, we found that Lu et al.'s protocol is still insecure against the outsider attack, user impersonation attack, and off-line password guessing attack. To overcome...
Traditional authentication methods are vulnerable to different types of attacks. The authentication scheme like password or PIN-based have proven to be vulnerable to different forms of observation attacks such as, video-recording, key-logging or shoulder surfing attacks. In order to reduce these type of attacks, a number of solutions have been proposed. More used proposed system is the cognitive authentication...
Mobile agents, which are used for building distributed systems effectively, are autonomous programs that can travel through a computer network to fulfill their tasks. For practical use of mobile agents, protecting agents and platforms is an extremely important matter. Nevertheless, few security techniques exist for the DASH agent framework, which supports agent mobility. Other agent frameworks such...
Providing Authentication to any system leads to provide more security to that system. There are many authentication techniques are available, such as textual password, biometric etc. Almost all securities are covered with textual password, still it has some drawbacks. It is not hard for hackers to hack computer system secured with textual password. When user types password, the hacker can trace the...
With the increase in Man-in-the-Middle (MITM) attacks capable of breaking Hypertext Transfer Protocol Secure (HTTPS) over the past five years, researchers tasked with the improvement of HTTPS must understand each attacks characteristics. However with the large amount of attacks it is difficult to discern attack differences, with out any existing classification system capable of classifying these attacks...
Universities and other educational organizations are adopting computer and Internet-based assessment tools (herein called e-exams) to reach widespread audiences. While this makes examination tests more accessible, it exposes them to new threats. At present, there are very few strategies to check such systems for security, also there is a lack of formal security definitions in this domain. This paper...
Article describes the architecture design of user authentication system. The key features of architecture is resistance to changes in architectural and infrastructural scopes. That allows to control the functionality of the system and gives possibility to change it without special knowledge and the additional costs, to implement better support for devices from different manufactures. In addition,...
Industrial espionage through complex cyber attacks such as Advanced Persistent Threats (APT) is an increasing risk in any business segment. Combining any available attack vector professional attackers infiltrate their targets progressively, e.g. through combining social engineering with technical hacking. The most relevant targets of APT are internal enterprise and production networks providing access...
Radio Frequency Identification (RFID) is considered to be an authentication technology of great potential. Due to the bright future of low-cost RFID tags in practical situations, the authentication towards multiple tags and tag groups has become the research hotspot. However, there are many concerns about the security risks and privacy issues in lightweight RFID authentication scenarios. Many researches...
This paper highlights different security threats and vulnerabilities that is being challenged in smart-grid utilizing Distributed Network Protocol (DNP3) as a real time communication protocol. Experimentally, we will demonstrate two scenarios of attacks, unsolicited message attack and data set injection. The experiments were run on a computer virtual environment and then simulated in DETER testbed...
We present a quantum key distribution protocol based on the double-lock cryptography. It exploits the asymmetry in the detection strategies between the legitimate users and the eavesdropper. With coherent states, the mean photon number can be as larger as 10.
The websites of the modern Web integrate content from multiple parties to provide an enriched user experience. The so-called single sign-on forms part of this integration whereby a relying website enables a user to use her credentials on a third-party provider (such as Google or Facebook) to authenticate with itself and, if desired, authorize itself to use her resources on the provider. The user benefits...
There are various issues on current wireless network technology. MITM (Man-In-The-Middle) attack is generally done by spoofing between network access point and clients. MITM attacked is hard to be aware by the client. In this paper, we propose an algorithm, SALT-HASH, to detect MITM attack without necessity of certifications.
As sensor nodes are deployed in hostile or remote environment and unattended by human, they are prone to different kind of attacks. So adaptation of dynamic key is very important for secure key management, for encrypting messages for communication.
User constrained devices such as smart cards are commonly used in human-protocol interaction. Modelling these devices as part of human-protocol interaction is still an open problem. Examining the interaction of these devices as part of security ceremonies offers greater insight. This paper highlights two such cases: modelling extra channels between humans and devices in the ceremony, and modelling...
Recently, Cipresso et al proposed a novel method for generating textual passwords. The PsychoPass password can be created, memorized and recalled by thinking of an action sequence instead of a string of characters. Objective: The objective of this paper is to analyze how and when the PsychoPass passwords are resilient to brute force attacks and how they compare to randomly generated ones. Methods:...
Recently, removable (external USB) mass storage devices are finding widespread utilization for transferring and backing up data. They even can be used as bootable devices. They have brought us great convenience, yet, simultaneously, they are very vulnerable to the extraction of private and confidential data from computer systems. Some access authentication schemes have been proposed for removable...
Batch recall is a practically important problem for most industry manufacturers. The batches of products which contain flawed parts need to be recalled by manufacturers in time to prevent further economic and health loss. Accurate batch recall could be a challenging issue as flawed parts may have already been integrated into a large number of products and distributed to customers. The recent development...
The external storage using a universal serial bus (USB) communication become the most popular use for storing digital data. Application such as evidence acquisition in digital forensic area needs external storage devices that are portable, high speed of data transfer, and easy to use for collecting digital data from suspect computers. Apart from these advantages of USB storage devices, they do not...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.