The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we introduce a new fine-grained two-factor authentication (2FA) access control system for web-based cloud computing services. Specifically, in our proposed 2FA access control system, an attribute-based access control mechanism is implemented with the necessity of both a user secret key and a lightweight security device. As a user cannot access the system if they do not hold both, the...
The electrical power grid forms the function foundation of our modern societies, but in the near future our grids will reach a limit due to increased demand and aging infrastructures. As a result nations worldwide have started to convert their power grids into modern, dynamic grids with improved communications and control systems. The Smart Grid will thus be better able to incorporate new forms of...
As the easiest and cheapest way of authenticating an end user, password based authentication methods have been consistently chosen by almost every new cloud service. Unfortunately, the explosive growth of cloud services and web applications has made it impossible for users to manage dozens of passwords for accessing different cloud services. The situation is even worse considering the potential application...
Analyzed some shortages of the existing one-time password (OTP) authentication schemes, a new OTP authentication scheme is designed. This scheme used the SM2 cryptographic algorithm and Hash function to ensure data transmission security, provided the mutual authentication between client and server, resisted different kinds of attacks, and protected the user's identity information effectively. Analysis...
Invoices are the voucher to reimburse for official expenses. However, fake paper invoices spread in our lives. The appearance of electronic invoices can solve the problem of fake invoices. Before the business purchases invoices from Inland Revenue, The Inland Revenue and the business identify the authenticities of each other and generate a temporary session key between them through Key Distribution...
Remote attestation of computing platforms, using trusted hardware, guarantees the integrity, and by this the trustworthiness of a host to remote parties. While classical binary attestation attests the configuration itself, property-based attestation (PBA) attests properties and thus offers higher privacy guarantees to the host and its user. Nonetheless, both techniques are free from any user authentication...
A novel and efficient WLAN fast authentication Protocol (FWAI) is proposed and compared with IEEE 802111i and WAPI about their security and performance. Then FWAI is analyzed with BAN-like logic on the security. Results show that FWAI achieves its security properties and there are no security vulnerabilities or redundancy in it.
To use the network services provided by multiple servers in mobile wireless network, a hash function and smart card based multi-server authentication scheme without verification tables and servers' public keys is proposed. The new protocol has many advantages, such as no encryption, signature, verification tables, timestamp, and public keys directory.
Introduced the credible computation's background and analyzed the TCG organization had Issued two authentication standard agreement: The trusted third party agreement and the direct anonymous authentication agreement, practice prove that the direct anonymous authentication agreement cannot be under the very good control in actual anonymous, this article proposed the improvement mentality in the original...
Harn and Lin proposed an authenticated key agreement without using one-way hash functions. It enables two communicating parties to establish four common session keys by sending two Diffie-Hellman public keys in a single round of message exchange. However, to resist the known key attack, only three common session keys can be used. Over the past years, all researches study to establish four common session...
Password authentication is a widely used entity authentication means nowadays. In password authentication, the server needs to manage a password file containing all user passwords. This poses a tremendous threat to the safety of the passwords: if the server is compromised, all passwords are immediately disclosed. A common countermeasure to this issue of single point of failure is to deploy multiple...
To set up various kinds of application system on moving Ad Hoc network, an effective mechanism for security assurance has to be provided. The paper puts forward the Plan for Threshold Identity Authentication that is based on partial Hash table without credibility center. The plan can effectively resist the external attack and passive attack from internal nodes, and thus improve the efficiency of various...
A novel security scheme at network layer is proposed. It provides mutual authentication between the communication partners by adopting the effective combined public key (CPK) algorithm, which is an identity-based cryptosystem. And each outgoing packet can be digitally signed with CPK-based signature, which uses elliptic curve digital signature algorithm (ECDSA) and may offer equal security with a...
This paper briefly describes what is a smart card and its standard authentication schemes. Additionally, this paper provides high level overview of code signing mechanisms, which serve the purpose to ensure the smart card application (possible provided by 3rd Party Application Provider) is genuine and from an authorized provider.
Password authentication over unreliable networks is the most popular method in the Internet and mobile communication environments. Lately, Peyravian and Jeffries proposed the password-based remote user authentication protocol, password change, and session key establishment over insecure networks without requiring and any additional private-key or public-key infrastructure. However, Peyravian-Jeffries's...
The flow of information security is commonly controlled by different trust domains in the distributed environment. The information sharing in a unique trust domain, however, is also an essential issue to be further studied. Fortunately, the trusted computing technology provides a nice solution to elaborate the security of information sharing in the same trust domain. In this paper, trusted terminal...
Mobile agent and its security are first introduced in this paper. Fundamental to the mentioned communication security properties are issues relating to the identification and authentication of sending and receiving parties. A security authentication scheme for mobile agent of multi domain is provided and a detail description is given in the paper. The scheme is based on identity-based public key cryptography,...
Distributed systems have been used to solve some complicated problems. In order to make better use of resources in distributed systems, people have designed many approaches and developed many systems to manage processes in distributed systems, but most of the management systems are paid little attention on reliability of them. There may be some attacks in complex network environment. Therefore the...
An electronic voting system makes it possible for the voters to cast their ballots over the computer network. Hence, voters can participate in elections without having to go to the polling places, which is more convenient and efficient. To design a practical voting scheme, Mu and Varadharajan proposed an anonymous secure electronic voting scheme to be applied over the network in 1998. However, Linet...
Because DDoS attacks destination servers from computers distributed all over network, it is very hard to locate attacking sources and resist DDoS. In this paper, a new defending mechanism based on registration and authentication against DDoS is proposed. By bidirectional warning messages, it can help locate attacking sources quickly and resist DDoS more exactly. According to the mechanism, all servers...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.