The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Authentication plays a critical role in securing any online banking system, and many banks and various services have long relied on username/password combos to verify users. Memorizing usernames and passwords for a lot of accounts becomes a cumbersome and inefficient task. Furthermore, legacy authentication methods have failed over and over, and they are not immune against a wide variety of attacks...
This article observes ways and techniques that can be used to gain access to MySQL databases. HoneyPot that simulates main MySQL server functions was built in order to collect data about attacks. There is gathered a password dictionary that was collected based on attempts to gain access to MySQL HoneyPot. There are diagrams, that show distributions of attacks number at a specific time and region,...
Recently Lu et al. proposed a modified anonymous two-factor authenticated key exchange protocol to eliminate the security weaknesses of Xie et al.'s scheme. They hence claimed that their scheme is immune to possible well-known attacks. However, we found that Lu et al.'s protocol is still insecure against the outsider attack, user impersonation attack, and off-line password guessing attack. To overcome...
Authentication is the first step to access a resource (service, website, data, etc.), so it is of vital importance in a system. The most widely used authentication mechanisms are one-factor authentication based on password and two-factor authentication methods which require a password and another factor (verification code, biometric feature, hardware token, software plug-in, etc.). However, in many...
Online healthcare system provides healthcare services remotely to the patient which include telecare medicine system, patient monitoring system, patient healthcare system etc. Authentication schemes plays a significant and crucial role in providing legitimacy of patient and protection to medical resources/services. New trends in cryptography make the online healthcare services feasible solution to...
Now a days many people are doing online financial transactions. This transaction needs to be secure. There are various attacks present behind this. Phishing is one type of attack. For detecting this attack, various anti-phishing mechanisms are used. In phishing process, suppose cheater sends out thousands of phishing emails with a link to the fake website. Victims click on links in email believing...
Interconnected computer systems and services using networks have improved the dependence on the stored accumulated data. Interconnected systems via network, in turn, could expedite security attacks. Recently, network security and cryptography techniques have evolved, leading to the advancement of biometric-based smart cards technique to implement the security of networks. In this paper, we demonstrated...
This paper has presented an approach of vTPM (virtual Trusted Platform Module) Dynamic Trust Extension (DTE) to satisfy the requirements of frequent migrations. With DTE, vTPM is a delegation of the capability of signing attestation data from the underlying pTPM (physical TPM), with one valid time token issued by an Authentication Server (AS). DTE maintains a strong association between vTPM and its...
With the increase in Man-in-the-Middle (MITM) attacks capable of breaking Hypertext Transfer Protocol Secure (HTTPS) over the past five years, researchers tasked with the improvement of HTTPS must understand each attacks characteristics. However with the large amount of attacks it is difficult to discern attack differences, with out any existing classification system capable of classifying these attacks...
Smart card is widely accepted device which is used as a second authenticating factor in remote user authentication schemes. Kim-Chung proposed a remote user authentication scheme and they claimed that their scheme resists various security problems which were present in previous schemes such as offline leakage of password, stolen verifier attack, chances of masquerading the entities of the scheme....
The cloud services are shared in one are more customers by pooling in a multitenant environment, which provides virtualized resources to the customer using different technologies. Virtual machine (VM) is a important software program, which is being used in cloud computing. It includes the behavior of the computer and also which is act as an implementation carrier to accomplish the running applications...
Increased usage of multilevel security is noticed along with a rise in vulnerabilities for password based authentication. This is a level III security protection by authentication, which uses handwritten signature using mouse movement. User mouse behavioral pattern based security is a paradigm for online security layers. It uses digital signature to establish authentication with a secure system. The...
The earlier remote password authentication schemes required a service providing server to authenticate a legitimate user for remote login. However, the traditional schemes are not useful in multi-server architecture because of multiple user ids and passwords. In this paper, we present a remote password authentication scheme for multi-server architecture that can be robust and improved network security...
Industrial espionage through complex cyber attacks such as Advanced Persistent Threats (APT) is an increasing risk in any business segment. Combining any available attack vector professional attackers infiltrate their targets progressively, e.g. through combining social engineering with technical hacking. The most relevant targets of APT are internal enterprise and production networks providing access...
Authentication refers to the process of ensuring confidentiality of data. It basically involves verifying a user's identity for accessing a system or service. There are three ways of authentication-i)using something that a user knows eg password ii)using something that a user has eg smart card or identity card iii)using something that a user is or does for example face, finger print, voice etc. To...
In this world of e-technology, two users/systems requires to authenticate each other before exchanging the information. For this, there are numerous schemes proposed and analyzed for authentication. Indeed, in 2013, Chang et al.'s proposed an efficient untraceable dynamic identity system based on remote user authentication and claimed that the scheme is secure against various attack. In opposition,...
Public computer lab is very common in college and university. The main cost for maintenance lab is the power cost. In our university, the public computer lab consume more than 40kWh per day. The earlier study found that most cost comes from a major part: Some users don't shut down the computer after their usage. In this study, we use a low-power single-board computer (Raspberry Pi 2) for interactive...
After a user logs into web server using a public personal computer or a mobile device such as mobile phone, the leakage of his personal information may occur because he often forgets to log out from web server. To prevent the leakage of the personal information instantaneously, we propose a new login status control method based on the connectivity of web servers and a single mobile application. The...
In this paper, we propose a remote password authentication scheme based on 3-D geometry with biometric value of a user. It is simple and practically useful and also a legal user can freely choose and change his password using smart card that contains some information. The security of the system depends on the points on the diagonal of a cuboid in 3D environment. Using biometric value makes the points...
In traditional symmetric authentication schemes for smart card, the smart card sends its card number in plaintext to verify the genuineness of the authentication server (AS), resulting in the leakage of some sensitive information and being attacked. Therefore, in this paper, to prevent the leakage of card number we propose a novel symmetric authentication scheme in which the card number is powered...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.