The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Due to the increasing dependency of critical infrastructure on synchronized clocks, network time synchronization protocols have become an attractive target for attackers. We identify data origin authentication as the key security objective and therefore conduct a comprehensive, theoretical evaluation of data origin authentication schemes from different application fields with regard to their applicability...
Radio Frequency Identification (RFID) makes it a supporting technology for the Internet of things (IoT). While RFID has been widely used and developed rapidly, its security and privacy issues cannot be ignored. With the development of cloud computing, cloud based RFID system has become a new solution. Protecting the security of RFID system in cloud environment is particularly important. Not verifying...
In today's world, an enterprise user uses quite a number of applications or IT resources which have their own set of credentials. These credentials differ from system to system or applications to applications and needs to be remembered by the particular user. Also, user has to enter the different credentials too again and again whenever re-login to any application is needed. This consumes time and...
A two-factor authentication scheme that is based on a static password known only by the user and a one-time password generated by a smart card is proposed. Our design goal is to increase security level against insider attacks keeping computational costs as low as possible. Avoiding asymmetric cryptography, we achieve good efficiency results.
Multi sender attribute-based broadcast authentication scheme for the network containing resource constrained nodes is the main focus of this research. In this paper, we proposed a framework in which each element of a set of authorized users whose attributes satisfy a special sign control policy can generate a valid signature. In this framework, there exists a trusted server who receives and verifies...
In today's world, an enterprise user uses quite a number of applications or IT resources which have their own set of credentials. These credentials differ from system to system or applications to applications and needs to be remembered by the particular user. Also, user has to enter the different credentials too again and again whenever re-login to any application is needed. This consumes time and...
The Network Time Security specification provides measures which are designed to add security to time synchronization protocols, while considering their specific timing-related requirements. The development of the specification is accompanied by formal analysis of its security model. Special attention is paid to the Network Time Protocol, for which an implementation of those measures is in progress.
With the proliferation of pervasive computing which enables global connectivity of surrounding objects, the importance of security and its methodology is getting more recognized recently. However, since networking devices composing the pervasive computing are usually resource-constrained compared to traditional devices, there are many difficulties in deploying complex security functionality on them...
Although the great success and the popularity of Cloud computing, an important number of challenges and threats are inherent to this new computing paradigm. One of the serious challenges in Cloud service architecture is managing authentication. Our goal in this paper is to present a flexible authentication solution based on TLS standard and asynchronous one time password mechanism. Our purpose is...
Although using both user name and password is predominantly the main solution for online authentication, it has several drawbacks such as user necessity to memorize different complex passwords, the need to renew password periodically, and the possibility of being victim of spear phishing or social engineering. Most importantly, many users end up saving their passwords in plain text file that could...
Cloud computing provides a scalable computing platform through which large datasets can be stored and analyzed. However, because of the number of storage models used and rapidly increasing data sizes, it is often difficult to efficiently and securely access, transfer, synchronize, and share data. The authors describe the approaches taken by Globus to create standard data interfaces and common security...
Authentication and key exchange are fundamental techniques for enabling secure communication over mobile networks. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure biometrics-based remote user authentication scheme have been extensively investigated by research community in these years. Recently, two biometrics-based authentication...
The rapid development of the Internet facilitates our lives in many aspects. More and more business will be done through Internet. Under such circumstances, enough attention must be given to the information security, of which the identity authentication is one important problem. In the traditional authentication scheme, the user provides the username and static password to service provider, but there...
Because of non-stop applications' growth of network environment, making communications in such ambiance security is very important. Recently, Ashok Kumar Das has proposed a scheme to recover some pitfalls in Li et al.'s scheme. Das's protocol also utilizes biometrics and random value instead of time - stamp. Besides, storing temporary nonce to withstand replay attack is an inherited aspect of this...
Remote user authentications are an essential tool for e-commerce in Internet environment. In these systems, identity privacy is provided by concealing user's identity. In this article, we introduce the identity privacy study of this setting, and explore a secure and efficient dynamic ID-based remote user authentication protocol with untraceability. We adapt a pair of dynamic IDs to realize the user's...
In order to realize data synchronization between distributed information systems and design an information portal to provide convenient logon and browser services, financial information portal system of university was designed which contains the scheme of data synchronization based on service oriented architecture, web service and XML and the scheme of single sign on based on unified identity authentication...
Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers as data. This mechanism has vulnerabilities that can...
Transport Layer Security (TLS) constitutes the main protocol used to secure the exchanges in the Internet. Indeed, this protocol assures the server authentication based generally on public key certificates but the client authentication is rarely required and if it is assured, its identity is sent in clear text. In this paper, we propose TLS-HOTP protocol, an extension to TLS to provide client authentication...
Two-factor authentication (2FA) provides improved protection, since users are prompted to provide something they know and something they have. This method delivers a higher-level of authentication assurance, which is essential for online banking security. Many banking systems have satisfied the2FA requirements by sending a One Time Password (OTP), something possessed, through an SMS to the user's...
Authentication has been a cornerstone of computer security for decades. A considerable number of authentication protocols have been specified and implemented. This paper compares most common families of client-server authentication protocols and shows the benefits of the combined use of One Time Password (OTP) with Password Authenticated Key Exchange (PAKE) protocols. Then, the paper addresses a particular...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.