Academic qualification acceptability and authenticity : a comparative risk assessment of approaches employed by the recruitment and higher education sectors of Australia.

Brown, George Maxwell

January 2007

Title page, contents and abstract only. The complete thesis in print form is available from the University of Adelaide Library. / To investigate the extent of the problem of use of fraudulent academic qualifications in Australia, the study used two approaches under the theoretical framework of risk management. Firstly, the author assessed the potential risk of Australian academic qualifications being falsified and available on the Internet, through an exploratory research question. Secondly, equivalency testing was used to assess how far existing verification tools were being employed by three separate users of academic qualifications in Australia. --p. xix. / http://proxy.library.adelaide.edu.au/login?url= http://library.adelaide.edu.au/cgi-bin/Pwebrecon.cgi?BBID=1289333 / Thesis (Ph.D.) -- University of Adelaide, School of Education, 2007

Academic qualification acceptability and authenticity : a comparative risk assessment of approaches employed by the recruitment and higher education sectors of Australia.

Brown, George Maxwell

January 2007

Title page, contents and abstract only. The complete thesis in print form is available from the University of Adelaide Library. / To investigate the extent of the problem of use of fraudulent academic qualifications in Australia, the study used two approaches under the theoretical framework of risk management. Firstly, the author assessed the potential risk of Australian academic qualifications being falsified and available on the Internet, through an exploratory research question. Secondly, equivalency testing was used to assess how far existing verification tools were being employed by three separate users of academic qualifications in Australia. --p. xix. / http://proxy.library.adelaide.edu.au/login?url= http://library.adelaide.edu.au/cgi-bin/Pwebrecon.cgi?BBID=1289333 / Thesis (Ph.D.) -- University of Adelaide, School of Education, 2007

Optimal user authentication schemes in mobile ad hoc networks /

Liu, Jie.

January 1900

Thesis (M.App.Sc.) - Carleton University, 2007. / Includes bibliographical references (p. 97-100). Also available in electronic format on the Internet.

Energy-aware and secure routing with trust levels for wireless ad hoc and sensor networks

Taqieddin, Eyad Salah,

January 2007

Thesis (Ph. D.)--University of Missouri--Rolla, 2007. / Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed October 25, 2007) Includes bibliographical references.

Σχεδιασμός κρυπτογραφικής πλατφόρμας για πιστοποίηση μηνυμάτων με χρήση CBC και HMAC μηχανισμών (VLSI υλοποίηση)

Θανασούλης, Βασίλης

19 January 2010

Σκοπός αυτής της διπλωματικής εργασίας ήταν: ο σχεδιασμός και η υλοποίηση (σε γλώσσα περιγραφής υλικού VHDL) ενός πλήρως pipeline CBC-HMAC συστήματος που εξασφαλίζει τις κρυπτογραφικές υπηρεσίες της εμπιστευτικότητας, της ακεραιότητας και της επικύρωσης. Το κίνητρο αυτής της υλοποίησης ήταν οι πολλές διαδεδομένες υπηρεσίες όπου χρησιμοποιείται το CBC-HMAC σύστημα όπως: IPsec, ΙΕΕΕ 802.11i (CCMP), TLS πρωτόκολλο, ΙΕΕΕ P1619.1, SRTprotocol κ.τ.λ. Το Advanced Encryption Standard (AES) και το CBC-AES256 κρυπτογραφικό σύστημα βελτιστοποιήθηκαν όσο αφορά την ταχύτητα και τον παράγοντα area και υλοποιήθηκαν με pipeline τεχνική με την οποία, μπορούν να επεξεργάζονται ταυτόχρονα μέχρι και 7 διαφορετικά μηνύματα εισόδου. O μηχανισμός HMAC με pipeline αρχιτεκτονική βελτιστοποιήθηκε επίσης χρησιμοποιώντας ως κρυπτογραφικό πυρήνα τον SHA-256 αλγόριθμο. Το CBC-HMAC σύστημα εξομοιώθηκε πλήρως και ελέγχθηκε χρησιμοποιώντας τον προσομοιωτή ModelSim. Το εργαλείο σύνθεσης της VHDL υλοποίησης, στις FPGA τεχνολογίες (οικογένεια συσκευών Xilinx- Virtex) ήταν η μηχανή σύνθεσης LeonardoSpectrum. Το υλοποιημένο CBC-HMAC σύστημα σχεδιάστηκε με pipeline αρχιτεκτονική, με αποτέλεσμα να μπορεί να επεξεργάζεται ταυτόχρονα μέχρι και 11 διαφορετικά μηνύματα εισόδου και με εξαγωγή αποτελέσματος ανά 20 clk. Τα αποτελέσματα της σύνθεσης (Xilinx-VirtexE) είναι για τη συχνότητα 46.0 MHz και για το throughput 1177.6 Mbps. Αυτά δείχνουν ότι το υλοποιημένο σύστημα έχει αποδοτική συχνότητα και υψηλό ρυθμό εξυπηρέτησης (throughput) που είναι πολύ μεγαλύτερος σε σύγκριση με τη τυπική υλοποίηση του ιδίου συστήματος. / -

Κρυπτογράφηση

Ασφάλεια συστήματος

Πιστοποίηση

005.82

Cryptography

System security

Authentication

Graphical one-time password authentication

Alsaiari, Hussain

January 2016

Complying with a security policy often requires users to create long and complex passwords to protect their accounts. However, remembering such passwords appears difficult for many and may lead to insecure practices, such as choosing weak passwords or writing them down. One-Time Passwords (OTPs) aim to overcome such problems; however, most implemented OTP techniques require special hardware, which not only adds costs, but also raises issues regarding availability. This type of authentication mechanism is mostly adopted by online banking systems to secure their clients’ accounts. However, carrying around authentication tokens was found to be an inconvenient experience for many customers. Not only the inconvenience, but if the token was unavailable, for any reason, this would prevent customers from accessing their accounts securely. In contrast, there is the potential to use graphical passwords as an alternative authentication mechanism designed to aid memorability and ease of use. The idea of this research is to combine the usability of recognition-based and draw-based graphical passwords with the security of OTP. A new multi-level user-authentication solution known as: Graphical One-Time Password (GOTPass) was proposed and empirically evaluated in terms of usability and security aspects. The usability experiment was conducted during three separate sessions, which took place over five weeks, to assess the efficiency, effectiveness, memorability and user satisfaction of the new scheme. The results showed that users were able to easily create and enter their credentials as well as remember them over time. Eighty-one participants carried out a total of 1,302 login attempts with a 93% success rate and an average login time of 24.5 seconds. With regard to the security evaluation, the research simulated three common types of graphical password attacks (guessing, intersection, and shoulder-surfing). The participants’ task was to act as attackers to try to break into the system. The GOTPass scheme showed a high resistance capability against the attacks, as only 3.3% of the 690 total attempts succeeded in compromising the system.

005.8

Group-Based Authentication Mechanisms for Vehicular Ad-Hoc Networks

Riley, Marshall K

01 May 2010

Vehicular ad hoc networks (VANETs) provide opportunities to exchange traffic information among vehicles allowing drivers to not only adjust their routes but also prevent possible collisions. Due to the criticality of exchanged information, message authentication which will not expose the privacy of vehicles is required. The majority of current authentication schemes for VANETs depend primarily on public-key cryptography which brings extra overhead in terms of delay and requires infrastructure support for certificate verification. Symmetric-key based techniques can be more efficient, but they introduce significant key maintenance overheads. Herein, by considering the natural group behavior of vehicle communications, we propose an efficient and lightweight symmetric-key based authentication scheme for VANETs based on group communication. Expanding the protocol's flexibility, we also propose an extension which integrates certain benefits of asymmetric-key techniques. We analyze the security properties of our proposed schemes to show there applicability when there is little to no infrastructure support. In addition, the proposed protocol was implemented and tested with real-world vehicle data. Simulation results confirmed the efficiency in terms of delay with respect to other proposed techniques.

authentication

group-based communication

vehicular ad-hoc networks

Factors affecting the adoption of Internet banking in the Kingdom of Bahrain

Janahi, Yusuf M. A. M.

January 2016

The emergence of the Internet in business as a marketing tool and as a communication medium is one of the existing challenges for the banking industry. Because of this evolution, the banking industry has adopted Internet banking both for financial transactions and for the provision of information about products and services. Based on the ideas mentioned, this study aimed to examine the factors which may affect the intention to use Internet banking in the Kingdom of Bahrain with the following research objectives to be achieved: first, to identify the factors which affect the intention to use and adopt Internet banking in the Kingdom of Bahrain; second, to develop a model based on the identified factors that affect the intention to use Internet banking in the Kingdom of Bahrain; and third, to test the reliability and validity of the proposed model and find its implications on the intention to use and adopt Internet banking. In this study, five variables were initially chosen, namely, perceived privacy protection, perceived security protection, perceived trust, perceived information quality and perceived risks/benefits that may affect the intention to use Internet banking. Besides the five variables, two more variables were included: cultural dimension and biometric technology to measure a significant relationship with any of the five variables that might affect the intention of bank customers to use Internet banking in Bahrain. As a quantitative method of research, the study focused on assessing the co-variation among naturally occurring variables with the goal of identifying predictive relationships by using correlations or more sophisticated statistical techniques. In analysing the data, the descriptive statistics were used. In addition, construct reliability and discriminant validity tests were conducted and structural equation modelling were used to test the research model and verify the hypotheses. The cultural context has rarely been commented on in previous research, but as a result of taking this factor into account in addition to the more technical issues, a number of practical implications became evident for banking in Bahrain that may have applicability elsewhere in the Arab world. These include both a focus on relationship management as well as the need for additional levels of security through biometric fingerprinting to be implemented by banks wishing to increase the adoption of Internet banking amongst existing customers. These strategies also have potential to attract new market segments.

E-invigilation of e-assessments

Ketab, Salam

January 2017

E-learning and particularly distance-based learning is becoming an increasingly important mechanism for education. A leading Virtual Learning Environment (VLE) reports a user base of 70 million students and 1.2 million teachers across 7.5 million courses. Whilst e-learning has introduced flexibility and remote/distance-based learning, there are still aspects of course delivery that rely upon traditional approaches. The most significant of these is examinations. The lack of being able to provide invigilation in a remote-mode has restricted the types of assessments, with exams or in-class test assessments proving difficult to validate. Students are still required to attend physical testing centres in order to ensure strict examination conditions are applied. Whilst research has begun to propose solutions in this respect, they fundamentally fail to provide the integrity required. This thesis seeks to research and develop an e-invigilator that will provide continuous and transparent invigilation of the individual undertaking an electronic based exam or test. The analysis of the e-invigilation solutions has shown that the suggested approaches to minimise cheating behaviours during the online test have varied. They have suffered from a wide range of weaknesses and lacked an implementation achieving continuous and transparent authentication with appropriate security restrictions. To this end, the most transparent biometric approaches are identified to be incorporated in an appropriate solution whilst maintaining security beyond the point-of-entry. Given the existing issues of intrusiveness and point-of-entry user authentication, a complete architecture has been developed based upon maintaining student convenience but providing effective identity verification throughout the test, rather than merely at the beginning. It also provides continuous system-level monitoring to prevent cheating, as well as a variety of management-level functionalities for creating and managing assessments including a prioritised and usable interface in order to enable the academics to quickly verify and check cases of possible cheating. The research includes a detailed discussion of the architecture requirements, components, and complete design to be the core of the system which captures, processes, and monitors students in a completely controlled e-test environment. In order to highlight the ease of use and lightweight nature of the system, a prototype was developed. Employing student face recognition as the most transparent multimodal (2D and 3D modes) biometrics, and novel security features through eye tracking, head movements, speech recognition, and multiple faces detection in order to enable a robust and flexible e-invigilation approach. Therefore, an experiment (Experiment 1) has been conducted utilising the developed prototype involving 51 participants. In this experiment, the focus has been mainly upon the usability of the system under normal use. The FRR of those 51 legitimate participants was 0 for every participant in the 2D mode; however, it was 0 for 45 of them and less than 0.096 for the rest 6 in the 3D mode. Consequently, for all the 51 participants of this experiment, on average, the FRR was 0 in 2D facial recognition mode, however, in 3D facial recognition mode, it was 0.048. Furthermore, in order to evaluate the robustness of the approach against targeted misuse 3 participants were tasked with a series of scenarios that map to typical misuse (Experiment 2). The FAR was 0.038 in the 2D mode and 0 in the 3D mode. The results of both experiments support the feasibility, security, and applicability of the suggested system. Finally, a series of scenario-based evaluations, involving the three separate stakeholders namely: Experts, Academics (qualitative-based surveys) and Students (a quantitative-based and qualitative-based survey) have also been utilised to provide a comprehensive evaluation into the effectiveness of the proposed approach. The vast majority of the interview/feedback outcomes can be considered as positive, constructive and valuable. The respondents agree with the idea of continuous and transparent authentication in e-assessments as it is vital for ensuring solid and convenient security beyond the point-of-entry. The outcomes have also supported the feasibility and practicality of the approach, as well as the efficiency of the system management via well-designed and smart interfaces.

Enhanced usability, resilience, and accuracy in mobile keystroke dynamic biometric authentication

Alshanketi, Faisal

27 September 2018

With the progress achieved to this date in mobile computing technologies, mobile devices are increasingly being used to store sensitive data and perform security-critical transactions and services. However, the protection available on these devices is still lagging behind. The primary and often only protection mechanism in these devices is authentication using a password or a PIN. Passwords are notoriously known to be a weak authentication mechanism, no matter how complex the underlying format is. Mobile authentication can be strengthened by extracting and analyzing keystroke dynamic biometric from supplied passwords. In this thesis, I identified gaps in the literature, and investigated new models and mechanisms to improve accuracy, usability and resilience against statistical forgeries for mobile keystroke dynamic biometric authentication. Accuracy is investigated through cost sensitive learning and sampling, and by comparing the strength of different classifiers. Usability is improved by introducing a new approach for typo handling in the authentication model. Resilience against statistical attacks is achieved by introducing a new multimodal approach combining fixed and variable keystroke dynamic biometric passwords, in which two different fusion models are studied. Experimental evaluation using several datasets, some publicly available and others collected locally, yielded encouraging performance results in terms of accuracy, usability, and resistance against statistical attacks. / Graduate / 2019-09-25

Personal Identification Number

Authentication mechanisms

Biometric template

Multimodal schemes