Global ETD Search

131	Robust Remote Authentication Schemes with Smart Cards Chan, Yung-Cheng 14 July 2005 (has links) Due to low computation cost and convenient portability, smart cards are usually adopted to store the personal secret information of users for remote authentication. Although many remote authentication schemes using smart cards have been introduced in the literatures, they still suffer from some possible attacks or cannot guarantee the quality of performance for smart cards. In this thesis, we classify the security criteria of remote authentication and propose a new remote login scheme using smart cards to satisfy all of these criteria. Not only does the proposed scheme achieve the low computation requirement for smart cards, but it can withstand the replay and the off-line dictionary attacks as well. Moreover, our scheme requires neither any password table for verification nor clock synchronization between each user and the server while providing both mutual authentication and the uniqueness of valid cards. Information security Login Remote authentication Smart cards Cryptography
132	An Efficient Mutual Authentication for Mobile Communication Chen, Hsin-Yu 22 July 2005 (has links) Owing to the fast progress of mobile communication technologies and the ubiquity of mobile networks, users can communicate with each other anytime and anywhere as long as they carry their smart and tiny mobile phones. This convenient communication service is quite popular and gradually joins in the people¡¦s life. Nevertheless, lots of attacks, such as the men-in-the-middle attacks and the replay attacks, are seriously threatening the security of the mobile networks and affecting the quality of the service simultaneously. Many security mechanisms for mobile communication have been introduced in the literature. Among these mechanisms, authentication plays a very important role in the entire mobile network system and acts as the first defense against the attackers since it can ensure the correctness of the identities of communication entities before they engage in any other communication activities. Therefore, to guarantee the quality of this advanced service, an efficient (especially, user efficient) and secure authentication scheme is urgently desired. In this thesis, we will propose a robust authentication scheme for mobile communication systems. Not only does the proposed scheme achieve mutual authentication, but also it greatly reduces the computation and communication cost of mobile users as compared with the existing authentication schemes. Authentication protocols Secure communication Information security Symmetric cryptosystems Mobile communication
133	An Anonymous Authentication Protocol with Chargeability and Fair Privacy for Mobile Network Environments Huang, Shi-Ming 26 July 2006 (has links) Mobile network equipments are widely popularized and advanced mobile communication services are provided increasingly such that ubiquitous computing environments will come true soon. It is a pleasure for mobile users to work or get recreations in the mobile network environments. However, just as the cases in wireline environments, there are a lot of security threats to mobile network systems and their impact on the security is more serious than that in wireline environments owing to the feature of wireless transmissions and the ubiquity property in mobile network systems. The secret personal information, important data, or classified missives which mobile users carry may be stolen by malicious entities. In order to guarantee the quality of the advanced communication services, the security and privacy would be the important issues when mobile users roam to the mobile networks. In this thesis, an anonymous authentication protocol will be proposed to protect both the security of the mobile network system and the privacy of mobile users. Not only does the proposed scheme provide mutual authentication between each user and the system, but also the identity of each user can be kept secret against anyone else including the system. Although the users are anonymously authenticated by the system, it can still make correct bills to charge these anonymous users. Finally, our protocol also achieves the goal of fair privacy which allows the judge to be able to revoke the anonymity and trace the illegal users when they misused the anonymity property such as they committed crimes. Fair privacy Cryptography Mobile networks Ubiquitous computing Mutual authentication Anonymity
134	Design and Implementation of an Authentication and Authorization Framework for a Nomadic Service Delivery System Das, Devaraj 12 1900 (has links) Internet has changed our lives. It has made the true distributed computing paradigm a reality. It has opened up a lot of opportunities both in the research domain and in business domain. One can now think of developing software and make it available to the large community of users. Hyper Text Transfer Protocol (HTTP), which was originally developed for the purpose of requesting/transferring content (text, images, etc.), is now a standard for remotely invoking services and getting back results. The wireless technologies have also matured. 802.11 is the existing standard for wireless communication in a LAN environment. Today, even the small computers like the Personal Digital Assistants (PDA) is wireless enabled. This makes access to information and computing significantly much more convenient. Hotspot! server has been designed to provide connectivity and services in public places (called hotspots). It acts as a wireless Network Access Server (NAS) to users who want to obtain connectivity and services at public places. We believe that the primary applications that have importance and relevance in public places are Internet Access, and specific context-based or location specific services. These services are deployed by Internet Service Providers. Secure access is one of the primary concerns in public networks. We designed, developed and tested a framework for secure access to HTTP-based services through the Hotspot! server. Internet Access is a special case of a HTTP-based Proxy service. Computer and Information Science Network Security Authentication and Authorization Nomadic Service Delivery
135	Role-based access control and single sign-on for Web services Falkcrona, Jerry January 2008 (has links) <p>Nowadays, the need for sharing information between different systems in a secure manner is common, not only in the corporate world but also in the military world. This information often resides at different locations, creating a distributed system. In order to share information in a secure manner in a distributed system, credentials are often used to attain authorization.</p><p>This thesis examines how such a distributed system for sharing information can be realized, using the technology readily available today. Accounting to the results of this examination a basic system is implemented, after which the overall security of the system is evaluated. The thesis then presents possible extensions and improvements that can be done in future implementations.</p><p>The result shows that dynamic roles do not easily integrate with a single sign-on system. Combining the two technologies leads to several synchronization issues, where some are non-trivial to solve.</p> DACS Single signon RBAC Web services authentication Information technology Informationsteknologi
136	RFID security in door locks Samuel, David January 2008 (has links) <p>Radio frequency identification, RFID is a technology that is used in many fields including locks. The unlimited access to the reader and the transponder has resulted in severe security weaknesses and made it possible to apply different attacks. To classify door locks as secure they must at least fulfil two main criteria: the first is the use of a challenge-response authentication protocol and the second is to deploy sophisticated and secure algorithms.</p><p>MiFare classic and KeeLoq are two widely applied technologies that are still in use in many security critical applications and are considered to be secure but which have been broken by cryptanalysis and with modest efforts and cost.</p><p>How secure a certain solution is depends on how expensive it is to buy the equipment that can break the system and reveal the secret key and how secure a lock should be depends on the value of what it is protecting.</p><p>The dropping price of powerful computers and the availability of security related information on the web will lead to an increase of the number of attacks on different systems.</p><p>By the time this thesis is published those locks evaluated are not secure enough, to overcome the security shortage some improvements have to be made such as: the use of sophisticated algorithms, the use of longer key of at least 128-bit, the use of non-deterministic random number generators and the use of pure hardware solutions both in the receiver and the transmitter to reduce leakage.</p> RFID challenge-response encryption decryption authentication Computer science Datavetenskap
137	Device Sensor Fingerprinting : Mobile Device Sensor Fingerprinting With A Biometric Approach / Fingeravtryck i Mobila Enheter Karlsson, Anna January 2015 (has links) The number of connected devices connected to the Internet is growing rapidly. When talking about devices it also covers the ones not having any contact with humans. This type of devices are the ones that are expected to increase the most. That is why the field of device fingerprinting is an area that requires further investigation. This thesis measures and evaluates the accelerometer, camera and gyroscope sensor of a mobile device to the use as device fingerprinting. The method used is based on previous research in sensor identification together with methods used for designing a biometric system. The combination with long-proven methods in the biometric area with new research of sensor identification is a new approach of looking at device fingerprinting. device ﬁngerprinting sensor identiﬁcation computer security M2M authentication
138	Design, Testing and Implementation of a New Authentication Method Using Multiple Devices Cetin, Cagri 01 January 2015 (has links) Authentication protocols are very common mechanisms to confirm the legitimacy of someone’s or something’s identity in digital and physical systems. This thesis presents a new and robust authentication method based on users’ multiple devices. Due to the popularity of mobile devices, users are becoming more likely to have more than one device (e.g., smartwatch, smartphone, laptop, tablet, smart-car, smart-ring, etc.). The authentication system presented here takes advantage of these multiple devices to implement authentication mechanisms. In particular, the system requires the devices to collaborate with each other in order for the authentication to succeed. This new authentication protocol is robust against theft-based attacks on single device; an attacker would need to steal multiple devices in order to compromise the authentication system. The new authentication protocol comprises an authenticator and at least two user devices, where the user devices are associated with each other. To perform an authentication on a user device, the user needs to respond a challenge by using his/her associated device. After describing how this authentication protocol works, this thesis will discuss three different versions of the protocol that have been implemented. In the first implementation, the authentication process is performed by using two smartphones. Also, as a challenge, a QR code is used. In the second implementation, instead of using a QR code, NFC technology is used for challenge transmission. In the last implementation, the usability with different platforms is exposed. Instead of using smartphones, a laptop computer and a smartphone combination is used. Furthermore, the authentication protocol has been verified by using an automated protocol-verification tool to check whether the protocol satisfies authenticity and secrecy properties. Finally, these implementations are tested and analyzed to demonstrate the performance variations over different versions of the protocol. access control Authentication protocols mobile devices security verification Computer Sciences
139	Iterative block ciphers' effects on quality of experience for VoIP unicast transmissions under different coding schemes Epiphaniou, Gregory January 2010 (has links) Issues around Quality of Service (QoS) and security for Voice over IP (VoIP) have been extensively investigated separately, due to the great attention this technology currently attracts. The specific problem this work addresses centres upon the selection of optimal parameters for QoS and security for VoIP streams integrating both network impairments and user perception metrics into a novel empirically-driven approach. Specifically, the simulation model seeks the optimal parameters in terms of variable VoIP payloads, iterative block ciphers, codecs and authentication mechanisms to be used, so that optimum tradeoff between a set of conflicting factors is achieved. The model employs the widely used Transmission Rating Factor, R, as the methodology to predict and measure the perceived QoS based on current transmission and network impairments. The R factor is then used to map perceived QoS to the corresponding Mean Opinion Score value, which gives the average estimation of perceived voice quality (Quality of Experience). Furthermore, a genetic algorithm (GA) has been developed that uses the output from the simulation model as an input into an offline optimisation routine that simultaneously maximises the VoIP call volumes and the Level of Encryption (LoE) per call basis, without degrading the perceived quality of service under a specific threshold as dictated by the R factor. The solutions reflect the optimum combination of parameters for each codec used and due to the small size of the search space the actual speed of GA has been validated against an exhaustive search algorithm. The results extracted from this study demonstrate that under strict and pre-defined parameters the default payload size supported by the codecs is not the optimal selection in terms of call volume maximisation and perceived QoS when encryption is applied. 621.382
140	Digital Signature : Comparative study of its usage in developed and developing countries Thangavel, Jayakumar January 2014 (has links) The online trading is growing widely day by day, which makes safety the biggest concern while carrying out trading by electronic means. As many other operations can be done with digital environment and internet, operation that provides identity validation should also be added to the digital environment. When data are transferred, the user should make sure that there are no changes in the original data while transferring them from sender to receiver. And it has also become necessary to authenticate the users often to ensure security and to avoid fraud. There are lot of different ways of online identification, in which digital signature is considered to be one of the powerful way of authentication. So, the online user use digital signature to authenticate the sender and to maintain the integrity of the document sent. In this paper, a study is carried out to identify the usage of digital signature and the perspective of people towards it in developed and developing countries and a survey is taken to support the theory. Digital signature Cryptography Authentication Public Key Cryptography Comparative study

Search results