The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper introduces security modules for IoT frameworks. Many IoT legacy infrastructures use the TLS/DTLS protocols for communication security. Security modules are tamper resistant microcontrollers implementing open TLS/DTLS applications, with small memory footprint (less than 30KB) and modest RAM sizes (<1KB), and which perform strong mutual authentications based on symmetric or asymmetric...
Web identity schemes suffer from weak authentication and low trust, while company-granted identities are trusted but inflexible. Users either have trusted identities which they cannot control, or they control identities which are entirely untrusted. To resolve this dichotomy, the Independently Verifiable Identity Scheme (IVIS) is proposed, which draws trust for verification of user-provided personal...
WebRTC provides web calling services by enabling communication between browsers in a P2P fashion. To achieve security and enhance user privacy it is essential to define the level of trust between the various entities involved in WebRTC security architecture. The existing P2P trust models are not directly applicable as the characteristics of browser to browser communication are not taken into account...
Context Integrity Measurement Architecture (CIMA) was inspired by risk assessments used by credit card companies. These assessments flag excursions from “normal” or “typical” behavior. If an excursion exceeds some threshold level, the card companies require additional proof of identity before allowing a transaction to proceed. CIMA generalizes this idea to measure excursions from physical and/or logical...
Therapidly expanding use of the Internet for individual-driven needs coupled with the emergence of IoT devices calls for an identity management solution that opens-up closed systems to qualify users and devices securely anywhere on the Internet. This paper attempts to provide an objective overview of a user-centric identity and access management solution for securing the IoT devices that can help...
The digital identity is the representation of an active entity (Person, actor), it's used by most systems to allow access to resources. When users are involved in many domains they should hardly remember a lot of authentication criterions for every access. They exist many identity management systems that aim to solve the issues in relation with digital identity. However, the problem of identification...
The study focuses on presenting a review on the various biometric authentication mechanisms in the cloud computing environment. Cloud Computing is used to deliver computing Services over the internet and is used to store data in cloud servers. Due to the sharing of services, privacy and data security have become a major area of concern in cloud computing. The cloud service providers store and maintain...
Professionals entering the information security field need new models to manage user reactions to the loss of control over their digital identities. Escalations in authentication technologies like behavioral blocks and biometric data breaches are reducing the user's control over the management of their digital identities. Simultaneously, users are becoming more digitally dependant regarding financial...
The personal cloud, a virtual compute instance controlled by an individual, is becoming inevitable. We believe that the current interoperability and communications evolution will drive the adoption of personal clouds. In order to provide personal cloud interoperability, we propose an end to end authentication mechanism based on JSON Web Tokens (JWT) and the blockchain. JWTs are a standardized container...
The evolution of Internet of Things (IoT) is changing traditional perceptions of the current Internet towards a vision of smart objects interacting with each other. Wireless Sensor Networks play an important role and support different applications domains in the IoT environment. However, security issues are the major obstacle for their deployment. Among these issues, authentication of the different...
In this paper, we formulate the basic requirements for the novel security architecture and introduce provable experience authentication factor of the mobile device which is dual with respect to the “social network” authentication factor of the user. A method of multi-factor authentication of the device is proposed which allows effective blocking of clones in cellular networks and doesn't require any...
The strong development of the Internet of Things (IoT) is changing traditional perceptions of the current Internet towards a vision of smart objects interacting with each other. In this vision e-health applications are one of the most promising applications in IoT. However, security issues are the major obstacle for their deployment. Among these issues, authentication of the different interconnected...
The users need identity authentication before entering virtual lab and that needs to respectively set up users information management mechanism, this paper analyzes and designs uniform identity authentication and concentrating information management. Then, we analyze functional requirement of virtual laboratory platform, discusses uniform identity authentication module of virtual laboratory in detail...
Online transactions require a fundamental relationship between users and resource providers (e.g., retailers, banks, social media networks) built on trust; both users and providers must believe the person or organization they are interacting with is who they say they are. Yet with each passing year, major data breaches and other identity-related cybercrimes become a daily way of life, and existing...
The role of cloud computing in today's world of globalization has seen major contribution for application development and deployment. Many enterprise see cloud computing as a platform for organizational and economic benefit. Cloud computing offers many businesses a new way of accessing computing services. Nevertheless, this has also exposed the organizations to a range of risks which they are unaware...
WebRTC brings a wide range of possibilities to corporate communications. Nevertheless, the Web nature of this disruptive technology makes it necessary to deeply study its integration into the protected, closed corporate networks. In particular, Identity Management (IdM) in WebRTC communications should comply with each enterprise’s security and privacy policies. We discuss the key differences between...
The rapid growth in the field of Cloud Computing introduces a myriad of security hazards to the information and data. Data outsourcing relieves the responsibility of local data storage and maintenance, but introduces security implications. A third party service provider, stores and maintains data, application or infrastructure of cloud user. Auditing methods and infrastructures in cloud play an important...
The Internet of Things (IoT) becomes reality. But its restrictions become obvious as we try to connect solutions of different vendors and communities. Apart from communication protocols appropriate identity management mechanisms are crucial for a growing IoT. The recently founded Identities of Things Discussion Group within Kantara Initiative will work on open issues and solutions to manage “Identities...
The US National Institute of Standards and Technology's highly visible work in four key areas--cryptographic standards, role-based access control, identification card standards, and security automation--has and continues to shape computer and information security at both national and global levels. This article is part of a special issue on NIST contributions to IT.
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.