The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Port knocking is a first technique introduces to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these services. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. This project proposes a new approach over the existing Port Knocking by employing...
Currently, most authentication system requires users to answer the CAPTCHA (Completely Automated Public Turing Test to Tell Computer and Human Apart) before gaining the system access. CAPTCHA is a standard security technology for distinguish between human and computer program automatically. The problem of using CAPTCHA is the difficulty of reading the text-based presentation, or interpreting the image-based...
An advanced threshold secret sharing scheme to identify cheaters is proposed in this paper by using authentication codes. The performance of the scheme is discussed. The results show that in the scheme the valid shareholders not only can identify the impersonation of an adversary, but also are able to detect cheating of some valid shareholders. In particular one honest shareholder is able to detect...
In recent years, there has been an increasing interest in the authentication process due to the key role that it has in the network security. Port Knocking (PKn) is an authentication method in which data transmits through the closed ports. This method is prone to attacks when attackers sniff the network. This paper proposes a new method which is called “Secure Port Knock-Tunneling” to eliminate both...
Protocols of user authentication are able to ensure the security of data transmission and users¡¦ communication over insecure networks. Among various authenticated mechanisms run currently, the password-based user authentication, because of its efficiency, is the most widely employed in different areas, such as computer networks, wireless networks, remote login, operation systems, and database management...
User authentication plays an important role to ensure that only authorized users can access resources. Kim et al. proposed a remote user authentication scheme based on the Rabin cryptosystem to resist well-known attack such as offline password guessing attack, unlimited online password guessing attack and server impersonation. In their scheme, a user will be issued a smart card for authentication,...
A technique of online face authentication has been proposed which may be used for the user identification. Pre processing of acquired image has been accomplished through consecutive steps viz. image reading and subsequent adjustment of illumination level and feature extraction from a certain portion of the clipped image to form a template. Provision for automatic uploading of the template through...
Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2010, Chang et al. proposed an improved biometrics-based user authentication scheme without concurrency system which can withstand the forgery attack, the off-line password guessing attack, the replay attack, etc. In this paper, we analyze...
In this paper, we propose a quantifiable accountability in wireless networks. We present two methods to evaluate the accountable logging of a network via the users' accepted overhead (called Q-Accountable Logging by Overhead), and P-Accountable Logging. Q-Accountable Logging by Overhead is introduced first time in this work, and P-Accountable Logging derives from our previous work P-Accountability.
The security of the electricity delivery system has received much attention recently with increasing focus on Smart Grids. While substations used to be protected by concrete walls and barbed wire, today the industry is getting worried about attacks over the communication infrastructure. In this paper, we analyse the primary threats and present a first cut of a security architecture. We suggest security...
Most networks require that their users have "identities", i.e. have names that are fixed for a relatively long time, unique, and have been approved by a central authority (in order to guarantee their uniqueness). Unfortunately, this requirement, which was introduced to simplify the design of networks, has its own drawbacks. First, this requirement can lead to the loss of anonymity of communicating...
Web based learning or e-learning is growing day by day. But the evaluation system is always questioned by the authority if it is conducted remotely. The questions mainly arise about the authenticity of the examinee and fairness during the examination. In this paper a biometric authentication and tracking system has been proposed. Here iris recognition is used as biometric authentication tool. The...
This paper describes the Web services security issues. A solution for routing messages based on Axis2 is proposed. The message's efficiency problem in the transmission process is solved by building a middleware. Using the rampart module of Axis2, web service security is realized.
With the rapid development of computer networks, network security has become a hot topic of concern to people, not just a simple network security threat network needs normal people, but also the pursuit of networking technology in innovative source of power. To address this issue, this article on network security solution to the problem definition and further discussion, and propose how to establish...
With the fast developments in computer and internet connections going through the world, the high-tech crime problem is also companying with it on the way. Hash-algorithm is, basically, a crypto-function that enables to output a short-string for any possible input digital strings. One of its applications is able to be used in the field of computer forensics to authenticate the completeness of digital...
Authentication and key agreement protocols are foundation for the security of distributed applications. In 2010, Yeh et al. proposed two authenticated key agreement protocols. The second protocol in Yeh et al. features user¡¦s anonymity. However, we found that the second scheme is vulnerable to replay attack, masquerade attack, and off-line password attack. In this paper, we first analyze Yeh et al...
The advances in network-enabled software development raises the demands on the service oriented architecture (SOA). Popular implementations of SOA uses XML-based representations, such as SOAP and WSDL, to enable remote function invocation and service discovery. Our previous experiences show that a sophisticated XML representation is often over-complex for a controlled environment. We also found that...
To solve the problem that the information of removable storage device can be easily disclosed and not be monitored effectively, a scheme of U disk remote monitoring system in trusted computing environment is proposed, which uses dual authentication technology to ensure that the users and removable storage device double-way reliable, it stores the cipher text of its internal documents to avoid being...
In online social networks (OSN), users' capabilities of accessing a resource depend on attributes they owning. Considering of privacy, authentication with attributes require the signer don't leak more information than the predicate over attributes involving. There're some works of attribute-based signatures (ABS) to satisfy this requirement, where users sign messages with their attributes issued from...
The brain wave is able to present biometric data unconsciously, so that it enables continuous or on-demand authentication which is effective in user management. In this paper, assuming an application to driver authentication, we evaluate verification performance of the brain wave using a simplified driving simulator. In addition, dividing the $\alpha$-$\beta$ band to several partitions, we propose...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.