Top PDF An Authentication mechanism for stateless communication

An Authentication mechanism for stateless communication

An Authentication mechanism for stateless communication

Authentication is a security mechanism that allows systems to identify the user as a reg- istered user by proving information to proof the user is who he/she claims to be. There are different authentication mechanisms based on biometrics, usernames-password, certifi- cates, tokens, etc. One of the most common mechanism is the combination of username and password. However, having this approach isolated from other security issues has lead to many attacks, forcing security experts and developers to find other robust and enhanced mechanisms. Some alternatives are HTTP-based authentication (basic, digest) by using HTTP headers. Other modern approaches have been implemented such as two-factor au- thentication, or password-less mechanisms.
Show more

47 Read more

Key Management Mechanism and Authentication Impact on Network Layers

Key Management Mechanism and Authentication Impact on Network Layers

ABSTRACT : A smart grid is a generic label of integrated networks that consists of many subsystems for the application of computer intelligence and networking abilities, all working together as a system of systems, which can be attacked remotely. Hence security has been identified as the most challenging issues in SG development, and designing a smart grid server that consist of gridlets, machines and resources with the impact of network attack on the it is the first important step. Later it is followed by attack identification and mutual authentication scheme of PKI. The existing system provides security to the authentication server using PKI infrastructure mechanism by utilizing an initial password to the registered users in SG. PKI uses identity based scheme (public key distribution scheme) for generation of complex values of every users after validation. We propose an efficient key management protocol based on enhanced identity-based cryptography with multicast key mechanism and enhanced its security via EAP based unified key management function across multiple protocols within the same communication layer. The proposed mechanisms are capable of preventing various attacks. The improved efficiency for key management and EAP is carried by refreshing all public/private key pairs as well as multicast keys using encryption/decryption by the key generator entity. Finally security achieved and performance analyses are calculated to demonstrate the beneficial impact of proposed system against existing one.
Show more

8 Read more

Adaptive authentication and key agreement mechanism for future cellular systems

Adaptive authentication and key agreement mechanism for future cellular systems

In this paper an adaptive authentication and key distribution protocol (AAKA) was presented that can be applied in future mobile communication systems. AAKA is a challenge response protocol that uses symmetric and/or public key cryptography for user and network authentication. The novelty of AAKA and its main advantage over other challenge response protocols is that can be adaptive to the mobile environment. For example, when a customer registers for the first time in a serving network an authentication type (AT) can be assigned based on the level of security he/she requested. In AAKA we have defined two types of authentication; authentication using public key encryption and authentication using symmetric key encryption. Authentication using public key schemes requires several crypto-processors embedded to mobile devices for public key complex computations. However, when a subscriber has assigned authentication with public key encryption the VLR/SGSN still can use symmetric encryption if the network is overloaded at the time of AAKA. The additional information in RAND informs VLR/SGSN whether symmetric or public key encryption will be used in AAKA.
Show more

5 Read more

A Novel Smart Card based Remote User Authentication Mechanism

A Novel Smart Card based Remote User Authentication Mechanism

Based on various comprehensive surveys on password-based remote user authentication schemes, we see that most of the remote user authentication schemes that are password-based are impractical due to the fact that they are either very expensive in terms of computation or are susceptible to different security attacks. In [1], Das et.al proposes a dynamic ID and password-based remote user authentication scheme that uses smart cards, and incorporates the use of hash function and XOR operations. Ever since, numerous researchers have proposed improved authentication protocols. This was done in order to eliminate the weaknesses in the previous authentication protocols such as [2], [3], and [4]. These weaknesses are dealt with in the following studies; according to [5] we see a dynamic ID-based authentication scheme that has key agreement using symmetric cryptology. This scheme endeavors to deal with the security flaws and weaknesses of [2]. They incorporated a Session key in order to create a more secure channel for communication. In [6] Li et al. assert that their scheme resisted masquerading attacks and avoided the leaking of information. However, [7], pointed out that [6] was not entirely secure, since it leaked partial information about the communication party’s secret parameters and any attacker would be able to access the leaked information to deduce session keys .In [8], a secure remote user authentication scheme was proposed that is also password-based was introduced. However, their scheme uses Elliptic curve cryptography and hash functions. Due to this fact, their scheme is too costly and thus not feasible.
Show more

5 Read more

Dynamic Confidentiality Authentication at Multi Hop Communication

Dynamic Confidentiality Authentication at Multi Hop Communication

According to literature survey we came to know that there are certain constraints and limitations of the existing system. In existing systems hop to hop communication in wireless sensor network considered to provable for vulnerability of data transfer. Due to hop to hop communication increased cost for packet transmission.Existing system uses security mechanism as node to node authentication among network resourcesHop to hop identity of intermediate node compromise security threats. To avoid security threat they uses digital signature authentication at node level for communication or packet transmission. In existing system message transmission is done through all neighbors between source and destination nodes, which result in over hearing and increase overhead between nodes.
Show more

5 Read more

A Secure SCAM (Smart Card based Authentication Mechanism)

A Secure SCAM (Smart Card based Authentication Mechanism)

It is proved that the scheme withstands impersonation attack, password guessing attack, replay attack, reflection and parallel session attacks, insider attack and stolen verifier attack. Further, it permits users to choose and alter their passwords freely, provides mutual authentication, early wrong password detection and secure session key establishment. The performance of both Tsai et al.'s scheme and our proposed SCAM has been analyzed in terms of numerous metrics. It is clear that the proposed SCAM is more robust and secure as compare to Tsai et al.'s scheme. For a large network where clock synchronization is hard to achieve, a nonce based scheme is additionally offered. The proposed schemes are better fitted to resource constrained devices and might be simply extended to numerous applications like multi-server authentication, Internet protocol television broadcasting, wireless communication and healthcare applications.
Show more

6 Read more

Vehicular Ad Hoc Networks Authentication Mechanism

Vehicular Ad Hoc Networks Authentication Mechanism

Vehicular ad hoc networks have been attracted increasing attention from both industry and academia [1]. The major components of vehicular ad hoc networks are the wireless on- board unit (OBU), the roadside unit (RSU), and the authentication server (AS). OBUs are installed in vehicles to provide wireless communication capability, while RSUs are deployed on intersections or hotspots as an infrastructure to provide information or access to the Internet for vehicles within their radio coverage. The AS is responsible for installing the secure parameters in the OBU to authenticate the user. Based on IEEE 802.11p, the dedicated short range com-munication system [2] supports two kinds of communication environments: vehicle-to-infrastructure (V2I) and vehicle-to-vehicle (V2V) communications.
Show more

8 Read more

Study of Prediction Based Authentication for Vehicle to Vehicle Communication

Study of Prediction Based Authentication for Vehicle to Vehicle Communication

 Timely authentication: With the authentication mechanism receivers can ensure that a message was sent by a valid vehicle and it has not been modified during the transmission. Furthermore, timely signature verification is essential since each message has an expiration time by which the receiver should verify it. In VANETs, single-hop relevant applications usually have a shorter deadline.  Non-repudiation:The property of non-repudiation allows a receiver to prove to a third party that the

7 Read more

Defended Data Communication in VANET Using Dual Authentication

Defended Data Communication in VANET Using Dual Authentication

Many techniques are available in the VANET for concerning for improving security and faced the attacks. In this paper, the vehicle secret key (VSK) is the main mechanism of authenticating the vehicles. This technique is mainly responsible for the communication from one vehicle to another vehicle or one vehicle to RSUs while they entering into the VANET environment. By using this to improve the security and safety measures. In order to evaluate this technique can be performed by two times. By the first time, it is performed on vehicle side and on the other hand the authentication is performed in trusted authority side. So the intruder has no possibility to enter into the VANET environment. In trusted authority side, the security performance is enhanced by obtaining by the hash code. These hash code (HC) are generated by the vehicles by using VSK on the other hand, the security performance is obtaining by fingerprint in vehicle. At the time of registration, the fingerprint is verified by the user. The main purpose of the dual authentication technique is that the intruder cannot enter into the VANET communication because they were not register their fingerprint and also they cannot have VSK of particular vehicle.
Show more

6 Read more

Improved High Definition Multimedia Interface Authentication Mechanism

Improved High Definition Multimedia Interface Authentication Mechanism

The issue of content protection is as a result of the introduction of the HDMI standard which is used in digital communication of high definition content. Content providers involved in the traditional analogue communica- tion methods experienced problems in analogue hole in which it allowed attackers to gain access to content without any restriction. Content providers utilized the opportunity of the introduction of a new standard to era- dicate the analogue hole, and hence Intel Cooperation decided to include a content protection scheme as part of the new standard [1] [2].

9 Read more

A Secure Authentication mechanism for Wireless Sensor Networks

A Secure Authentication mechanism for Wireless Sensor Networks

Authentication: It ensures that the entities involved in the communication are authenticated prior to the transmission of messages. The data and information should not b e available to the unauthorized no des. Only the authorized or registered no des should b e given available resources. Sensor nodes, Base station and cluster heads should b e authenticated through a proper mechanism to avoid a number of attacks possible such as impersonation attack, man in the middle attack, information theft etc. Authentication mechanism ensures that the control information or data is originated from the correct source as well as received by authenticated node [6],[7].
Show more

7 Read more

Transitive Trust Extended Authentication Mechanism
          in Wireless Sensor Networks

Transitive Trust Extended Authentication Mechanism in Wireless Sensor Networks

• Since the communication range of the radio present in each node is short, the nodes usually employ a multi hop transmission pattern to propagate the information to the base station. This means that each node while acting as a data source for detection and sensing, also needs to act as a relay station for the data being propagated to the base station. As a result, the nodes very close to the base station deplete their power quickly because every such multi hop route needs to go through them inadvertently.

5 Read more

Attack Resistant User Authentication using Visual Verification Mechanism

Attack Resistant User Authentication using Visual Verification Mechanism

A recognition-based scheme requires identifying among decoys the visual objects belonging to a password portfolio. A typical scheme is Passfaces [2] wherein a user selects a portfolio of faces from a database in creating a password. During authentication, a panel of candidate faces is presented for the user to select the face belonging to her portfolio. This process is repeated several rounds, each round with a different panel. A successful login requires correct selection in each round. The set of images in a panel remains the same between logins, but their locations are permuted. Story is similar to Passfaces but the images in the portfolio are ordered, and a user must identify her portfolio images in the correct order. Deja Vu is also similar but uses a large set of computer generated “random-art” images. Cognitive Authentication [5] requires a user to generate a path through a panel of images as follows: starting from the top-left image, moving down if the image is in her portfolio, or right otherwise. The user identifies among decoys the row or column label that the path ends. This process is repeated, each time with a different panel. A successful login requires that the cumulative probability that correct answers were not entered by chance exceeds a threshold within a given number of rounds.
Show more

7 Read more

BioSmart: An advanced user authentication mechanism on touch screen devices

BioSmart: An advanced user authentication mechanism on touch screen devices

smart mobile devices for storing sensitive information and accessing online services is increasing nowadays. At the same time, methods for authenticating users into their devices and online services should not only be secure, but also should provide increased privacy and user-friendliness. Biometrics is an efficient and accurate way to provide user authentication. But unimodal biometrics suffers from many different types of security problems. In this paper, multi modal biometric is used to secure smart mobile devices.A combination of physiological and behavioral biometrics is used to implement the proposed system. Lock pattern dynamics which is a secure and user friendly two factor authentication method is used as the first technique in authentication. This technique incorporates biometric feature by measuring the speed at which the lock pattern is drawn, which is unique to an individual. In order to reduce the false rejection rate, an additional face recognition technology is also incorporated. Here, face is captured using the inbuilt camera of the device, thus avoiding the use of expensive biometric capturing devices, which is the major disadvantage of most of the biometric systems. It is shown that the combination of lock pattern dynamics and face recognition improves the security of devices than traditional unimodal biometric systems and at the same time, provides better usability. The proposed system achieves an equal error rate of approximately 2.93, meaning that multimodal biometrics technique can be used to authenticate users into their devices in a highly efficient and secure manner.
Show more

6 Read more

A Lightweight Authentication and Key Sharing Protocol for Satellite Communication

A Lightweight Authentication and Key Sharing Protocol for Satellite Communication

A large number of authentication and key exchange protocols have been proposed to be used for different applications. Article [2] provides a brief survey of different types of well-known authentication protocols. For satellite application, authors in [3] first presented an authentication system for satellite networks in 1996 using a combination of Public key cryptography (PKC) and secret key cryptography, which is considered inefficient due to higher computational cost. Then an authentication protocol was proposed based on secret key cryptography by authors in [4]. However, their scheme later proved insecure and inefficient because of being vulnerable against the stolen-verifier attack and lacking perfect forward secrecy by [5]. Authors in [5] also proposed a hash- chain-based authentication which uses Diffie-Hellman key exchange for the new session key generation as an improvement. However, their scheme is suspected to impersonation attacks and also user’s privacy is not kept confidential. A self-verification authentication protocol (CLC) was later proposed by [6], which claimed to eliminate PKI complexity. Based on CLC, later few more schemes were proposed [7]–[9]. The article [10] provides a survey of protocols proposed for satellite applications and highlights the pros & cons of them.
Show more

8 Read more

SECURE COMMUNICATION BASED ON AUTHENTICATION TECHNIQUES USING NIDS.

SECURE COMMUNICATION BASED ON AUTHENTICATION TECHNIQUES USING NIDS.

Data Security is a challenging issue in the field of data communications. For securing information from hackers and crackers, authentication is the major phase in network security. It is a concept to protect network and data transmission over wired as well as wireless networks. Authentication is one of the primary techniques of ensuring that the person who is transmitting the information is whom he says he is. It is thus the process of determining the actual identity of users, systems or any other entity in network. To verify someone's identity, password is mostly used. To authenticate user or machines, different techniques can be used to perform authentication between user and machine or machine and another machine too.
Show more

9 Read more

Secure Communication Based On Authentication Techniques Using NIDS

Secure Communication Based On Authentication Techniques Using NIDS

Ever increasing demand of good quality communication relies heavily on Network Intrusion Detection System (NIDS). Intrusion detection for network security demands high performance. Network Intrusion detection system can be described as the process of identifying and taking necessary actions against malicious activities targeted to network and computing resources. A network intrusion detection system should continuously monitor the traffic crossing the network and compare with a previously known set of malicious activities or look for statistical deviation of the system under surveillance from its normal behavior. Aim of network security is to protect the device from unauthorized and potentially harmful activities such as denial of service attacks (forcing the targeted computers to reset or to consume its resources so that it is not able to provide the intended service), port scans or attempt to crack into computers by monitoring network traffic. Network connected devices are very often susceptible to exploitation. The Intrusion detection system (abbreviated as IDS) placed in the network should be able to sense the unusual activity and alert the administrators.
Show more

9 Read more

Authentication and Access Control for Cloud Computing Using RBDAC Mechanism

Authentication and Access Control for Cloud Computing Using RBDAC Mechanism

The Proposed trust models used for owners and roles in RBDAC systems which are using cryptographic RBDAC schemes to secure stored data.. R ELATED WORK.[r]

7 Read more

AuthFlow: Authentication and Access Control Mechanism for Software Defined Networking

AuthFlow: Authentication and Access Control Mechanism for Software Defined Networking

Figure 2 stands for the state diagram of the access con- trol mechanism of AuthFlow. In Figure 2, a host is always represented by a tuple (MAC ,port), where MAC is the MAC address of the host and port is where the host is connected to the ingoing switch. The figure summarizes the authentication process. A host joining the network is initially in Nonauthenticated state and all traffic generated or addressed to this host is dropped, except for Ethernet traffic with type set to 0x888E (IEEE 802.1X). IEEE 802.1X traffic is forwarded from host to the Authenticator as a multicast flow and, in the opposite direction, it is forwarded as unicast flows, as the Authenticator learns the MAC address of the Supplicant host after receiving the first packet of IEEE 802.1X. As soon as the host starts, it also starts the authentication procedure by sending the start message. A state change of the host to Pending ensues. In Pending state, all traffic of the host is still being dropped, but host is awaiting confirmation from the Authenticator to POX of the success of its authentica- tion and what credentials were used for authentication. As authentication is successfully confirmed, POX moves the host to the Authenticated state. In this state, our application running over POX releases access to network resources that the host is allowed to, according to its credentials. Nevertheless, when there is traffic to the host, POX checks whether traffic is in accordance with the policies related to host credentials. If policies are consistent with the use of the network, the host is moved to Authorized state and accesses network resources according to its privileges and policies.
Show more

7 Read more

Multilayer Authentication for  Communication Systems Based on  Physical Layer Attributes

Multilayer Authentication for Communication Systems Based on Physical Layer Attributes

networks are composed of a wired, packet-switched, backbone network, and a wireless network. The wireless network is organized into geographically defined cells, with a control point called a base-station (BS) in each of these cells. The base-stations are also directly connected to the wired network, routing packets between the wireless and the backbone network. In these networks, a mobile host (MH) receives data from a fixed host (FH) via internet routed through the BS of the cell that it is stationed in and vice-versa. Due to the movement of the MH between wireless cells, the task of securing the data transmission between the wired network and the mobile host has received a significant amount of research attention by addressing the security weaknesses of wireless systems and networks. In fact, the security in these particular networks is traditionally addressed on the upper layers of protocol stack through cryptography and IPSec which bring on an unprotected communications envi- ronment at the physical-layer. In addition, these upper layer security protocols run into an isolated environment from the physical-layer, while in the upper layer security there are many unique attributes that can be exploited, which lead to wireless networks with strong end-to-end security properties. The physical layer authentication has been formulated as binary hypothesis testing by exploiting the unique attributes related to the signal propa- gation environment such as, received signal strength (RSS) [1] and the channel state information (CSI) [2]. In- deed, the performance of these attributes is limited by the communication’s noise as well as the channel stability, therefore, investigation on channel characteristics such as, the channel frequency response (CFR) has been con- ducted in [3], while considering the mobility of wireless terminals and/or the multiple antennas. It is noteworthy that, the physical layer authentication based on the CFR is suffering from
Show more

13 Read more

Show all 10000 documents...