Search results for: personal authentication
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 2461

Search results for: personal authentication

2461 Feature Selection of Personal Authentication Based on EEG Signal for K-Means Cluster Analysis Using Silhouettes Score

Authors: Jianfeng Hu

Abstract:

Personal authentication based on electroencephalography (EEG) signals is one of the important field for the biometric technology. More and more researchers have used EEG signals as data source for biometric. However, there are some disadvantages for biometrics based on EEG signals. The proposed method employs entropy measures for feature extraction from EEG signals. Four type of entropies measures, sample entropy (SE), fuzzy entropy (FE), approximate entropy (AE) and spectral entropy (PE), were deployed as feature set. In a silhouettes calculation, the distance from each data point in a cluster to all another point within the same cluster and to all other data points in the closest cluster are determined. Thus silhouettes provide a measure of how well a data point was classified when it was assigned to a cluster and the separation between them. This feature renders silhouettes potentially well suited for assessing cluster quality in personal authentication methods. In this study, “silhouettes scores” was used for assessing the cluster quality of k-means clustering algorithm is well suited for comparing the performance of each EEG dataset. The main goals of this study are: (1) to represent each target as a tuple of multiple feature sets, (2) to assign a suitable measure to each feature set, (3) to combine different feature sets, (4) to determine the optimal feature weighting. Using precision/recall evaluations, the effectiveness of feature weighting in clustering was analyzed. EEG data from 22 subjects were collected. Results showed that: (1) It is possible to use fewer electrodes (3-4) for personal authentication. (2) There was the difference between each electrode for personal authentication (p<0.01). (3) There is no significant difference for authentication performance among feature sets (except feature PE). Conclusion: The combination of k-means clustering algorithm and silhouette approach proved to be an accurate method for personal authentication based on EEG signals.

Keywords: personal authentication, K-mean clustering, electroencephalogram, EEG, silhouettes

Procedia PDF Downloads 285
2460 Cryptography Based Authentication Methods

Authors: Mohammad A. Alia, Abdelfatah Aref Tamimi, Omaima N. A. Al-Allaf

Abstract:

This paper reviews a comparison study on the most common used authentication methods. Some of these methods are actually based on cryptography. In this study, we show the main cryptographic services. Also, this study presents a specific discussion about authentication service, since the authentication service is classified into several categorizes according to their methods. However, this study gives more about the real life example for each of the authentication methods. It talks about the simplest authentication methods as well about the available biometric authentication methods such as voice, iris, fingerprint, and face authentication.

Keywords: information security, cryptography, system access control, authentication, network security

Procedia PDF Downloads 470
2459 Adaptive Auth - Adaptive Authentication Based on User Attributes for Web Application

Authors: Senthuran Manoharan, Rathesan Sivagananalingam

Abstract:

One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.

Keywords: authentication, adaptive authentication, machine learning, security

Procedia PDF Downloads 248
2458 A Study on User Authentication Method Using Haptic Actuator and Security Evaluation

Authors: Yo Han Choi, Hee Suk Seo, Seung Hwan Ju, Sung Hyu Han

Abstract:

As currently various portable devices were launched, smart business conducted using them became common. Since smart business can use company-internal resources in an external remote place, user authentication that can identify authentic users is an important factor. Commonly used user authentication is a method of using user ID and Password. In the user authentication using ID and Password, the user should see and enter authentication information him or herself. In this user authentication system depending on the user’s vision, there is the threat of password leaks through snooping in the process which the user enters his or her authentication information. This study designed and produced a user authentication module using an actuator to respond to the snooping threat.

Keywords: actuator, user authentication, security evaluation, haptic actuator

Procedia PDF Downloads 346
2457 Post-Quantum Resistant Edge Authentication in Large Scale Industrial Internet of Things Environments Using Aggregated Local Knowledge and Consistent Triangulation

Authors: C. P. Autry, A. W. Roscoe, Mykhailo Magal

Abstract:

We discuss the theoretical model underlying 2BPA (two-band peer authentication), a practical alternative to conventional authentication of entities and data in IoT. In essence, this involves assembling a virtual map of authentication assets in the network, typically leading to many paths of confirmation between any pair of entities. This map is continuously updated, confirmed, and evaluated. The value of authentication along multiple disjoint paths becomes very clear, and we require analogues of triangulation to extend authentication along extended paths and deliver it along all possible paths. We discover that if an attacker wants to make an honest node falsely believe she has authenticated another, then the length of the authentication paths is of little importance. This is because optimal attack strategies correspond to minimal cuts in the authentication graph and do not contain multiple edges on the same path. The authentication provided by disjoint paths normally is additive (in entropy).

Keywords: authentication, edge computing, industrial IoT, post-quantum resistance

Procedia PDF Downloads 197
2456 NFC Communications with Mutual Authentication Based on Limited-Use Session Keys

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 430
2455 Cryptanalysis of ID-Based Deniable Authentication Protocol Based On Diffie-Hellman Problem on Elliptic Curve

Authors: Eun-Jun Yoon

Abstract:

Deniable authentication protocol is a new security authentication mechanism which can enable a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. In 2013, Kar proposed a secure ID-based deniable authentication protocol whose security is based on computational infeasibility of solving Elliptic Curve Diffie-Hellman Problem (ECDHP). Kar claimed that the proposed protocol achieves properties of deniable authentication, mutual authentication, and message confidentiality. However, this paper points out that Kar's protocol still suffers from sender spoofing attack and message modification attack unlike its claims.

Keywords: deniable authentication, elliptic curve cryptography, Diffie-Hellman problem, cryptanalysis

Procedia PDF Downloads 331
2454 Protecting the Privacy and Trust of VIP Users on Social Network Sites

Authors: Nidal F. Shilbayeh, Sameh T. Khuffash, Mohammad H. Allymoun, Reem Al-Saidi

Abstract:

There is a real threat on the VIPs personal pages on the Social Network Sites (SNS). The real threats to these pages is violation of privacy and theft of identity through creating fake pages that exploit their names and pictures to attract the victims and spread of lies. In this paper, we propose a new secure architecture that improves the trusting and finds an effective solution to reduce fake pages and possibility of recognizing VIP pages on SNS. The proposed architecture works as a third party that is added to Facebook to provide the trust service to personal pages for VIPs. Through this mechanism, it works to ensure the real identity of the applicant through the electronic authentication of personal information by storing this information within content of their website. As a result, the significance of the proposed architecture is that it secures and provides trust to the VIPs personal pages. Furthermore, it can help to discover fake page, protect the privacy, reduce crimes of personality-theft, and increase the sense of trust and satisfaction by friends and admirers in interacting with SNS.

Keywords: social network sites, online social network, privacy, trust, security and authentication

Procedia PDF Downloads 381
2453 Proactive WPA/WPA2 Security Using DD-WRT Firmware

Authors: Mustafa Kamoona, Mohamed El-Sharkawy

Abstract:

Although the latest Wireless Local Area Network technology Wi-Fi 802.11i standard addresses many of the security weaknesses of the antecedent Wired Equivalent Privacy (WEP) protocol, there are still scenarios where the network security are still vulnerable. The first security model that 802.11i offers is the Personal model which is very cheap and simple to install and maintain, yet it uses a Pre Shared Key (PSK) and thus has a low to medium security level. The second model that 802.11i provide is the Enterprise model which is highly secured but much more expensive and difficult to install/maintain and requires the installation and maintenance of an authentication server that will handle the authentication and key management for the wireless network. A central issue with the personal model is that the PSK needs to be shared with all the devices that are connected to the specific Wi-Fi network. This pre-shared key, unless changed regularly, can be cracked using offline dictionary attacks within a matter of hours. The key is burdensome to change in all the connected devices manually unless there is some kind of algorithm that coordinate this PSK update. The key idea of this paper is to propose a new algorithm that proactively and effectively coordinates the pre-shared key generation, management, and distribution in the cheap WPA/WPA2 personal security model using only a DD-WRT router.

Keywords: Wi-Fi, WPS, TLS, DD-WRT

Procedia PDF Downloads 233
2452 Decentralised Edge Authentication in the Industrial Enterprise IoT Space

Authors: C. P. Autry, A.W. Roscoe

Abstract:

Authentication protocols based on public key infrastructure (PKI) and trusted third party (TTP) are no longer adequate for industrial scale IoT networks thanks to issues such as low compute and power availability, the use of widely distributed and commercial off-the-shelf (COTS) systems, and the increasingly sophisticated attackers and attacks we now have to counter. For example, there is increasing concern about nation-state-based interference and future quantum computing capability. We have examined this space from first principles and have developed several approaches to group and point-to-point authentication for IoT that do not depend on the use of a centralised client-server model. We emphasise the use of quantum resistant primitives such as strong cryptographic hashing and the use multi-factor authentication.

Keywords: authentication, enterprise IoT cybersecurity, PKI/TTP, IoT space

Procedia PDF Downloads 169
2451 A Lightweight Authentication and Key Exchange Protocol Design for Smart Homes

Authors: Zhifu Li, Lei Li, Wanting Zhou, Yuanhang He

Abstract:

This paper proposed a lightweight certificate-less authentication and key exchange protocol (Light-CL-PKC) based on elliptic curve cryptography and the Chinese Remainder Theorem for smart home scenarios. Light-CL-PKC can efficiently reduce the computational cost of both sides of authentication by forgoing time-consuming bilinear pair operations and making full use of point-addition and point-multiplication operations on elliptic curves. The authentication and key exchange processes in this system are also completed in a a single round of communication between the two parties. The analysis result demonstrates that it can significantly minimize the communication overhead of more than 32.14% compared with the referenced protocols, while the runtime for both authentication and key exchange have also been significantly reduced.

Keywords: authentication, key exchange, certificateless public key cryptography, elliptic curve cryptography

Procedia PDF Downloads 98
2450 ACBM: Attention-Based CNN and Bi-LSTM Model for Continuous Identity Authentication

Authors: Rui Mao, Heming Ji, Xiaoyu Wang

Abstract:

Keystroke dynamics are widely used in identity recognition. It has the advantage that the individual typing rhythm is difficult to imitate. It also supports continuous authentication through the keyboard without extra devices. The existing keystroke dynamics authentication methods based on machine learning have a drawback in supporting relatively complex scenarios with massive data. There are drawbacks to both feature extraction and model optimization in these methods. To overcome the above weakness, an authentication model of keystroke dynamics based on deep learning is proposed. The model uses feature vectors formed by keystroke content and keystroke time. It ensures efficient continuous authentication by cooperating attention mechanisms with the combination of CNN and Bi-LSTM. The model has been tested with Open Data Buffalo dataset, and the result shows that the FRR is 3.09%, FAR is 3.03%, and EER is 4.23%. This proves that the model is efficient and accurate on continuous authentication.

Keywords: keystroke dynamics, identity authentication, deep learning, CNN, LSTM

Procedia PDF Downloads 155
2449 Mutual Authentication for Sensor-to-Sensor Communications in IoT Infrastructure

Authors: Shadi Janbabaei, Hossein Gharaee Garakani, Naser Mohammadzadeh

Abstract:

Internet of things is a new concept that its emergence has caused ubiquity of sensors in human life, so that at any time, all data are collected, processed and transmitted by these sensors. In order to establish a secure connection, the first challenge is authentication between sensors. However, this challenge also requires some features so that the authentication is done properly. Anonymity, untraceability, and being lightweight are among the issues that need to be considered. In this paper, we have evaluated the authentication protocols and have analyzed the security vulnerabilities found in them. Then an improved light weight authentication protocol for sensor-to-sensor communications is presented which uses the hash function and logical operators. The analysis of protocol shows that security requirements have been met and the protocol is resistant against various attacks. In the end, by decreasing the number of computational cost functions, it is argued that the protocol is lighter than before.

Keywords: anonymity, authentication, Internet of Things, lightweight, un-traceability

Procedia PDF Downloads 292
2448 Evaluation and Analysis of the Secure E-Voting Authentication Preparation Scheme

Authors: Nidal F. Shilbayeh, Reem A. Al-Saidi, Ahmed H. Alsswey

Abstract:

In this paper, we presented an evaluation and analysis of E-Voting Authentication Preparation Scheme (EV-APS). EV-APS applies some modified security aspects that enhance the security measures and adds a strong wall of protection, confidentiality, non-repudiation and authentication requirements. Some of these modified security aspects are Kerberos authentication protocol, PVID scheme, responder certificate validation, and the converted Ferguson e-cash protocol. Authentication and privacy requirements have been evaluated and proved. Authentication guaranteed only eligible and authorized voters were permitted to vote. Also, the privacy guaranteed that all votes will be kept secret. Evaluation and analysis of some of these security requirements have been given. These modified aspects will help in filtering the counter buffer from unauthorized votes by ensuring that only authorized voters are permitted to vote.

Keywords: e-voting preparation stage, blind signature protocol, Nonce based authentication scheme, Kerberos Authentication Protocol, pseudo voter identity scheme PVID

Procedia PDF Downloads 298
2447 Use of Personal Rhythm to Authenticate Encrypted Messages

Authors: Carlos Gonzalez

Abstract:

When communicating using private and secure keys, there is always the doubt as to the identity of the message creator. We introduce an algorithm that uses the personal typing rhythm (keystroke dynamics) of the message originator to increase the trust of the authenticity of the message originator by the message recipient. The methodology proposes the use of a Rhythm Certificate Authority (RCA) to validate rhythm information. An illustrative example of the communication between Bob and Alice and the RCA is included. An algorithm of how to communicate with the RCA is presented. This RCA can be an independent authority or an enhanced Certificate Authority like the one used in public key infrastructure (PKI).

Keywords: authentication, digital signature, keystroke dynamics, personal rhythm, public-key encryption

Procedia PDF Downloads 304
2446 Fusion of Shape and Texture for Unconstrained Periocular Authentication

Authors: D. R. Ambika, K. R. Radhika, D. Seshachalam

Abstract:

Unconstrained authentication is an important component for personal automated systems and human-computer interfaces. Existing solutions mostly use face as the primary object of analysis. The performance of face-based systems is largely determined by the extent of deformation caused in the facial region and amount of useful information available in occluded face images. Periocular region is a useful portion of face with discriminative ability coupled with resistance to deformation. A reliable portion of periocular area is available for occluded images. The present work demonstrates that joint representation of periocular texture and periocular structure provides an effective expression and poses invariant representation. The proposed methodology provides an effective and compact description of periocular texture and shape. The method is tested over four benchmark datasets exhibiting varied acquisition conditions.

Keywords: periocular authentication, Zernike moments, LBP variance, shape and texture fusion

Procedia PDF Downloads 278
2445 Fast Authentication Using User Path Prediction in Wireless Broadband Networks

Authors: Gunasekaran Raja, Rajakumar Arul, Kottilingam Kottursamy, Ramkumar Jayaraman, Sathya Pavithra, Swaminathan Venkatraman

Abstract:

Wireless Interoperability for Microwave Access (WiMAX) utilizes the IEEE 802.1X mechanism for authentication. However, this mechanism incurs considerable delay during handoffs. This delay during handoffs results in service disruption which becomes a severe bottleneck. To overcome this delay, our article proposes a key caching mechanism based on user path prediction. If the user mobility follows that path, the user bypasses the normal IEEE 802.1X mechanism and establishes the necessary authentication keys directly. Through analytical and simulation modeling, we have proved that our mechanism effectively decreases the handoff delay thereby achieving fast authentication.

Keywords: authentication, authorization, and accounting (AAA), handoff, mobile, user path prediction (UPP) and user pattern

Procedia PDF Downloads 404
2444 A User Identification Technique to Access Big Data Using Cloud Services

Authors: A. R. Manu, V. K. Agrawal, K. N. Balasubramanya Murthy

Abstract:

Authentication is required in stored database systems so that only authorized users can access the data and related cloud infrastructures. This paper proposes an authentication technique using multi-factor and multi-dimensional authentication system with multi-level security. The proposed technique is likely to be more robust as the probability of breaking the password is extremely low. This framework uses a multi-modal biometric approach and SMS to enforce additional security measures with the conventional Login/password system. The robustness of the technique is demonstrated mathematically using a statistical analysis. This work presents the authentication system along with the user authentication architecture diagram, activity diagrams, data flow diagrams, sequence diagrams, and algorithms.

Keywords: design, implementation algorithms, performance, biometric approach

Procedia PDF Downloads 475
2443 Modulation of the Europay, MasterCard, and VisaCard Authentications by Using Avispa Tool

Authors: Ossama Al-Maliki

Abstract:

The Europay, MasterCard, and Visa (EMV) is the transaction protocol for most of the world and especially in Europe and the UK. EMV protocol consists of three main stages which are: card authentication, cardholder verification methods, and transaction authorization. This paper details in full the EMV card authentications. We have used AVISPA and SPAN tools to do our modulization for the EMV card authentications. The code for each type of the card authentication was written by using CAS+ language. The results showed that our modulations were successfully addressed all the steps of the EMV card authentications and the entire process of the EMV card authentication are secured. Also, our modulations were successfully addressed all the main goals behind the EMV card authentications according to the EMV specifications.

Keywords: EMV, card authentication, contactless card, SDA, DDA, CDA AVISPA

Procedia PDF Downloads 178
2442 A Method and System for Secure Authentication Using One Time QR Code

Authors: Divyans Mahansaria

Abstract:

User authentication is an important security measure for protecting confidential data and systems. However, the vulnerability while authenticating into a system has significantly increased. Thus, necessary mechanisms must be deployed during the process of authenticating a user to safeguard him/her from the vulnerable attacks. The proposed solution implements a novel authentication mechanism to counter various forms of security breach attacks including phishing, Trojan horse, replay, key logging, Asterisk logging, shoulder surfing, brute force search and others. QR code (Quick Response Code) is a type of matrix barcode or two-dimensional barcode that can be used for storing URLs, text, images and other information. In the proposed solution, during each new authentication request, a QR code is dynamically generated and presented to the user. A piece of generic information is mapped to plurality of elements and stored within the QR code. The mapping of generic information with plurality of elements, randomizes in each new login, and thus the QR code generated for each new authentication request is for one-time use only. In order to authenticate into the system, the user needs to decode the QR code using any QR code decoding software. The QR code decoding software needs to be installed on handheld mobile devices such as smartphones, personal digital assistant (PDA), etc. On decoding the QR code, the user will be presented a mapping between the generic piece of information and plurality of elements using which the user needs to derive cipher secret information corresponding to his/her actual password. Now, in place of the actual password, the user will use this cipher secret information to authenticate into the system. The authentication terminal will receive the cipher secret information and use a validation engine that will decipher the cipher secret information. If the entered secret information is correct, the user will be provided access to the system. Usability study has been carried out on the proposed solution, and the new authentication mechanism was found to be easy to learn and adapt. Mathematical analysis of the time taken to carry out brute force attack on the proposed solution has been carried out. The result of mathematical analysis showed that the solution is almost completely resistant to brute force attack. Today’s standard methods for authentication are subject to a wide variety of software, hardware, and human attacks. The proposed scheme can be very useful in controlling the various types of authentication related attacks especially in a networked computer environment where the use of username and password for authentication is common.

Keywords: authentication, QR code, cipher / decipher text, one time password, secret information

Procedia PDF Downloads 268
2441 Efficient Position Based Operation Code Authentication

Authors: Hashim Ali, Sheheryar Khan

Abstract:

Security for applications is always been a keen issue of concern. In general, security is to allow access of grant to legal user or to deny non-authorized access to the system. Shoulder surfing is an observation technique to hack an account or to enter into a system. When a malicious observer is capturing or recording the fingers of a user while he is entering sensitive inputs (PIN, Passwords etc.) and may be able to observe user’s password credential. It is very rigorous for a novice user to prevent himself from shoulder surfing or unaided observer in a public place while accessing his account. In order to secure the user account, there are five factors of authentication; they are: “(i) something you have, (ii) something you are, (iii) something you know, (iv) somebody you know, (v) something you process”. A technique has been developed of fifth-factor authentication “something you process” to provide novel approach to the user. In this paper, we have applied position based operational code authentication in such a way to more easy and user friendly to the user.

Keywords: shoulder surfing, malicious observer, sensitive inputs, authentication

Procedia PDF Downloads 272
2440 Secure Authentication Scheme Based on Numerical Series Cryptography for Internet of Things

Authors: Maha Aladdin, Khaled Nagaty, Abeer Hamdy

Abstract:

The rapid advancement cellular networks and wireless networks have laid a solid basis for the Internet of Things. IoT has evolved into a unique standard that allows diverse physical devices to collaborate with one another. A service provider gives a variety of services that may be accessed via smart apps anywhere, at any time, and from any location over the Internet. Because of the public environment of mobile communication and the Internet, these services are highly vulnerable to a several malicious attacks, such as unauthorized disclosure by hostile attackers. As a result, the best option for overcoming these vulnerabilities is a strong authentication method. In this paper, a lightweight authentication scheme that is based on numerical series cryptography is proposed for the IoT environments. It allows mutual authentication between IoT devices Parametric study and formal proofs are utilized to illustrate that the pro-posed approach is resistant to a variety of security threats.

Keywords: internet of things, authentication, cryptography, security protocol

Procedia PDF Downloads 120
2439 A Multilevel Authentication Protocol: MAP in VANET for Human Safety

Authors: N. Meddeb, A. M. Makhlouf, M. A. Ben Ayed

Abstract:

Due to the real-time requirement of message in Vehicular Ad hoc NETworks (VANET), it is necessary to authenticate vehicles to achieve security, efficiency, and conditional privacy-preserving. Privacy is of utmost relevance in VANETs. For this reason, we have proposed a new protocol called ‘Multilevel Authentication Protocol’ (MAP) that considers different vehicle categories. The proposed protocol is based on our Multilevel Authentication protocol for Vehicular networks (MAVnet). But the MAP leads to human safety, where the priority is given to the ambulance vehicles. For evaluation, we used the Java language to develop a demo application and deployed it on the Network Security Simulation (Nessi2). Compared with existing authentication protocols, MAP markedly enhance the communication overhead and decreases the delay of exchanging messages while preserving conditional privacy.

Keywords: Vehicular Ad hoc NETworks (VANET), vehicle categories, safety, databases, privacy, authentication, throughput, delay

Procedia PDF Downloads 296
2438 An Efficient and Provably Secure Three-Factor Authentication Scheme with Key Agreement

Authors: Mohan Ramasundaram, Amutha Prabakar Muniyandi

Abstract:

Remote user authentication is one of the important tasks for any kind of remote server applications. Several remote authentication schemes are proposed by the researcher for Telecare Medicine Information System (TMIS). Most of the existing techniques have limitations, vulnerable to various kind attacks, lack of functionalities, information leakage, no perfect forward security and ineffectiveness. Authentication is a process of user verification mechanism for allows him to access the resources of a server. Nowadays, most of the remote authentication protocols are using two-factor authentications. We have made a survey of several remote authentication schemes using three factors and this survey shows that the most of the schemes are inefficient and subject to several attacks. We observed from the experimental evaluation; the proposed scheme is very secure against various known attacks that include replay attack, man-in-the-middle attack. Furthermore, the analysis based on the communication cost and computational cost estimation of the proposed scheme with related schemes shows that our proposed scheme is efficient.

Keywords: Telecare Medicine Information System, elliptic curve cryptography, three-factor, biometric, random oracle

Procedia PDF Downloads 219
2437 To Study the New Invocation of Biometric Authentication Technique

Authors: Aparna Gulhane

Abstract:

Biometrics is the science and technology of measuring and analyzing biological data form the basis of research in biological measuring techniques for the purpose of people identification and recognition. In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as DNA, fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements. Biometric systems are used to authenticate the person's identity. The idea is to use the special characteristics of a person to identify him. These papers present a biometric authentication techniques and actual deployment of potential by overall invocation of biometrics recognition, with an independent testing of various biometric authentication products and technology.

Keywords: types of biometrics, importance of biometric, review for biometrics and getting a new implementation, biometric authentication technique

Procedia PDF Downloads 321
2436 Tag Impersonation Attack on Ultra-lightweight Radio Frequency Identification Authentication Scheme (ESRAS)

Authors: Reham Al-Zahrani, Noura Aleisa

Abstract:

The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.

Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols

Procedia PDF Downloads 65
2435 Meta Root ID Passwordless Authentication Using ZKP Bitcoin Protocol

Authors: Saransh Sharma, Atharv Dekhne

Abstract:

Passwords stored on central services and hashed are prone to cyberattacks and hacks. Hence, given all these nuisances, there’s a need to eliminate character-based authentication protocols, which would ultimately benefit all developers as well as end-users.To replace this conventional but antiquated protocol with a secure alternative would be Passwordless Authentication. The meta root.id system creates a public and private key, of which the user is only able to access the private key. Further, after signing the key, the user sends the information over the API to the server, which checks its validity with the public key and grants access accordingly.

Keywords: passwordless, OAuth, bitcoin, ZKP, SIN, BIP

Procedia PDF Downloads 95
2434 BAN Logic Proof of E-passport Authentication Protocol

Authors: Safa Saoudi, Souheib Yousfi, Riadh Robbana

Abstract:

E-passport is a relatively new electronic document which maintains the passport features and provides better security. It deploys new technologies such as biometrics and Radio Frequency identification (RFID). The international civil aviation organization (ICAO) and the European union define mechanisms and protocols to provide security but their solutions present many threats. In this paper, a new mechanism is presented to strengthen e-passport security and authentication process. We propose a new protocol based on Elliptic curve, identity based encryption and shared secret between entities. Authentication in our contribution is formally proved with BAN Logic verification language. This proposal aims to provide a secure data storage and authentication.

Keywords: e-passport, elliptic curve cryptography, identity based encryption, shared secret, BAN Logic

Procedia PDF Downloads 435
2433 The Internet of Things Ecosystem: Survey of the Current Landscape, Identity Relationship Management, Multifactor Authentication Mechanisms, and Underlying Protocols

Authors: Nazli W. Hardy

Abstract:

A critical component in the Internet of Things (IoT) ecosystem is the need for secure and appropriate transmission, processing, and storage of the data. Our current forms of authentication, and identity and access management do not suffice because they are not designed to service cohesive, integrated, interconnected devices, and service applications. The seemingly endless opportunities of IoT are in fact circumscribed on multiple levels by concerns such as trust, privacy, security, loss of control, and related issues. This paper considers multi-factor authentication (MFA) mechanisms and cohesive identity relationship management (IRM) standards. It also surveys messaging protocols that are appropriate for the IoT ecosystem.

Keywords: identity relation management, multifactor authentication, protocols, survey of internet of things ecosystem

Procedia PDF Downloads 354
2432 A Proposal to Mobile Payment Implementing 2AF+

Authors: Nael Hirzallah, Sana Nseir

Abstract:

Merchants are competing to offer the use of mobile payment to encourage shopping. many mobile payment systems were made available in various locations worldwide; however, they have various drawbacks. This paper proposes a new mobile payment system that discusses the main drawbacks of these systems, namely security and speed of transaction. The proposal is featured by being simple to use by customers and merchants. Furthermore, the proposed system depends on a new authentication factor that is introduced in this paper and called by Two-Factors Authentication Plus, (2FA+).

Keywords: electronic commerce, payment schemes, mobile payment, authentication factors, mobile applications

Procedia PDF Downloads 286