Search results for: authentication mechanisms
2652 Enhancement of Transaction's Authentication for the Europay, MasterCard, and Visa Contactless Card Payments
Authors: Ossama Al-Maliki
Abstract:
Europay, MasterCard, and Visa (EMV) is one of the most popular payment protocol in the world. The EMV protocol supports Chip and PIN Transactions, Chip and Signature transactions, and Contactless transactions. This protocol suffers from tens of £ millions of lost per year due to many fraudulent payments. This is due to several reported vulnerable points in the protocols used for such payments that allow skimming, replay, cloning, Mole Point of Sale (POS), relay, and other attacks to be conducted. In this paper, we are focusing on the EMV contactless specification and we have proposed two proposal solutions to the addition of a localization factor to enhance the payment authentication of such transactions designed to prevent relay, cloning, and Mole-POS attacks. Our proposed solution is a back-end localization scheme to help the Issuer-Bank compare the location of the genuine cardholder in relation to the used POS. Our scheme uses 'something you have' which is the Cardholder Smartphone (CSP) to provide the location of the cardholder at the time of the transaction and without impacting the contactless payment time/protocol. The Issuer-bank obtain the CSP Location using tried and tested localization techniques, and independently of the cardholder. Both of our proposal solutions do not require infrastructure changes, and it uses existing EMV/SP protocol messages to communicate our scheme information.Keywords: NFC, RFID, contactless card, authentication, location, EMV
Procedia PDF Downloads 2422651 IAM Smart – A Sustainable Way to Reduce Plastics in Organizations
Authors: Krithika Kumaragurubaran, Mannu Thareja
Abstract:
Saving our planet Earth is the responsibility of every human being. Global warming and carbon emissions are killing our planet. We must adopt sustainable practices to give our future generations an equal opportunity to enjoy this planet Earth, our home. One of the most used unsustainable materials is plastic. Plastics are used everywhere. They are cheap, durable, strong, waterproof, non-corrosive with a long life. So longthat it makes plastic unsustainable. With this paper, we want to bring awareness on the usage of plastic in the organizations and how to reduce it by adopting sustainable practices powered by technology. We have taken a case study on the usage of photo ID cards, which are commonly used for authentication and authorization. These ID cards are used by employees or visitors to get access to the restricted areas inside the office buildings. The scale of these plastic cards can be in thousands for a bigger organization. This paper proposes smart alternatives to Identity and Access Management (IAM) which could replace the traditional method of using plastic ID cards. Further, the proposed solution is secure with multi-factor authentication (MFA), cost effective as there is no need to manage the supply chain of ID cards, provides instant IAM with self-service, and has the convenience of smart phone. Smart IAM is not only user friendly however also environment friendly.Keywords: sustainability, reduce plastic, IAM (Identity and Access Management), multi-factor authentication
Procedia PDF Downloads 1102650 Addressing the Oracle Problem: Decentralized Authentication in Blockchain-Based Green Hydrogen Certification
Authors: Volker Wannack
Abstract:
The aim of this paper is to present a concept for addressing the Oracle Problem in the context of hydrogen production using renewable energy sources. The proposed approach relies on the authentication of the electricity used for hydrogen production by multiple surrounding actors with similar electricity generation facilities, which attest to the authenticity of the electricity production. The concept introduces an Authenticity Score assigned to each certificate, as well as a Trust Score assigned to each witness. Each certificate must be attested by different actors with a sufficient Trust Score to achieve an Authenticity Score above a predefined threshold, thereby demonstrating that the produced hydrogen is indeed "green."Keywords: hydrogen, blockchain, sustainability, structural change
Procedia PDF Downloads 642649 Secure Transfer of Medical Images Using Hybrid Encryption
Authors: Boukhatem Mohamed Belkaid, Lahdi Mourad
Abstract:
In this paper, we propose a new encryption system for security issues medical images. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity, and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every new session of encryption, that will be used to encrypt each frame of the medical image basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.Keywords: AES, RSA, integrity, confidentiality, authentication, medical images, encryption, decryption, key, correlation
Procedia PDF Downloads 4432648 Secure Content Centric Network
Authors: Syed Umair Aziz, Muhammad Faheem, Sameer Hussain, Faraz Idris
Abstract:
Content centric network is the network based on the mechanism of sending and receiving the data based on the interest and data request to the specified node (which has cached data). In this network, the security is bind with the content not with the host hence making it host independent and secure. In this network security is applied by taking content’s MAC (message authentication code) and encrypting it with the public key of the receiver. On the receiver end, the message is first verified and after verification message is saved and decrypted using the receiver's private key.Keywords: content centric network, client-server, host security threats, message authentication code, named data network, network caching, peer-to-peer
Procedia PDF Downloads 6442647 Quick Response(QR) Code for Vehicle Registration and Identification
Authors: S. Malarvizhi, S. Sadiq Basha, M. Santhosh Kumar, K. Saravanan, R. Sasikumar, R. Satheesh
Abstract:
This is a web based application which provides authorization for the vehicle identification and registration. It also provides mutual authentication between the police and users in order to avoid misusage. The QR code generation in this application overcomes the difficulty in the manual registration of the vehicle documents. This generated QR code is placed in the number plates of the vehicles. The QR code is scanned using the QR Reader installed in the smart devices. The police officials can check the vehicle details and file cases on accidents, theft and traffic rules violations using QR code. In addition to vehicle insurance payments and renewals, the renewal alert is sent to the vehicle owner about payment deadline. The non-permitted vehicles can be blocked in the next check-post by sending the alert messages.Keywords: QR code, QR reader, registration, authentication, idenfication
Procedia PDF Downloads 4942646 Detection of Intentional Attacks in Images Based on Watermarking
Authors: Hazem Munawer Al-Otum
Abstract:
In this work, an efficient watermarking technique is proposed and can be used for detecting intentional attacks in RGB color images. The proposed technique can be implemented for image authentication and exhibits high robustness against unintentional common image processing attacks. It deploys two measures to discern between intentional and unintentional attacks based on using a quantization-based technique in a modified 2D multi-pyramidal DWT transform. Simulations have shown high accuracy in detecting intentionally attacked regions while exhibiting high robustness under moderate to severe common image processing attacks.Keywords: image authentication, copyright protection, semi-fragile watermarking, tamper detection
Procedia PDF Downloads 2552645 A Review of Ultralightweight Mutual Authentication Protocols
Authors: Umar Mujahid, Greatzel Unabia, Hongsik Choi, Binh Tran
Abstract:
Radio Frequency Identification (RFID) is one of the most commonly used technologies in IoTs and Wireless Sensor Networks which makes the devices identification and tracking extremely easy to manage. Since RFID uses wireless channel for communication, which is open for all types of adversaries, researchers have proposed many Ultralightweight Mutual Authentication Protocols (UMAPs) to ensure security and privacy in a cost-effective manner. These UMAPs involve simple bitwise logical operators such as XOR, AND, OR & Rot, etc., to design the protocol messages. However, most of these UMAPs were later reported to be vulnerable against many malicious attacks. In this paper, we have presented a detailed overview of some eminent UMAPs and also discussed the many security attacks on them. Finally, some recommendations and suggestions have been discussed, which can improve the design of the UMAPs.Keywords: RFID, Ultralightweight, UMAP, SASI
Procedia PDF Downloads 1532644 On the Design of a Secure Two-Party Authentication Scheme for Internet of Things Using Cancelable Biometrics and Physically Unclonable Functions
Authors: Behnam Zahednejad, Saeed Kosari
Abstract:
Widespread deployment of Internet of Things (IoT) has raised security and privacy issues in this environment. Designing a secure two-factor authentication scheme between the user and server is still a challenging task. In this paper, we focus on Cancelable Biometric (CB) as an authentication factor in IoT. We show that previous CB-based scheme fail to provide real two-factor security, Perfect Forward Secrecy (PFS) and suffer database attacks and traceability of the user. Then we propose our improved scheme based on CB and Physically Unclonable Functions (PUF), which can provide real two-factor security, PFS, user’s unlinkability, and resistance to database attack. In addition, Key Compromise Impersonation (KCI) resilience is achieved in our scheme. We also prove the security of our proposed scheme formally using both Real-Or-Random (RoR) model and the ProVerif analysis tool. For the usability of our scheme, we conducted a performance analysis and showed that our scheme has the least communication cost compared to the previous CB-based scheme. The computational cost of our scheme is also acceptable for the IoT environment.Keywords: IoT, two-factor security, cancelable biometric, key compromise impersonation resilience, perfect forward secrecy, database attack, real-or-random model, ProVerif
Procedia PDF Downloads 1022643 MSG Image Encryption Based on AES and RSA Algorithms "MSG Image Security"
Authors: Boukhatem Mohammed Belkaid, Lahdir Mourad
Abstract:
In this paper, we propose a new encryption system for security issues meteorological images from Meteosat Second Generation (MSG), which generates 12 images every 15 minutes. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every 15 minutes that will be used to encrypt each frame of the MSG meteorological basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.Keywords: AES, RSA, integrity, confidentiality, authentication, satellite MSG, encryption, decryption, key, correlation
Procedia PDF Downloads 3832642 Secure Network Coding-Based Named Data Network Mutual Anonymity Transfer Protocol
Authors: Tao Feng, Fei Xing, Ye Lu, Jun Li Fang
Abstract:
NDN is a kind of future Internet architecture. Due to the NDN design introduces four privacy challenges,Many research institutions began to care about the privacy issues of naming data network(NDN).In this paper, we are in view of the major NDN’s privacy issues to investigate privacy protection,then put forwards more effectively anonymous transfer policy for NDN.Firstly,based on mutual anonymity communication for MP2P networks,we propose NDN mutual anonymity protocol.Secondly,we add interest package authentication mechanism in the protocol and encrypt the coding coefficient, security of this protocol is improved by this way.Finally, we proof the proposed anonymous transfer protocol security and anonymity.Keywords: NDN, mutual anonymity, anonymous routing, network coding, authentication mechanism
Procedia PDF Downloads 4512641 A Cloud-Based Federated Identity Management in Europe
Authors: Jesus Carretero, Mario Vasile, Guillermo Izquierdo, Javier Garcia-Blas
Abstract:
Currently, there is a so called ‘identity crisis’ in cybersecurity caused by the substantial security, privacy and usability shortcomings encountered in existing systems for identity management. Federated Identity Management (FIM) could be solution for this crisis, as it is a method that facilitates management of identity processes and policies among collaborating entities without enforcing a global consistency, that is difficult to achieve when there are ID legacy systems. To cope with this problem, the Connecting Europe Facility (CEF) initiative proposed in 2014 a federated solution in anticipation of the adoption of the Regulation (EU) N°910/2014, the so-called eIDAS Regulation. At present, a network of eIDAS Nodes is being deployed at European level to allow that every citizen recognized by a member state is to be recognized within the trust network at European level, enabling the consumption of services in other member states that, until now were not allowed, or whose concession was tedious. This is a very ambitious approach, since it tends to enable cross-border authentication of Member States citizens without the need to unify the authentication method (eID Scheme) of the member state in question. However, this federation is currently managed by member states and it is initially applied only to citizens and public organizations. The goal of this paper is to present the results of a European Project, named eID@Cloud, that focuses on the integration of eID in 5 cloud platforms belonging to authentication service providers of different EU Member States to act as Service Providers (SP) for private entities. We propose an initiative based on a private eID Scheme both for natural and legal persons. The methodology followed in the eID@Cloud project is that each Identity Provider (IdP) is subscribed to an eIDAS Node Connector, requesting for authentication, that is subscribed to an eIDAS Node Proxy Service, issuing authentication assertions. To cope with high loads, load balancing is supported in the eIDAS Node. The eID@Cloud project is still going on, but we already have some important outcomes. First, we have deployed the federation identity nodes and tested it from the security and performance point of view. The pilot prototype has shown the feasibility of deploying this kind of systems, ensuring good performance due to the replication of the eIDAS nodes and the load balance mechanism. Second, our solution avoids the propagation of identity data out of the native domain of the user or entity being identified, which avoids problems well known in cybersecurity due to network interception, man in the middle attack, etc. Last, but not least, this system allows to connect any country or collectivity easily, providing incremental development of the network and avoiding difficult political negotiations to agree on a single authentication format (which would be a major stopper).Keywords: cybersecurity, identity federation, trust, user authentication
Procedia PDF Downloads 1662640 A Survey on Smart Security Mechanism Using Graphical Passwords
Authors: Aboli Dhanavade, Shweta Bhimnath, Rutuja Jumale, Ajay Nadargi
Abstract:
Security to any of our personal thing is our most basic need. It is not possible to directly apply that standard Human-computer—interaction approaches. Important usability goal for authentication system is to support users in selecting best passwords. Users often select text-passwords that are easy to remember, but they are more open for attackers to guess. The human brain is good in remembering pictures rather than textual characters. So the best alternative is being designed that is Graphical passwords. However, Graphical passwords are still immature. Conventional password schemes are also vulnerable to Shoulder-surfing attacks, many shoulder-surfing resistant graphical passwords schemes have been proposed. Next, we have analyzed the security and usability of the proposed scheme, and show the resistance of the proposed scheme to shoulder-surfing and different accidental logins.Keywords: shoulder-surfing, security, authentication, text-passwords
Procedia PDF Downloads 3622639 Durian Marker Kit for Durian (Durio zibethinus Murr.) Identity
Authors: Emma K. Sales
Abstract:
Durian is the flagship fruit of Mindanao and there is an abundance of several cultivars with many confusing identities/ names. The project was conducted to develop procedure for reliable and rapid detection and sorting of durian planting materials. Moreover, it is also aimed to establish specific genetic or DNA markers for routine testing and authentication of durian cultivars in question. The project developed molecular procedures for routine testing. SSR primers were also screened and identified for their utility in discriminating durian cultivars collected. Results of the study showed the following accomplishments; 1. Twenty (29) SSR primers were selected and identified based on their ability to discriminate durian cultivars, 2. Optimized and established standard procedure for identification and authentication of Durian cultivars 3. Genetic profile of durian is now available at Biotech Unit. Our results demonstrate the relevance of using molecular techniques in evaluating and identifying durian clones. The most polymorphic primers tested in this study could be useful tools for detecting variation even at the early stage of the plant especially for commercial purposes. The process developed combines the efficiency of the microsatellites development process with the optimization of non-radioactive detection process resulting in a user-friendly protocol that can be performed in two (2) weeks and easily incorporated into laboratories about to start microsatellite development projects. This can be of great importance to extend microsatellite analyses to other crop species where minimal genetic information is currently available. With this, the University can now be a service laboratory for routine testing and authentication of durian clones.Keywords: DNA, SSR analysis, genotype, genetic diversity, cultivars
Procedia PDF Downloads 4542638 A Voice Signal Encryption Scheme Based on Chaotic Theory
Authors: Hailang Yang
Abstract:
To ensure the confidentiality and integrity of speech signals in communication transmission, this paper proposes a voice signal encryption scheme based on chaotic theory. Firstly, the scheme utilizes chaotic mapping to generate a key stream and then employs the key stream to perform bitwise exclusive OR (XOR) operations for encrypting the speech signal. Additionally, the scheme utilizes a chaotic hash function to generate a Message Authentication Code (MAC), which is appended to the encrypted data to verify the integrity of the data. Subsequently, we analyze the security performance and encryption efficiency of the scheme, comparing and optimizing it against existing solutions. Finally, experimental results demonstrate that the proposed scheme can resist common attacks, achieving high-quality encryption and speed.Keywords: chaotic theory, XOR encryption, chaotic hash function, Message Authentication Code (MAC)
Procedia PDF Downloads 512637 Evaluation of Gesture-Based Password: User Behavioral Features Using Machine Learning Algorithms
Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier
Abstract:
Graphical-based passwords have existed for decades. Their major advantage is that they are easier to remember than an alphanumeric password. However, their disadvantage (especially recognition-based passwords) is the smaller password space, making them more vulnerable to brute force attacks. Graphical passwords are also highly susceptible to the shoulder-surfing effect. The gesture-based password method that we developed is a grid-free, template-free method. In this study, we evaluated the gesture-based passwords for usability and vulnerability. The results of the study are significant. We developed a gesture-based password application for data collection. Two modes of data collection were used: Creation mode and Replication mode. In creation mode (Session 1), users were asked to create six different passwords and reenter each password five times. In replication mode, users saw a password image created by some other user for a fixed duration of time. Three different duration timers, such as 5 seconds (Session 2), 10 seconds (Session 3), and 15 seconds (Session 4), were used to mimic the shoulder-surfing attack. After the timer expired, the password image was removed, and users were asked to replicate the password. There were 74, 57, 50, and 44 users participated in Session 1, Session 2, Session 3, and Session 4 respectfully. In this study, the machine learning algorithms have been applied to determine whether the person is a genuine user or an imposter based on the password entered. Five different machine learning algorithms were deployed to compare the performance in user authentication: namely, Decision Trees, Linear Discriminant Analysis, Naive Bayes Classifier, Support Vector Machines (SVMs) with Gaussian Radial Basis Kernel function, and K-Nearest Neighbor. Gesture-based password features vary from one entry to the next. It is difficult to distinguish between a creator and an intruder for authentication. For each password entered by the user, four features were extracted: password score, password length, password speed, and password size. All four features were normalized before being fed to a classifier. Three different classifiers were trained using data from all four sessions. Classifiers A, B, and C were trained and tested using data from the password creation session and the password replication with a timer of 5 seconds, 10 seconds, and 15 seconds, respectively. The classification accuracies for Classifier A using five ML algorithms are 72.5%, 71.3%, 71.9%, 74.4%, and 72.9%, respectively. The classification accuracies for Classifier B using five ML algorithms are 69.7%, 67.9%, 70.2%, 73.8%, and 71.2%, respectively. The classification accuracies for Classifier C using five ML algorithms are 68.1%, 64.9%, 68.4%, 71.5%, and 69.8%, respectively. SVMs with Gaussian Radial Basis Kernel outperform other ML algorithms for gesture-based password authentication. Results confirm that the shorter the duration of the shoulder-surfing attack, the higher the authentication accuracy. In conclusion, behavioral features extracted from the gesture-based passwords lead to less vulnerable user authentication.Keywords: authentication, gesture-based passwords, machine learning algorithms, shoulder-surfing attacks, usability
Procedia PDF Downloads 1072636 Enhanced Automated Teller Machine Using Short Message Service Authentication Verification
Authors: Rasheed Gbenga Jimoh, Akinbowale Nathaniel Babatunde
Abstract:
The use of Automated Teller Machine (ATM) has become an important tool among commercial banks, customers of banks have come to depend on and trust the ATM conveniently meet their banking needs. Although the overwhelming advantages of ATM cannot be over-emphasized, its alarming fraud rate has become a bottleneck in it’s full adoption in Nigeria. This study examined the menace of ATM in the society another cost of running ATM services by banks in the country. The researcher developed a prototype of an enhanced Automated Teller Machine Authentication using Short Message Service (SMS) Verification. The developed prototype was tested by Ten (10) respondents who are users of ATM cards in the country and the data collected was analyzed using Statistical Package for Social Science (SPSS). Based on the results of the analysis, it is being envisaged that the developed prototype will go a long way in reducing the alarming rate of ATM fraud in Nigeria.Keywords: ATM, ATM fraud, e-banking, prototyping
Procedia PDF Downloads 3222635 Message Authentication Scheme for Vehicular Ad-Hoc Networks under Sparse RSUs Environment
Authors: Wen Shyong Hsieh, Chih Hsueh Lin
Abstract:
In this paper, we combine the concepts of chameleon hash function (CHF) and identification based cryptography (IBC) to build a message authentication environment for VANET under sparse RSUs. Based on the CHF, TA keeps two common secrets that will be embedded to all identities to be as the evidence of mutual trusting. TA will issue one original identity to every RSU and vehicle. An identity contains one public ID and one private key. The public ID, includes three components: pseudonym, random key, and public key, is used to present one entity and can be verified to be a legal one. The private key is used to claim the ownership of the public ID. Based on the concept of IBC, without any negotiating process, a CHF pairing key multiplied by one private key and other’s public key will be used for mutually trusting and to be utilized as the session key of secure communicating between RSUs and vehicles. To help the vehicles to do message authenticating, the RSUs are assigned to response the vehicle’s temple identity request using two short time secretes that are broadcasted by TA. To light the loading of request information, one day is divided into M time slots. At every time slot, TA will broadcast two short time secretes to all valid RSUs for that time slot. Any RSU can response the temple identity request from legal vehicles. With the collected announcement of public IDs from the neighbor vehicles, a vehicle can set up its neighboring set, which includes the information about the neighbor vehicle’s temple public ID and temple CHF pairing key that can be derived by the private key and neighbor’s public key and will be used to do message authenticating or secure communicating without the help of RSU.Keywords: Internet of Vehicles (IOV), Vehicular Ad-hoc Networks (VANETs), Chameleon Hash Function (CHF), message authentication
Procedia PDF Downloads 3912634 Predicting the Relationship Between Childhood Trauma on the Formation of Defense Mechanisms with the Mediating Role of Object Relations in Traders
Authors: Ahmadreza Jabalameli, Mohammad Ebrahimpour Borujeni
Abstract:
According to psychodynamic theories, the major personality structure of individuals is formed in the first years of life. Trauma is an inseparable and undeniable part of everyone's life and they inevitably struggle with many traumas that can have a very significant impact on their lives. The present study deals with the relationship between childhood trauma on the formation of defense mechanisms and the role of object relations. The present descriptive study is a correlation with structural equation modeling (SEM). Sample selection is available and consists of 200 knowledgeable traders in Jabalameli Information Technology Company. The results indicate that the experience of childhood trauma with a demographic moderating effect, through the mediating role of object relations can lead to vulnerability to ego reality functionality and immature and psychically disturbed defense mechanisms. In this regard, there is a significant negative relationship between childhood trauma and object relations with mature defense mechanisms.Keywords: childhood trauma, defense mechanisms, object relations, trade
Procedia PDF Downloads 1322633 Usability and Biometric Authentication of Electronic Voting System
Authors: Nighat Ayub, Masood Ahmad
Abstract:
In this paper, a new voting system is developed and its usability is evaluated. The main feature of this system is the biometric verification of the voter and then a few easy steps to cast a vote. As compared to existing systems available, e.g dual vote, the new system requires no training in advance. The security is achieved via multiple key concept (another part of this project). More than 100 student voters were participated in the election from University of Malakanad, Chakdara, PK. To achieve the reliability, the voters cast their votes in two ways, i.e. paper based and electronic based voting using our new system. The results of paper based and electronic voting system are compared and it is concluded that the voters cast their votes for the intended candidates on the electronic voting system. The voters were requested to fill a questionnaire and the results of the questionnaire are carefully analyzed. The results show that the new system proposed in this paper is more secure and usable than other systems.Keywords: e-voting, security, usability, authentication
Procedia PDF Downloads 3922632 Mechanisms of Action in Mindfulness-Based Cognitive Therapy (MBCT) and Mindfulness-Based Stress Reduction (MBSR) in People with Physical and/or Psychological Conditions: A Systematic Review
Authors: Modi Alsubaie, Willem Kuyken, Rebecca Abbott, Barnaby Dunn, Chris Dickens, Tina Keil, William Henley
Abstract:
Background: Recently, there has been an increased interest in studying the effects of mindfulness-based interventions for people with psychological and physical problems. However, the mechanisms of action in these interventions that lead to beneficial physical and psychological outcomes have yet to be clearly identified. Purpose: The aim of this paper is to review, systematically, the evidence to date on the mechanisms of action in mindfulness interventions in populations with physical and/or psychological conditions. Method: Searches of seven databases (PsycINFO, Medline (Ovid), Cochrane Central Register of Controlled Trials, EMBASE, CINAHL, AMED, ClinicalTrials.gov) were undertaken in June 2014 and July 2015. We evaluated to what extent the studies we identified met the criteria suggested by Kazdin for establishing mechanisms of action within a psychological treatment (2007, 2009). Results: We identified four trials examining mechanisms of mindfulness interventions in those with comorbid psychological and physical health problems and 14 in those with psychological conditions. These studies examined a diverse range of potential mechanisms, including mindfulness and rumination. Of these candidate mechanisms, the most consistent finding was that greater self-reported change in mindfulness mediated superior clinical outcomes. However, very few studies fully met the Kazdin criteria for examining treatment mechanisms. Conclusion: There was evidence that global changes in mindfulness are linked to better outcomes. This evidence pertained more to interventions targeting psychological rather than physical health conditions. While there is promising evidence that MBCT/MBSR intervention effects are mediated by hypothesised mechanisms, there is a lack of methodological rigour in the field of testing mechanisms of action for both MBCT and MBSR, which precludes definitive conclusions.Keywords: MBCT, MBSR, mechanisms, physical conditions, psychological conditions, systematic review
Procedia PDF Downloads 3312631 A Review of Self-Healing Concrete and Various Methods of Its Scientific Implementation
Authors: Davoud Beheshtizadeh, Davood Jafari
Abstract:
Concrete, with its special properties and advantages, has caused it to be widely and increasingly used in construction industry, especially in infrastructures of the country. On the other hand, some defects of concrete and, most importantly, micro-cracks in the concrete after setting have caused the cost of repair and maintenance of infrastructure; therefore, self-healing concretes have been of attention in other countries in the recent years. These concretes have been repaired with general mechanisms such as physical, chemical, biological and combined mechanisms, each of which has different subsets and methods of execution and operation. Also, some of these types of mechanisms are of high importance, which has led to a special production method, and as this subject is new in Iran, this knowledge is almost unknown or at least some part of it has not been considered at all. The present article completely introduces various self-healing mechanisms as a review and tries to present the disadvantages and advantages of each method along with its scope of application.Keywords: micro-cracks, self-healing concrete, microcapsules, concrete, cement, self-sensitive
Procedia PDF Downloads 1452630 Design and Implementation of Security Middleware for Data Warehouse Signature, Framework
Authors: Mayada Al Meghari
Abstract:
Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature, DWS Framework. The aim of using the middleware in our DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.Keywords: middleware, parallel computing, data warehouse, security, group-key, high performance
Procedia PDF Downloads 1192629 Double Layer Security Model for Identification Friend or Foe
Authors: Buse T. Aydın, Enver Ozdemir
Abstract:
In this study, a double layer authentication scheme between the aircraft and the Air Traffic Control (ATC) tower is designed to prevent any unauthorized aircraft from introducing themselves as friends. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or foe according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as a friend. In this method, even if embedded key is captured by the enemy aircraft, without the information of the second layer, the enemy can easily be determined. Overall, in this work, we present a more reliable system by adding a physical layer in the authentication process.Keywords: ADS-B, communication with physical layer security, cryptography, identification friend or foe
Procedia PDF Downloads 1612628 Proactive WPA/WPA2 Security Using DD-WRT Firmware
Authors: Mustafa Kamoona, Mohamed El-Sharkawy
Abstract:
Although the latest Wireless Local Area Network technology Wi-Fi 802.11i standard addresses many of the security weaknesses of the antecedent Wired Equivalent Privacy (WEP) protocol, there are still scenarios where the network security are still vulnerable. The first security model that 802.11i offers is the Personal model which is very cheap and simple to install and maintain, yet it uses a Pre Shared Key (PSK) and thus has a low to medium security level. The second model that 802.11i provide is the Enterprise model which is highly secured but much more expensive and difficult to install/maintain and requires the installation and maintenance of an authentication server that will handle the authentication and key management for the wireless network. A central issue with the personal model is that the PSK needs to be shared with all the devices that are connected to the specific Wi-Fi network. This pre-shared key, unless changed regularly, can be cracked using offline dictionary attacks within a matter of hours. The key is burdensome to change in all the connected devices manually unless there is some kind of algorithm that coordinate this PSK update. The key idea of this paper is to propose a new algorithm that proactively and effectively coordinates the pre-shared key generation, management, and distribution in the cheap WPA/WPA2 personal security model using only a DD-WRT router.Keywords: Wi-Fi, WPS, TLS, DD-WRT
Procedia PDF Downloads 2332627 Providing a Secure Hybrid Method for Graphical Password Authentication to Prevent Shoulder Surfing, Smudge and Brute Force Attack
Authors: Faraji Sepideh
Abstract:
Nowadays, purchase rate of the smart device is increasing and user authentication is one of the important issues in information security. Alphanumeric strong passwords are difficult to memorize and also owners write them down on papers or save them in a computer file. In addition, text password has its own flaws and is vulnerable to attacks. Graphical password can be used as an alternative to alphanumeric password that users choose images as a password. This type of password is easier to use and memorize and also more secure from pervious password types. In this paper we have designed a more secure graphical password system to prevent shoulder surfing, smudge and brute force attack. This scheme is a combination of two types of graphical passwords recognition based and Cued recall based. Evaluation the usability and security of our proposed scheme have been explained in conclusion part.Keywords: brute force attack, graphical password, shoulder surfing attack, smudge attack
Procedia PDF Downloads 1612626 Generalized π-Armendariz Authentication Cryptosystem
Authors: Areej M. Abduldaim, Nadia M. G. Al-Saidi
Abstract:
Algebra is one of the important fields of mathematics. It concerns with the study and manipulation of mathematical symbols. It also concerns with the study of abstractions such as groups, rings, and fields. Due to the development of these abstractions, it is extended to consider other structures, such as vectors, matrices, and polynomials, which are non-numerical objects. Computer algebra is the implementation of algebraic methods as algorithms and computer programs. Recently, many algebraic cryptosystem protocols are based on non-commutative algebraic structures, such as authentication, key exchange, and encryption-decryption processes are adopted. Cryptography is the science that aimed at sending the information through public channels in such a way that only an authorized recipient can read it. Ring theory is the most attractive category of algebra in the area of cryptography. In this paper, we employ the algebraic structure called skew -Armendariz rings to design a neoteric algorithm for zero knowledge proof. The proposed protocol is established and illustrated through numerical example, and its soundness and completeness are proved.Keywords: cryptosystem, identification, skew π-Armendariz rings, skew polynomial rings, zero knowledge protocol
Procedia PDF Downloads 2172625 Frequency Modulation in Vibro-Acoustic Modulation Method
Authors: D. Liu, D. M. Donskoy
Abstract:
The vibroacoustic modulation method is based on the modulation effect of high-frequency ultrasonic wave (carrier) by low-frequency vibration in the presence of various defects, primarily contact-type such as cracks, delamination, etc. The presence and severity of the defect are measured by the ratio of the spectral sidebands and the carrier in the spectrum of the modulated signal. This approach, however, does not differentiate between amplitude and frequency modulations, AM and FM, respectfully. It was experimentally shown that both modulations could be present in the spectrum, yet each modulation may be associated with different physical mechanisms. AM mechanisms are quite well understood and widely covered in the literature. This paper is a first attempt to explain the generation mechanisms of FM and its correlation with the flaw properties. Here we proposed two possible mechanisms leading to FM modulation based on nonlinear local defect resonance and dynamic acousto-elastic models.Keywords: non-destructive testing, nonlinear acoustics, structural health monitoring, acousto-elasticity, local defect resonance
Procedia PDF Downloads 1522624 Mobile Agent Security Using Reference Monitor Based Security Framework
Authors: Sandhya Armoogum
Abstract:
In distributed systems and in open systems such as the Internet, often mobile code has to run on unknown and potentially hostile hosts. Mobile code such as a mobile agent is vulnerable when executing on remote hosts. The mobile agent may be subjected to various attacks such as tampering, inspection, and replay attack by a malicious host. Much research has been done to provide solutions for various security problems, such as authentication of mobile agent and hosts, integrity and confidentiality of the data carried by the mobile agent. Many of such proposed solutions in literature are not suitable for open systems whereby the mobile code arrives and executes on a host which is not known and trusted by the mobile agent owner. In this paper, we propose the adoption of the reference monitor by hosts in an open system for providing trust and security for mobile code execution. A secure protocol for the distribution of the reference monitor entity is described. This reference monitor entity on the remote host may also provide several security services such as authentication and integrity to the mobile code.Keywords: security, mobile agents, reference monitor, trust
Procedia PDF Downloads 4402623 PUF-Based Lightweight Iot Secure Authentication Chip Design
Authors: Wenxuan Li, Lei Li, Jin Li, Yuanhang He
Abstract:
This paper designed a secure chip for IoT communication security integrated with the PUF-based firmware protection scheme. Then, the Xilinx Kintex-7 and STM-32 were used for the prototype verification. Firmware protection worked well on FPGA and embedded platforms. For the ASIC implementation of the PUF module, contact PUF is chosen. The post-processing method and its improvement are analyzed with emphasis. This paper proposed a more efficient post-processing method for contact PUF named SXOR, which has practical value for realizing lightweight security modules in IoT devices. The analysis was carried out under the hypothesis that the contact holes are independent and combine the existing data in the open literature. The post-processing effects of SXOR and XOR are basically the same under the condition that the proposed post-processing circuit occupies only 50.6% of the area of XOR. The average Hamming weight of the PUF output bit sequence obtained by the proposed post-processing method is 0.499735, and the average Hamming weight obtained by the XOR-based post-processing method is 0.499999.Keywords: PUF, IoT, authentication, secure communication, encryption, XOR
Procedia PDF Downloads 141