Search results for: user privacy

Authors: Ebitisam K. Elberkawi, Mohamed M. Elammari

Abstract:

Graphical User Interface (GUI) is essential to programming, as is any other characteristic or feature, due to the fact that GUI components provide the fundamental interaction between the user and the program. Thus, we must give more interest to GUI during building and development of systems. Also, we must give a greater attention to the user who is the basic corner in the dealing with the GUI. This paper introduces an approach for designing GUI from one of the models of business workflows which describe the workflow behavior of a system, specifically through activity diagrams (AD).

Keywords: activity diagram, graphical user interface, GUI components, program

Procedia PDF Downloads 432

Authors: Christopher Muhawe, Masooda Bashir

Abstract:

With increased Internet Communication Technology(ICT), the virtual world has become the new normal. At the same time, there is an unprecedented collection of massive amounts of data by both private and public entities. Unfortunately, this increase in data collection has been in tandem with an increase in data misuse and data breach. Regrettably, the majority of data breach and data misuse claims have been unsuccessful in the United States courts for the failure of proof of direct injury to physical or economic interests. The requirement to express data privacy harms from an economic or physical stance negates the fact that not all data harms are physical or economic in nature. The challenge is compounded by the fact that data breach harms and risks do not attach immediately. This research will use a descriptive and normative approach to show that not all data harms can be expressed in economic or physical terms. Expressing privacy harms purely from an economic or physical harm perspective negates the fact that data insecurity may result into harms which run counter the functions of privacy in our lives. The promotion of liberty, selfhood, autonomy, promotion of human social relations and the furtherance of the existence of a free society. There is no economic value that can be placed on these functions of privacy. The proposed approach addresses data harms from a psychological and social perspective.

Keywords: data breach and misuse, economic harms, privacy harms, psychological harms

Procedia PDF Downloads 166

Authors: Yogita M. Ahire, Nedal M. Mohammed, Ahmed A. Hamoud

Abstract:

Scientific computation outsourcing is gaining popularity because it allows customers with limited computing resources and storage devices to outsource complex computation workloads to more powerful service providers. However, it raises some security and privacy concerns and challenges, such as customer input and output privacy, as well as cloud cheating behaviors. This study was motivated by these concerns and focused on privacy-preserving Two-Point Boundary Value Problems (BVP) as a common and realistic instance for verifiable safe multiparty computing. We'll look at the safe and verifiable schema with correctness guarantees by utilizing standard multiparty approaches to compute the result of a computation and then solely using verifiable ways to check that the result was right.

Keywords: verifiable computing, cloud computing, secure and privacy BVP, secure computation outsourcing

Procedia PDF Downloads 62

Authors: Gangmin Li, Fan Yang

Abstract:

Personalized recommendation is crucial for any recommendation system. One of the techniques for personalized recommendation is to identify the intention. Traditional user intention identification uses the user’s selection when facing multiple items. This modeling relies primarily on historical behaviour data resulting in challenges such as the cold start, unintended choice, and failure to capture intention when items are new. Motivated by recent advancements in Large Language Models (LLMs) like ChatGPT, we present an approach for user intention identification by embracing LLMs with Chain-of-Thought (CoT) prompting. We use the initial user profile as input to LLMs and design a collection of prompts to align the LLM's response through various recommendation tasks encompassing rating prediction, search and browse history, user clarification, etc. Our tests on real-world datasets demonstrate the improvements in recommendation by explicit user intention identification and, with that intention, merged into a user model.

Keywords: personalized recommendation, generative user modelling, user intention identification, large language models, chain-of-thought prompting

Procedia PDF Downloads 4

Authors: Xi Xiao, Chunhui Chen, Xinyu Liu, Guangwu Hu, Yong Jiang

Abstract:

Location sharing is a fundamental service in mobile Online Social Networks (mOSNs), which raises significant privacy concerns in recent years. Now, most location-based service applications adopt client/server architecture. In this paper, a location sharing system, named CSLocShare, is presented to provide flexible privacy-preserving location sharing with client/server architecture in mOSNs. CSLocShare enables location sharing between both trusted social friends and untrusted strangers without the third-party server. In CSLocShare, Location-Storing Social Network Server (LSSNS) provides location-based services but do not know the users’ real locations. The thorough analysis indicates that the users’ location privacy is protected. Meanwhile, the storage and the communication cost are saved. CSLocShare is more suitable and effective in reality.

Keywords: mobile online social networks, client/server architecture, location sharing, privacy-preserving

Procedia PDF Downloads 292

Authors: Rajarshi Motilal

Abstract:

The birth of the Internet and the rise of social media marked an important chapter in the history of humankind. Often termed the fourth scientific revolution, the Internet has changed human lives and cognisance. The birth of Web 2.0, followed by the launch of social media and social networking sites, added another milestone to these technological advancements where connectivity and influx of information became dominant. With billions of individuals using the internet and social media sites in the 21st century, “users” became “consumers”, and orthodox marketing reshaped itself to digital marketing. Furthermore, organisations started using sophisticated algorithms to predict consumer purchase behaviour and manipulate it to sustain themselves in such a competitive environment. The rampant storage and analysis of individual data became the new normal, raising many questions about data privacy. The excessive usage of the Internet among individuals brought in other problems of them becoming addicted to it, scavenging for societal approval and instant gratification, subsequently leading to a collective dualism, isolation, and finally, depression. This study aims to determine the relationship between social media usage in the modern age and the rise of psychological and cognitive imbalances in human minds. The literature review is positioned timely as an addition to the existing work at a time when the world is constantly debating on whether social media resignation is the only way to protect user data and restore the decaying cognitive balance.

Keywords: social media, digital marketing, consumer behaviour, internet addiction, data privacy

Procedia PDF Downloads 47

Authors: Emine Akar

Abstract:

The majority of privacy-related regulation has traditionally focused on concepts that are perceived to be well-understood or easily describable, such as certain categories of data and personal information or images. In the past century, such regulation appeared reasonably suitable for its purposes. However, technologies such as AI, combined with ever-increasing capabilities to collect, process, and store “big data”, not only require calibration of these traditional understandings but may require re-thinking of entire categories of privacy law. In the presentation, it will be explained, against the background of various emerging technologies under the umbrella term “emotional artificial intelligence”, why modern privacy law will need to embrace human emotions as potentially private subject matter. This argument can be made on a jurisprudential level, given that human emotions can plausibly be accommodated within the various concepts that are traditionally regarded as the underlying foundation of privacy protection, such as, for example, dignity, autonomy, and liberal values. However, the practical reasons for regarding human emotions as potentially private subject matter are perhaps more important (and very likely more convincing from the perspective of regulators). In that respect, it should be regarded as alarming that, according to most projections, the usefulness of emotional data to governments and, particularly, private companies will not only lead to radically increased processing and analysing of such data but, concerningly, to an exponential growth in the collection of such data. In light of this, it is also necessity to discuss options for how regulators could address this emerging threat.

Keywords: AI, privacy law, data protection, big data

Procedia PDF Downloads 61

Authors: Ananya Gangavarapu

Abstract:

Convolutional Neural Networks (CNN) based models are providing diagnostic capabilities on par with the medical specialists in many specialty areas. However, collecting the medical data for training purposes is very challenging because of the increased regulations around data collections and privacy concerns around personal health data. The gathering of the data becomes even more difficult if the capture devices are edge-based mobile devices (like smartphones) with feeble wireless connectivity in rural/remote areas. In this paper, I would like to highlight Federated Learning approach to mitigate data privacy and security issues.

Keywords: deep learning in healthcare, data privacy, federated learning, training in distributed environment

Procedia PDF Downloads 113

Authors: Hashim Ali, Sheheryar Khan

Abstract:

Security for applications is always been a keen issue of concern. In general, security is to allow access of grant to legal user or to deny non-authorized access to the system. Shoulder surfing is an observation technique to hack an account or to enter into a system. When a malicious observer is capturing or recording the fingers of a user while he is entering sensitive inputs (PIN, Passwords etc.) and may be able to observe user’s password credential. It is very rigorous for a novice user to prevent himself from shoulder surfing or unaided observer in a public place while accessing his account. In order to secure the user account, there are five factors of authentication; they are: “(i) something you have, (ii) something you are, (iii) something you know, (iv) somebody you know, (v) something you process”. A technique has been developed of fifth-factor authentication “something you process” to provide novel approach to the user. In this paper, we have applied position based operational code authentication in such a way to more easy and user friendly to the user.

Keywords: shoulder surfing, malicious observer, sensitive inputs, authentication

Procedia PDF Downloads 236

Authors: N. Meddeb, A. M. Makhlouf, M. A. Ben Ayed

Abstract:

Due to the real-time requirement of message in Vehicular Ad hoc NETworks (VANET), it is necessary to authenticate vehicles to achieve security, efficiency, and conditional privacy-preserving. Privacy is of utmost relevance in VANETs. For this reason, we have proposed a new protocol called ‘Multilevel Authentication Protocol’ (MAP) that considers different vehicle categories. The proposed protocol is based on our Multilevel Authentication protocol for Vehicular networks (MAVnet). But the MAP leads to human safety, where the priority is given to the ambulance vehicles. For evaluation, we used the Java language to develop a demo application and deployed it on the Network Security Simulation (Nessi2). Compared with existing authentication protocols, MAP markedly enhance the communication overhead and decreases the delay of exchanging messages while preserving conditional privacy.

Keywords: Vehicular Ad hoc NETworks (VANET), vehicle categories, safety, databases, privacy, authentication, throughput, delay

Procedia PDF Downloads 263

Authors: Taekyun Doo, Cheongmin Ji, Manpyo Hong

Abstract:

Like a closed-circuit television (CCTV), video surveillance system is widely placed for gathering video from unspecified people to prevent crime, surveillance, or many other purposes. However, abuse of CCTV brings about concerns of personal privacy invasions. In this paper, we propose an encryption method to protect personal privacy system in H.264 compressed video bitstream with encrypting only regions of interest (ROI). There is no need to change the existing video surveillance system. In addition, encrypting ROI in compressed video bitstream is a challenging work due to spatial and temporal drift errors. For this reason, we propose a novel drift mitigation method when ROI is encrypted. The proposed method was implemented by using JM reference software based on the H.264 compressed videos, and experimental results show the verification of our proposed methods and its effectiveness.

Keywords: H.264/AVC, video encryption, privacy protection, post compression, region of interest

Procedia PDF Downloads 315

Authors: N. A. Badrul

Abstract:

People are concerned that they are vulnerable as a result of what is exposed about them on the internet. Users are increasingly aware of their privacy and are making various efforts to protect their personal information. However, besides individuals themselves, organisations are also exposing personal information of their staff to the general public by publishing it on their official website. This practice may put individuals at risk and particularly vulnerable to threats. This preliminary study explores explicitly the amount and types of personal information disclosure from organisational websites. Threats and risks related to the disclosures are discussed. In general, all the examined organisational websites discloses personal information with varies identifiable degree of data.

Keywords: personal information, privacy, e-government, information disclosure

Procedia PDF Downloads 282

Authors: Victor Onomza Waziri, John K. Alhassan, Idris Ismaila, Noel Dogonyara

Abstract:

This paper describes the problem of building secure computational services for encrypted information in the Cloud. Computing without decrypting the encrypted data; therefore, it meets the yearning of computational encryption algorithmic aspiration model that could enhance the security of big data for privacy or confidentiality, availability and integrity of the data and user’s security. The cryptographic model applied for the computational process of the encrypted data is the Fully Homomorphic Encryption Scheme. We contribute a theoretical presentations in a high-level computational processes that are based on number theory that is derivable from abstract algebra which can easily be integrated and leveraged in the Cloud computing interface with detail theoretic mathematical concepts to the fully homomorphic encryption models. This contribution enhances the full implementation of big data analytics based on cryptographic security algorithm.

Keywords: big data analytics, security, privacy, bootstrapping, Fully Homomorphic Encryption Scheme

Procedia PDF Downloads 441

Authors: Suraina Sulong

Abstract:

Keyboard support is one of the main accessibility requirements for web pages and web applications for blind user. But it is not sufficient that the blind user can perform all actions on the page using the keyboard. In addition, designers of web sites or web applications have to make sure that keyboard users can use their pages with acceptable performance. We present GOMS models for navigation in web pages with specific task given to the blind user to accomplish. These models can be used to construct the user model for accessible website.

Keywords: GOMS analysis, usability factor, blind user, human computer interaction

Procedia PDF Downloads 128

Authors: Senthuran Manoharan, Rathesan Sivagananalingam

Abstract:

One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.

Keywords: authentication, adaptive authentication, machine learning, security

Procedia PDF Downloads 200

Authors: Minimol M. C.

Abstract:

The study provides insights into the consumer’s trust on user generated brand recommendations on social networking sites and also investigates the role of ad scepticism in generating consumer trust in user generated brand recommendations. The work contributes to a better understanding of trust development in the context of social networking sites. Specifically, the study reveals that not all dimensions of trustworthiness are equal. The individual user characteristics vary according to the person. The major finding of this study is that high degrees of trust toward user generated brand recommendations can be generated on the basis of high trust toward social networking sites and ad scepticism. Consumers trust the user generated brand recommendations based on the individual’s trust in the particular social networking platform and the level of their individual ad-scepticism. The study pinpoints that as consumers’ trust in user generated brand recommendations is affected by their trust in social networking sites, it is influenced by benevolence, integrity, the propensity to trust, and individual user characteristics to a great extent, and hence, it is imperative for brands should attempt to build on these factors so that they can engage consumers to generate user generated content on social media.

Keywords: Consumer trust, user-generated brand recommendations, ad scepticism, social networking sites

Procedia PDF Downloads 71

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 341

Authors: Devika Tanna

Abstract:

'Biometrics' means 'life measurement' but the term is usually associated with the use of unique physiological characteristics to identify an individual. It is important to secure the privacy of digital face image that is stored in central database. To impart privacy to such biometric face images, first, the digital face image is split into two host face images such that, each of it gives no idea of existence of the original face image and, then each cover image is stored in two different databases geographically apart. When both the cover images are simultaneously available then only we can access that original image. This can be achieved by using the XM2VTS and IMM face database, an adaptive algorithm for spatial greyscale. The algorithm helps to select the appropriate host images which are most likely to be compatible with the secret image stored in the central database based on its geometry and appearance. The encryption is done using GEVCS which results in a reconstructed image identical to the original private image.

Keywords: adaptive algorithm, database, host images, privacy, visual cryptography

Procedia PDF Downloads 99

Authors: Hana Almakky, Reza Sahandi, Jacqui Taylor

Abstract:

Social media continue to grow, and user interfaces may become more appealing if cultural characteristics are incorporated into their design. Facebook was designed in the west, and the original language was English. Subsequently, the words in the user interface were translated to other languages, including Arabic. Arabic words are written from right to left, and English is written from left to right. The translated version may misrepresent the original design and users preferences may influence their culture, which should be considered in the user interface design. Previous research indicates that users are more comfortable when interacting with a user interface, which relates to their own culture. Therefore, this paper, using a survey investigates the preferences of Saudi Arabian on the Arabic version of user interface of Facebook.

Keywords: culture, social media, user interface design, Facebook, Saudi Arabia

Procedia PDF Downloads 366

Authors: Sina Saadati

Abstract:

OpenSim is a well-known software in biomechanical studies. There are worthy algorithms developed in this program which are used for modeling and simulation of human motions. In this research, we analyze the OpenSim application from the computer science perspective. It is important that every application have a user-friendly interface. An effective user interface can decrease the time, costs, and energy needed to learn how to use a program. In this paper, we survey the user interface of OpenSim as an important factor of the software. Finally, we infer that there are many challenges to be addressed in the development of OpenSim.

Keywords: biomechanics, computer engineering, graphical user interface, modeling and simulation, interface effectiveness

Procedia PDF Downloads 54

Authors: Mafawez Alharbi, Mahdi Jemmali

Abstract:

E-learning is a developing area especially in education. E-learning can provide several benefits to learners. An intelligent system to collect all components satisfying user preferences is so important. This research presents an approach that it capable to personalize e-information and give the user their needs following their preferences. This proposal can make some knowledge after more evaluations made by the user. In addition, it can learn from the habit from the user. Finally, we show a walk-through to prove how intelligent process work.

Keywords: artificial intelligence, architecture, e-learning, software engineering, processing

Procedia PDF Downloads 160

Authors: Gunasekaran Raja, Rajakumar Arul, Kottilingam Kottursamy, Ramkumar Jayaraman, Sathya Pavithra, Swaminathan Venkatraman

Abstract:

Wireless Interoperability for Microwave Access (WiMAX) utilizes the IEEE 802.1X mechanism for authentication. However, this mechanism incurs considerable delay during handoffs. This delay during handoffs results in service disruption which becomes a severe bottleneck. To overcome this delay, our article proposes a key caching mechanism based on user path prediction. If the user mobility follows that path, the user bypasses the normal IEEE 802.1X mechanism and establishes the necessary authentication keys directly. Through analytical and simulation modeling, we have proved that our mechanism effectively decreases the handoff delay thereby achieving fast authentication.

Keywords: authentication, authorization, and accounting (AAA), handoff, mobile, user path prediction (UPP) and user pattern

Procedia PDF Downloads 363

Authors: Abdullah Al Mamun, Talal Alkharobi

Abstract:

As data size is growing up, people are became more familiar to store big amount of secret information into cloud storage. Companies are always required to need transfer massive business files from one end to another. We are going to lose privacy if we transmit it as it is and continuing same scenario repeatedly without securing the communication mechanism means proper encryption. Although asymmetric key encryption solves the main problem of symmetric key encryption but it can only encrypt limited size of data which is inapplicable for large data encryption. In this paper we propose a probable approach of pretty good privacy for encrypt big data using both symmetric and asymmetric keys. Our goal is to achieve encrypt huge collection information and transmit it through a secure communication channel for committing the business and personal privacy. To justify our method an experimental dataset from three different platform is provided. We would like to show that our approach is working for massive size of various data efficiently and reliably.

Keywords: big data, cloud computing, cryptography, hadoop, public key

Procedia PDF Downloads 297

Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo

Abstract:

This paper introduces an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.

Keywords: cloud, enhancing security, fog, IoT, telehealth

Procedia PDF Downloads 35

Authors: Suman Podder

Abstract:

As Australian ‘Open Banking’ allows customers to share their financial data with accredited Third-Party Providers (‘TPPs’), it is necessary to evaluate whether the regulators have achieved the balance between protecting customer data privacy and promoting data-related innovation. Recognising the need to increase customers’ influence on their own data, and the benefits of data-related innovation, the Australian Government introduced ‘Consumer Data Right’ (‘CDR’) to the banking sector through Open Banking regulation. Under Open Banking, TPPs can access customers’ banking data that allows the TPPs to tailor their products and services to meet customer needs at a more competitive price. This facilitated access and use of customer data will promote innovation by providing opportunities for new products and business models to emerge and grow. However, the success of Open Banking depends on the willingness of the customers to share their data, so the regulators have augmented the protection of data by introducing new privacy safeguards to instill confidence and trust in the system. The dilemma in policymaking is that, on the one hand, lenient data privacy laws will help the flow of information, but at the risk of individuals’ loss of privacy, on the other hand, stringent laws that adequately protect privacy may dissuade innovation. Using theoretical and doctrinal methods, this paper examines whether the privacy safeguards under Open Banking will add to the compliance burden of the participating financial institutions, resulting in the undesirable effect of stifling other policy objectives such as innovation. The contribution of this research is three-fold. In the emerging field of customer data sharing, this research is one of the few academic studies on the objectives and impact of Open Banking in the Australian context. Additionally, Open Banking is still in the early stages of implementation, so this research traces the evolution of Open Banking through policy debates regarding the desirability of customer data-sharing. Finally, the research focuses not only on the customers’ data privacy and juxtaposes it with another important objective of promoting innovation, but it also highlights the critical issues facing the data-sharing regime. This paper argues that while it is challenging to develop a regulatory framework for protecting data privacy without impeding innovation and jeopardising yet unknown opportunities, data privacy and innovation promote different aspects of customer welfare. This paper concludes that if a regulation is appropriately designed and implemented, the benefits of data-sharing will outweigh the cost of compliance with the CDR.

Keywords: consumer data right, innovation, open banking, privacy safeguards

Procedia PDF Downloads 112

Authors: Rupan Preet Kaur

Abstract:

This article reviewed the potential of artificial intelligence in the field of identity and access management (IAM) and identity governance and administration (IGA), the most critical pillars of any organization. The power of leveraging AI in the most complex and huge user base environment was outlined by simplifying and streamlining the user access approvals and re-certifications without any impact on the user productivity and at the same time strengthening the overall compliance of IAM landscape. Certain challenges encountered in the current state were detailed where majority of organizations are still lacking maturity in the data integrity aspect. Finally, this paper concluded that within the realm of possibility, users and application owners can reap the benefits of unified approach provided by AI to improve the user experience, improve overall efficiency, and strengthen the risk posture.

Keywords: artificial intelligence, machine learning, user access review, access approval

Procedia PDF Downloads 60

Authors: Aofan Liu, Qianqian Tan, Burra Venkata Durga Kumar

Abstract:

Data security is of the utmost importance in the healthcare area, as sensitive patient information is constantly sent around and analyzed by many different parties. The use of federated learning, which enables data to be evaluated locally on devices rather than being transferred to a central server, has emerged as a potential solution for protecting the privacy of user information. To protect against data breaches and unauthorized access, federated learning alone might not be adequate. In this context, the application of blockchain technology could provide the system extra protection. This study proposes a distributed federated learning system that is built on blockchain technology in order to enhance security in healthcare. This makes it possible for a wide variety of healthcare providers to work together on data analysis without raising concerns about the confidentiality of the data. The technical aspects of the system, including as the design and implementation of distributed learning algorithms, consensus mechanisms, and smart contracts, are also investigated as part of this process. The technique that was offered is a workable alternative that addresses concerns about the safety of healthcare while also fostering collaborative research and the interchange of data.

Keywords: data privacy, distributed system, federated learning, machine learning

Procedia PDF Downloads 81

Authors: Seulbi Choi, Hyunchul Ahn

Abstract:

Collaborative filtering (CF) algorithm has been popularly used for recommender systems in both academic and practical applications. It basically generates recommendation results using users’ numeric ratings. However, the additional use of the information other than user ratings may lead to better accuracy of CF. Considering that a lot of people are likely to share their honest opinion on the items they purchased recently due to the advent of the Web 2.0, user's review can be regarded as the new informative source for identifying user's preference with accuracy. Under this background, this study presents a hybrid recommender system that fuses CF and user's review mining. Our system adopts conventional memory-based CF, but it is designed to use both user’s numeric ratings and his/her text reviews on the items when calculating similarities between users.

Keywords: Recommender system, Collaborative filtering, Text mining, Review mining

Procedia PDF Downloads 307

Authors: Valeria M. Bastos, Myrian A. Costa, Matheus Ambrozio, Nelson F. F. Ebecken

Abstract:

In this paper a very simple and effective user administration view of computing clusters systems is implemented in order of friendly provide the configuration and monitoring of distributed application executions. The user view, the administrator view, and an internal control module create an illusionary management environment for better system usability. The architecture, properties, performance, and the comparison with others software for cluster management are briefly commented.

Keywords: big data, computing clusters, administration view, user view

Procedia PDF Downloads 299

Authors: Behnam Zahednejad, Saeed Kosari

Abstract:

Widespread deployment of Internet of Things (IoT) has raised security and privacy issues in this environment. Designing a secure two-factor authentication scheme between the user and server is still a challenging task. In this paper, we focus on Cancelable Biometric (CB) as an authentication factor in IoT. We show that previous CB-based scheme fail to provide real two-factor security, Perfect Forward Secrecy (PFS) and suffer database attacks and traceability of the user. Then we propose our improved scheme based on CB and Physically Unclonable Functions (PUF), which can provide real two-factor security, PFS, user’s unlinkability, and resistance to database attack. In addition, Key Compromise Impersonation (KCI) resilience is achieved in our scheme. We also prove the security of our proposed scheme formally using both Real-Or-Random (RoR) model and the ProVerif analysis tool. For the usability of our scheme, we conducted a performance analysis and showed that our scheme has the least communication cost compared to the previous CB-based scheme. The computational cost of our scheme is also acceptable for the IoT environment.

Keywords: IoT, two-factor security, cancelable biometric, key compromise impersonation resilience, perfect forward secrecy, database attack, real-or-random model, ProVerif

Procedia PDF Downloads 72