Your search keyword '"COMPUTER access control"' showing total 8,047 results

101. Hybrid Biometric Based Person Identification Using Machine Learning.

Author

N., Venkata Ramana, H. Nair, S. Anu, and Kumar, K. P. Sanal

Subjects

*HUMAN fingerprints, *MACHINE learning, *COMPUTER access control, *BIOMETRY, *MODERN society, *AIRPORT safety

Abstract

When compared to the more traditional methods of authentication, biometric systems offer a much higher level of protection for a wide range of uses (like pin, passwords etc.). Various sectors of modern society can find use for biometric systems. Among these are authentication for computers, attendance tracking for businesses, financial transactions, safeguarding private information, securing access to buildings, and ensuring the safety of travellers at airports. Identifying and verifying individuals via their unique physical and behavioural characteristics is the primary function of the biometric system. Importance of biometric systems in modern society is analysed in this paper. Single-trait biometric user recognition is currently used, but it does not offer sufficient security for critical programmes. Multimodal biometric systems are used to get around these issues. Physical and behavioural characteristics, like fingerprints and DNA, signatures and fingerprints, etc., are all part of a multimodal biometric system's arsenal for authenticating users. In addition to the hard biometric features already mentioned (skin colour, age, height, hair colour, eye colour, gender, etc.), the use of a person's soft biometric traits is becoming increasingly common. While soft biometrics can be used to boost the efficiency of biometric systems that focus on other characteristics, they are not without their own set of drawbacks, such as a lack of permanence and distinctive behaviour. User authentication, security, and performance are all boosted by the work presented in this paper using Machine learning (F-SVM -Fuzzy-Support Vector Machine) model. [ABSTRACT FROM AUTHOR]

Published

2022

102. Secured Cloud Communication Using Lightweight Hash Authentication with PUF.

Author

Padmavathy, R. and Rajkumar, M. Newlin

Subjects

CLOUD computing, INTERNET of things, COMPUTER access control, SMART devices, DATA management

Abstract

Internet-of-Things (IoT) is an awaited technology in real-world applications to process daily tasks using intelligent techniques. The main process of data in IoT involves communication, integration, and coordination with other real-world applications. The security of transferred, stored, and processed data in IoT is not ensured in many constraints. Internet-enabled smart devices are widely used among populations for all types of applications, thus increasing the popularity of IoT among widely used server technologies. Smart grid is used in this article with IoT to manage large data. A smart grid is a collection of numerous users in the network with the fastest response time. This article aims to provide high authentication to the smart grid, which constitutes secure communication in cloud-based IoT. Many IoT devices are deployed openly in all places. This open-access is vulnerable toward cloning attacks. Authentication is a significant process that provides strength while attacking. The security of the cloud and IoT must be computationally high. A lightweight authentication using hashing technique is proposed considering the aforementioned condition. The main factor of the authentication involves physically unclonable functions, which are utilized in improving the performance of the authentication. The proposed approach is evaluated with the existing techniques. Results show that the performance of the proposed algorithm provides high robust security. [ABSTRACT FROM AUTHOR]

Published

2022

103. Cooperative Detection Method for DDoS Attacks Based on Blockchain.

Author

Jieren Cheng, Xinzhi Yao, Hui Li, Hao Lu, Naixue Xiong, Ping Luo, Le Liu, Hao Guo, and Wen Feng

Subjects

DENIAL of service attacks, BLOCKCHAINS, DATA transmission systems, COMPUTER access control, DATA integrity

Abstract

Distributed Denial of Service (DDoS) attacks is always one of the major problems for service providers. Using blockchain to detect DDoS attacks is one of the current popular methods. However, the problems of high time overhead and cost exist in the most of the blockchain methods for detecting DDoS attacks. This paper proposes a blockchain-based collaborative detection method for DDoS attacks. First, the trained DDoS attack detection model is encrypted by the Intel Software Guard Extensions (SGX), which provides high security for uploading the DDoS attack detection model to the blockchain. Secondly, the service provider uploads the encrypted model to Inter Planetary File System (IPFS) and then a corresponding Content-ID (CID) is generated by IPFS which greatly saves the cost of uploading encrypted models to the blockchain. In addition, due to the small amount of model data, the time cost of uploading the DDoS attack detection model is greatly reduced. Finally, through the blockchain and smart contracts, the CID is distributed to other service providers, who can use the CID to download the corresponding DDoS attack detection model from IPFS. Blockchain provides a decentralized, trusted and tamper-proof environment for service providers. Besides, smart contracts and IPFS greatly improve the distribution efficiency of the model, while the distribution of CID greatly improves the efficiency of the transmission on the blockchain. In this way, the purpose of collaborative detection can be achieved, and the time cost of transmission on blockchain and IPFS can be considerably saved. We designed a blockchain-based DDoS attack collaborative detection framework to improve the data transmission efficiency on the blockchain, and use IPFS to greatly reduce the cost of the distribution model. In the experiment, compared with most blockchain-based method for DDoS attack detection, the proposed model using blockchain distribution shows the advantages of low cost and latency. The remote authentication mechanism of Intel SGX provides high security and integrity, and ensures the availability of distributed models. [ABSTRACT FROM AUTHOR]

Published

2022

104. Framework for implementing a big data ecosystem in organizations.

Author

Orenga-Roglá, Sergio and Chalmeta, Ricardo

Subjects

*BIG data, *INFORMATION storage & retrieval systems, *DATA mining, *COMPUTER access control, COMPUTERS in decision making

Abstract

Featuring the various dimensions of data management, it guides organizations through implementation fundamentals. [ABSTRACT FROM AUTHOR]

Published

2019

105. DEEP FAKES: An Authenticity Challenge.

Author

Patterson, Michael A.

Subjects

DEEPFAKES, VIDEO tapes in courtroom proceedings, COMPUTER access control, BLOCKCHAINS, DIGITAL forensics

Published

2023

106. A combined authentication strategy for public cloud using attribute based encryption.

Author

Madhiraju, Priyanka, Kumar, M. Praveen, and Praveena, B. J.

Subjects

*ACCESS control, *COMPUTER access control, *MULTI-factor authentication

Abstract

Whenever we are deploying data in public cloud, we are doing with semi-reliable cloud servers present outside the data owner's reliable domain. To avoid hazardous service providers trying to access delicate data from data owners we are encrypting that data. In this situation conducting the authentication approach over the data becomes a very tough task. So, by using Attribute -Based encryption we can provide access policies among the attributes which can proved flexibility, secured access controls over the deployed data. But we have a problem with ABE that it does not support the access control mechanisms by combination. Here in this proposed paper, we are applying a scheme where different users who are having different attribute sets can approach the data using collaboration provided if the data owner accepts the combination with that access policy. If the combination is not designed in access policy, then it is considered as conspiracy and request is denied. So, we introduce attribute-based combined authentication strategy through assigning translation nodes in the access format. [ABSTRACT FROM AUTHOR]

Published

2022

107. Understanding Non-Fungible Token (NFT) Purchase Motivations.

Author

Haried, Peter and Murray, James

Subjects

NON-fungible tokens, BLOCKCHAINS, PROPERTY rights, COMPUTER access control, SPORTS collectibles

Abstract

The growing popularity of nonfungible tokens (NFTs) has created a new digital collectibles asset class and market. NFTs are unique digital tokens built on blockchain technology that can represent anything from art, property rights, certificates of authentication to sports collectibles. The use of the blockchain provides the framework for digital ownership and brings the notion of scarcity to the digital NFT asset class. With the emerging NFT market and growing consumer base little work has investigated the motivations behind NFT purchases. Thus, in this exploratory study we plan to analyze purchase motivation factors of NFTs by reviewing tweets made on Twitter regarding NBA TopShot. NBA TopShot is one of the largest and most popular NFT platforms for sports collectibles. This research is one of the first to examine the factors explaining NFT purchase motivations and could provide early insights for practitioners and academics interested in exploring NFTs. [ABSTRACT FROM AUTHOR]

Published

2022

108. Perceptions of Risk and Security Concerns with Mobile Devices using Biometric vs Traditional Authentication Methods.

Author

Mitra, Sinjini and Barlow, Jordan B.

Subjects

COMPUTER access control, BIOMETRIC identification, RISK perception, DATA security, INFORMATION resources management

Abstract

Authentication methods on mobile devices provide an important layer of security. Many types of authentication methods exist, some traditional and some biometric-based. In this study, we use a survey method to examine whether the presence and type of an authentication method affect perceptions of risk and security concerns around three specific types of mobile device actions: banking, health, and activities with personally identifiable information (PII). We also survey users’ general perceptions of trust, usefulness, convenience, and ease of use toward authentication methods, both traditional and biometric. We find that users’ perceptions of risk and security concerns change when users consider the type of authentication method present on a device. While traditional methods are still more familiar to most users, we also find that perceptions of biometric-based methods are more similar to perceptions of traditional methods than in the past. [ABSTRACT FROM AUTHOR]

Published

2022

109. A survey on face template protection methods.

Author

Barčić, Ena, Tomičić, Igor, and Harjač, Mario

Subjects

BIOMETRIC identification, COMPUTER access control

Abstract

Biometric authentication has become one of the most popular ways of protecting information, with techniques such as "face unlocking" becoming more and more prevalent. For the purpose of authentication, a face image needs to be saved in the form of a template. To ensure that our information is protected, biometric face template protection methods have been created. In this paper we will present an overview of template protection methods, show their effectiveness and their uses. [ABSTRACT FROM AUTHOR]

Published

2022

110. THE EMERGENCE OF LIMINAL CYBERSPACE - CHALLENGES FOR THE ONTOLOGICAL WORK IN CYBERSECURITY.

Author

Vuorinen, Jukka and Uusitupa, Ville

Subjects

ONTOLOGY, CYBERSPACE, INTERNET security, COVID-19 pandemic, COMPUTER access control

Abstract

This philosophy-oriented paper examines cybersecurity and its ontological work in relation to spaces which are created by conventional perimeter security model and Zero Trust model. We argue that security works by a code of inclusion and exclusion, e.g., an individual user seeking access is either included or excluded in relation to the system. Therefore, cybersecurity divides the space through employing the code of inclusion/exclusion which directly affects the agency of users. We examine how the growing complexity of network environment makes information and cybersecurity to struggle with the simplicity of the inclusion/exclusion code. The simplified bifurcation is held by maintaining a strict order of the space for included users (i.e., how users and devices can behave once they are let in). Furthermore, we analyse the emergence of liminal spaces that contain both included and excluded actors. Liminal spaces, which have increased during the pandemic era, provide an intriguing spot through which security can be examined in terms of what it does, how it works out the ontological status (included/excluded) of its subjects. [ABSTRACT FROM AUTHOR]

Published

2022

111. A Review of Reversible Data Hiding-Encrypted Image(RDH-EI) Methods.

Author

Hammod, Dalal Naeem

Subjects

INFORMATION technology, DIGITAL technology, IMAGE reconstruction, COMPUTER access control, DATA security

Abstract

Copyright of Journal of Engineering Sciences & Information Technology is the property of Arab Journal of Sciences & Research Publishing (AJSRP) and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2022

112. Light Weight Authentication Scheme for Smart Home IoT Devices.

Author

Kumar, Vipin, Malik, Navneet, Singla, Jimmy, Jhanjhi, N. Z., Amsaad, Fathi, and Razaque, Abdul

Subjects

*COMPUTER access control, *COMPUTER networks, *COMPUTER science, *COMPUTER security, *QUANTUM computers

Abstract

In today's world, the use of computer networks is everywhere, and to access the home network we use the Internet. IoT networks are the new range of these networks in which we try to connect different home appliances and try to give commands from a remote place. Access to any device over an insecure network invites various types of attacks. User authentication can be performed using some password or biometric technique. However, when it comes to authenticating a device, it becomes challenging to maintain data security over a secure network such as the Internet. Many encryptions and decryption algorithms assert confidentiality, and hash code or message authentication code MAC is used for authentication. Traditional cryptographic security methods are expensive in terms of computational resources such as memory, processing capacity, and power consumption. They are incompatible with the Internet of Things devices that have limited resources. Although automatic Device-to-Device communication enables new potential applications, the limited resources of the networks' machines and devices impose various constraints. This paper proposes a home device authentication scheme when these are accessed from a remote place. An authentication device is used for the home network and controller device to control home appliances. Our scheme can prevent various attacks such as replay attacks, server spoofing, and man-in-the-middle attack. The proposed scheme maintains the confidentiality and authenticity of the user and devices in the network. At the same time, we check the system in a simulated environment, and the results show that the network's performance does not degrade much in terms of delay, throughput, and energy consumed. [ABSTRACT FROM AUTHOR]

Published

2022

113. Binary Multifold Encryption Technique for Complex Cloud Systems.

Author

Mary, N. Ansgar and Latha, T.

Subjects

DATA encryption, CLOUD computing, CRYPTOGRAPHY, COMPUTER access control, EXPERIMENTAL design

Abstract

Data security is a major cloud computing issue due to different user transactions in the system. The evolution of cryptography and cryptographic analysis are regarded domains of current research. deoxyribo nucleic acid (DNA) cryptography makes use of DNA as a sensing platform, which is then manipulated using a variety of molecular methods. Many security mechanisms including knowledgebased authentication, two-factor authentication, adaptive authentication, multifactor authentication and single password authentication have been deployed. These cryptographic techniques have been developed to ensure confidentiality, but most of them are based on complex mathematical calculations and equations. In the proposed approach, a novel and unique Hybrid helix scuttle-deoxy ribo nucleic acids (HHS-DNA) encryption algorithm has been proposed which is inspired by DNA cryptography and Helix scuttle. The proposed HHS-DNA is a type of multifold binary version of DNA (MF-BDNA). The major role of this paper is to present a multifold HHS-DNA algorithm to encrypt the cloud data assuring more security with less complexity. The experimentation is carried out and it reduces the encryption time, cipher text size, and improves throughput. When compared with previous techniques, there is a 45% improvement in throughput, 37% fast in encryption time, 54.67% cipher text size. The relevant experimental results and foregoing analysis show that this method is of good robustness, stability, and security. [ABSTRACT FROM AUTHOR]

Published

2022

114. E-Authentication System Using QR Code & OTP.

Author

Ataelfadiel, Mohammed Awad Mohammed

Subjects

WIRELESS communications, COMPUTER passwords, CLIENT/SERVER computing, COMPUTER access control, DATA analysis

Abstract

With the fast expansion of wireless communication technology, user authentication is becoming increasingly vital in order to assure the system's security. Passwords serve a vital part in the authentication process. The user's password will be submitted with the traffic to the authentication server during the authentication procedure, allowing the server to provide access to the authorized user. The invaders will take advantage of the opportunity to try to sniff out other people's passwords in order to carry out illicit acts under the guise of someone else's identity, keeping them out of danger. Many methods have been offered to improve the security of wireless communication technologies as a result of the challenges. The recommended approach will be utilized to improve the system's security in this study. Onetime passwords, hashing, and two-factor authentication were chosen as the solution. There will also be a new solution that uses the QR code to assist preserve more data. The system outcome's goal is to improve the present login authentication mechanism. It proposes ways to make password cracking more difficult, as well as persuade people to pick and use tough-to-guess passwords. [ABSTRACT FROM AUTHOR]

Published

2022

115. Anonymous Authenticated Key Agreement and Group Proof Protocol for Wearable Computing.

Author

Guo, Yimin, Zhang, Zhenfeng, and Guo, Yajun

Subjects

COMPUTER access control, PUBLIC key cryptography, ROBOTIC exoskeletons

Abstract

Wearable computing has been used in a wide range of applications. But wearable computing often suffers from various security and privacy issues. To solve these issues, many effective authentication schemes have been proposed. However, most of the existing schemes are vulnerable to various known attacks (such as desynchronization attack, privileged-insider attack, and anonymity attack), or require high computation and communication costs, and are not suitable for resource-constrained wearable devices, or simultaneous verification of multiple wearable devices is not supported. Therefore, in this paper, we propose a new anonymous authentication and group proof protocol for wearable computing, which achieves mutual authentication between the wearable device and user and between user and cloud server, and generates a group proof for multiple wearable devices. Further, we extend the Real-Or-Random (ROR) model to support anonymity and group proof, and formally prove that the proposed scheme is provably secure under the extended security model. In addition, the informal security analysis is demonstrated that the proposed scheme is more resilient against known attacks. Finally, compared with some existing schemes, the proposed scheme offers more functionality features and requires less communication and computation costs. [ABSTRACT FROM AUTHOR]

Published

2022

116. Encrypted speech perceptual hashing authentication algorithm based on improved 2D-Henon encryption and harmonic product spectrum.

Author

Huang, Yi-bo, Chen, Teng-fei, Zhang, Qiu-yu, Zhang, Yuan, and Yan, Shao-hui

Subjects

IMAGE encryption, COMPUTER access control, FEATURE extraction, SPEECH, ALGORITHMS

Abstract

The existing speech authentication algorithms use plaintext speech for hashing structure, and save the generated hashing sequence in the cloud, which is easy to cause hashing sequence leakage. At the same time, the robustness and matching accuracy of speech signal under complex noise are low, which will cause serious deviations in authentication. In order to solve the above problems, this paper proposes an encrypted speech perceptual hashing authentication algorithm based on improved two-dimensional Henon chaotic map (2D-Henon) encryption and harmonic product spectrum (HPS). Firstly, the algorithm sets the key for the improved 2D-Henon and transforms the original speech to encrypted speech. And then, feature extraction is performed on the encrypted speech signal to obtain the HPS feature matrix, and perform mapping and dimensionality reduction on the HPS matrix. Finally, the threshold is selected for binarization, and the perceptual hashing sequence is constructed. Experimental results show that the algorithm adopts encrypted speech perceptual hashing sequence, which improves the security of hashing sequence storage. The encrypted speech signal can reduce the amplitude of signal change, which has strong discrimination and robustness, and also has better matching accuracy against complex noise. [ABSTRACT FROM AUTHOR]

Published

2022

117. Cloud Data Encryption and Authentication Based on Enhanced Merkle Hash Tree Method.

Author

Jayaprakash, J. Stanly, Balasubramanian, Kishore, Sulaiman, Rossilawati, Mohammad Kamrul Hasan, Parameshachari, B. D., and Iwendi, Celestine

Subjects

CLOUD storage, ADVANCED Encryption Standard, UPLOADING of data, DATA warehousing, DATA encryption, DATA editing, COMPUTER access control, DATA integrity

Abstract

Many organizations apply cloud computing to store and effectively process data for various applications. The user uploads the data in the cloud has less security due to the unreliable verification process of data integrity. In this research, an enhanced Merkle hash tree method of effective authentication model is proposed in the multi-owner cloud to increase the security of the cloud data. Merkle Hash tree applies the leaf nodes with a hash tag and the non-leaf node contains the table of hash information of child to encrypt the large data. Merkle Hash tree provides the efficient mapping of data and easily identifies the changes made in the data due to proper structure. The developed model supports privacy-preserving public auditing to provide a secure cloud storage system. The data owners upload the data in the cloud and edit the data using the private key. An enhanced Merkle hash tree method stores the data in the cloud server and splits it into batches. The data files requested by the data owner are audit by a third-party auditor and the multi-owner authentication method is applied during the modification process to authenticate the user. The result shows that the proposed method reduces the encryption and decryption time for cloud data storage by 2-167 ms when compared to the existing Advanced Encryption Standard and Blowfish. [ABSTRACT FROM AUTHOR]

Published

2022

118. User Authentication Mechanism for Access Control Management: A Comprehensive Study.

Author

LONE, SAJAAD AHMED and MIR, A. H.

Subjects

COMPUTER access control, INTERNET of things, BIOMETRIC identification, MULTI-factor authentication, DATA security

Abstract

The threat of cyberattacks is growing in all sectors today, including banks, governments, healthcare institutions and other organizations due to the exponential increase in cloud, IOT and smart devices utilization in recent years. When it comes to protecting organizations' and clients' information and privacy in security risks, there is a strong desire to develop and use more secure authentication techniques. This paper presents an overview of authentication techniques built on the fundamental authentication metrics, i.e., knowledge, ownership, and biometrics, their advantages, limits, and open issues, and future possibilities for developing secure authentication techniques for securing critical and sensitive information. [ABSTRACT FROM AUTHOR]

Published

2022

119. Data Democratization for Value Creation: Despite the risks and challenges, data democratization has the potential to unleash the full power of company data.

Author

Brands, Kristine M.

Subjects

*VALUE creation, *ENERGY industries, *DEMOCRATIZATION, *COMPUTER access control, *CHIEF data officers

Abstract

The article discusses the potential of data democratization to unleash the full power of company data despite the risks and challenges. Topics include forecast on the four C's of global data such as created, copied, captured, and consumed, according to market and consumer data provider Statistica, between 2022 and 2025; advantage for data democratization; and ten-step plan to implement data democratization.

Published

2023

120. Build a Web Application on Firebase.

Author

Koyya, Krishna Mohan

Subjects

WEB-based user interfaces, WEB hosting, DATABASES, COMPUTER access control

Abstract

The article discusses developing a complete single-page web application on Firebase using its services, namely FireStore, authentication, and hosting. It mentions the step-by-step procedure to be followed to configure Firebase to maintain a journal of events, including creating the project, setting up the database, and setting up authentication. This application can be improved by adding authentication via sign-in providers like Google and a feature to edit journal entries and upload images.

Published

2022

121. LEOBAT: Lightweight encryption and OTP based authentication technique for securing IoT networks.

Author

Goel, Aarti, Sharma, Deepak Kumar, and Gupta, Koyel Datta

Subjects

*INTERNET of things, *DATA encryption, *TELECOMMUNICATION systems, *ENCRYPTION protocols, *COMPUTER access control, *CLOUD computing, *MULTI-factor authentication, *DRUG-eluting stents

Abstract

Authentication is one of the foremost pillars in the Internet of Things (IoT) security that authenticates the identity of a device or a person with the help of a unique identification number. If authentication is compromised then an intruder can gain access and launch a variety of attacks on the network. The world of IoT devices is benefiting us in many ways, but the vulnerability of becoming a victim of cybercrime is also increasing at a rapid pace. This research paper proposes an authentication‐based solution for designing a secure communication network to ensure safe access to data and stop attackers from any unauthorized access to various IoT applications using cryptography and cloud computing. The proposed work is then compared with other popular cryptosystems such as Secure Internet of Things (SIT), Data Encryption Standard (DES) and Blowfish. LEOBAT is simulated using MATLAB and proves to be a fast and efficient authentication technique. [ABSTRACT FROM AUTHOR]

Published

2022

122. A Novel ES-RwCNN Based Finger Vein Recognition System with Effective L12 DTP Descriptor and AWM-WOA Selection.

Author

Gautam, Ajai Kumar and Kapoor, Rajiv

Subjects

*FINGERS, *AUTOMATED teller machines, *COMPUTER access control, *CONVOLUTIONAL neural networks, *VEINS, *ONLINE banking

Abstract

Fingerprints, faces, and also irises are Biometrics, which are extensively utilized in several recognition applications comprising door access control, automatic teller machines, personal authentication for computers, Internet banking, along with border-crossing controls with recent augments in security necessities. The unique patterns of finger veins (FV) are utilized by Finger vein recognition (FVR) for detecting individuals at a high-level accuracy. However, on account of the existence of artifacts, irregular shading, distortions, etc., precise FV detection is a difficult task. A framework for identifying FV is created by the work to offer a precise biometric authorization utilizing Enhanced Sigmoid Reweighted based Convolutional Neural Network (ESRwCNN). The image is initially pre-processed by the framework via executing rotation, cropping, resizing, and normalization for avoiding unwilling distortions. Utilizing Trapezoid Membership Function-Based Contrast Limited Adaptive Histogram Equalization (TMF-CLAHE), the preprocessed image is followed with contrast enhancement (CE) that intensifies the image by evading irregular shading and vein posture deformation along with upgrades the accuracy rate. After that, utilizing the Local 12 direction texture pattern (L12DTP) and Canny Edge method, knowledgeable textural and edge features (EF) are extracted. For attaining the most informative features, an Adaptive Weight Mutated Whale Optimization Algorithm (AWM-WOA) technique is formed by the work that enhances the model's accuracy and decreases the computational complexity (CC). Finally, for identifying the authorized person, the chosen features are presented to ESRwCNN. The work attains a low information loss by achieving a 0.971 correlation betwixt the pre-processed image and the original image (OI), as shown by the experimental analysis. Classification accuracy (CA) of 97.05% is attained by the framework. It avoids misclassification by acquiring a 3.53% False Positive Rate (FPR) and 2.35% False Rejection Rate (FRR). It continues to be comparatively efficient analogized to the existing methods. [ABSTRACT FROM AUTHOR]

Published

2022

123. EFFICIENT OTP GENERATION WITH ENCRYPTION AND DECRYPTION FOR SECURE FILE ACCESS IN CLOUD ENVIRONMENT.

Author

Manjupargavi, R. and Srinath, M. V.

Subjects

DATA encryption, COMPUTER access control, INFORMATION retrieval, DATA security, COMPUTER systems, CLOUD computing

Abstract

Cloud Computing (CC) has grown increasingly important in recent years, and the security issues related to the cloud model are also on the rise. The most used computer system authentication mechanism is One Time Password (OTP) which is easier and more successful than other techniques while being subject to assaults such as eavesdropping and replay attacks. This study proposes the use of the OTP mechanism to tackle this problem. The user must utilize the OTP provided by the cloud environment, which is produced using the random function, to strengthen the security of data retrieval from the cloud. Documents may be safeguarded against unauthorized users using this OTP (secret key) generation or creation mechanism. Then it offers data encryption, which safeguards data files from a cloud provider. To encrypt the file, the cryptography library uses a symmetric approach based on the same key to encrypt and decode the file. The cryptography packages have been introduced in this work to provide built-in functions for key generation, cipher text encryption, and cipher text decryptions utilizing both encrypt and decrypt methodologies. The fernet module ensures that data encrypted with it cannot be edited or read if the key is not there. This will make it easier to exchange public data with other cloud users who have been verified. The processing time for secure authentication with OTP creation using 4, 6, 8, and 10 digits is reduced to 0.0016, 0.0028, 0.0035, and 0.0042 seconds, respectively, while the elapsed time for Encryption and Decryption algorithms such as Reverse Cipher, Caesar Cipher, and ROT13 is 0.00025, 0.00065, and 0.00207s. [ABSTRACT FROM AUTHOR]

Published

2022

124. The Implementation of zk-SNARK HH Authentication on IoT Protocols.

Author

Kusyanti, Ari, Santoso, Nurudin, Ainunnazah, Puspita, and Maulana, Luthfi

Subjects

INTERNET of things, COMPUTER network security, MULTI-factor authentication, COMPUTER storage devices, COMPUTER access control

Abstract

CoAP and MQTT are messaging protocols in the application layer of the IoT architecture. Both protocols, in general, have not been equipped with certain authentication schemes to cope with the network security gap. Without an authentication mechanism, the protocol is prone to mand-in-the middle attacks. Addressing this issue, the present study attempted to implement an authentication scheme using zk-SNARK Homomorphic Hiding (HH). This authentication mechanism does not require a token exchange and is safe from an eavesdropper. In this study, zk-SNARK HH was implemented to CoAP and MQTT protocols. The performance of both protocols was compared. The result of the study indicates that zk-SNARK was successfully implemented in CoAP and MQTT protocols. The result of the independent sample t-test presented a significant difference in COAP and MQTT memory usage where MQTT required larger memory. Regarding time execution, no significant difference was noticed. To conclude, CoAP may serve as an alternative when zk-SNARK is implemented in a device with limited memory as it requires lower memory and has an execution time that is not significantly different from MQTT. [ABSTRACT FROM AUTHOR]

Published

2022

125. A Chosen Random Value Attack on WPA3 SAE Authentication Protocol.

Author

SHENG SUN

Subjects

COMPUTER passwords, WIRELESS Internet, COMPUTER security, COMPUTER access control, IMPERSONATION

Abstract

Simultaneous Authentication of Equals (SAE) is a password-authenticated key exchange protocol that is designed to replace theWPA2-PSK-based authentication. The SAE authenticated key exchange protocol supports the peer-to-peer authentication and is one of the major authentication mechanisms of the Authentication and Key Management Suite specified within Wi-Fi. The SAE authenticated key exchange protocol has beenwidely implemented in today's Wi-Fi devices as part of major security feature upgrades and is regarded as the third generation of Wi-Fi Protected Access. This article presents a way of attacking the weaker randomness generation algorithm within the SAE protocols, which can lead to successful impersonation types of attacks. We also suggest some protocol amendments for protection. It is recommended that SAE implementations should be upgraded to ensure protection against these attacks. [ABSTRACT FROM AUTHOR]

Published

2022

126. DeFi: The Financial Fabric of the Metaverse.

Author

Horne, Peter

Subjects

CRYPTOCURRENCIES, PAYMENT systems, NON-fungible tokens, REAL economy, COMPUTER access control, COMPUTER programmers, DIGITAL currency

Published

2022

127. Secure Authentication and Key Agreement Protocol for Cloud-Assisted Industrial Internet of Things.

Author

Hu, Huanhuan, Liao, Longxia, and Zhao, Junhui

Subjects

COMPUTER access control, INTERNET of things, MULTI-factor authentication, KEY agreement protocols (Computer network protocols), INTELLIGENT sensors, SENSOR placement, CHEBYSHEV polynomials, SMART cards

Abstract

With the expansion of the Industrial Internet of Things (IIoT), real-time data collected by smart sensors deployed in factories are shared over open channels , which may cause unauthorized access of transmitted messages by adversaries, thus causing the problem of privacy leakage. User authentication is the first line of defense for security protection in the IIoT environment. In this paper, we propose a cloud—assisted authentication scheme based on Chebyshev polynomial encryption, in which only authorized users can access the sensing devices in the Internet of Things (IoT) to obtain real-time data. The scheme uses fuzzy extraction technology to verify biometric characteristics. There are three factors to verify the user's login request: the smart card, password and the user's personal biometrics. The commonly adopted formal security analysis, the ROR model, is applied to prove the semantic security of session key, and a detailed informal security analysis is performed to show that the proposed scheme can withstand multiple known attacks. Compared with other related user authentication schemes, the proposed scheme provides several extra functionality features, including offline sensor node registration, updating user passwords and biometrics, adding new sensor node deployment, user anonymity and untraceability. In addition, the cost of computation, communication and security is compared with similar schemes, and results show that our scheme has more security performance while the cost is acceptable. [ABSTRACT FROM AUTHOR]

Published

2022

128. Lightweight and Secure Mutual Authentication Scheme for IoT Devices Using CoAP Protocol.

Author

Oliver, S. Gladson and Purusothaman, T.

Subjects

COMPUTER access control, VIRTUAL networks, INTERNET of things, DENIAL of service attacks, COMPUTER science

Abstract

Internet of things enables every real world objects to be seamlessly integrated with traditional internet. Heterogeneous objects of real world are enhanced with capability to communicate, computing capabilities and standards to interoperate with existing network and these entities are resource constrained and vulnerable to various security attacks. Huge number of research works are being carried out to analyze various possible attacks and to propose standards for securing communication between devices in internet of things (IoT). In this article, a robust and lightweight authentication scheme for mutual authentication between client and server using constrained application protocol is proposed. Internet of things enables devices with different characteristics and capabilities to be integrated with internet. These heterogeneous devices should interoperate with each other to accumulate, process and transmit data for facilitating smart services. The growth of IoT applications leads to the rapid growth of IoT devices incorporated to the global network and network traffic over the traditional network. This scheme greatly reduces the authentication overhead between the devices by reducing the packet size of messages, number of messages transmitted and processing overhead on communicating devices. Efficiency of this authentication scheme against attacks such as DoS (denial of service), replay attacks and attacks to exhaust the resources are also examined. Message transmission time reduced upto 50% of using proposed techniques. [ABSTRACT FROM AUTHOR]

Published

2022

129. An Authentication Based Approach for Prevention of Spectrum Sensing Data Falsification Attacks in Cognitive Radio Network.

Author

Marriwala, Nikhil, Punj, Himanshu, Panda, Sunita, Kaur, Inderjeet, and Rathore, Deepak

Subjects

FALSIFICATION of data, COGNITIVE radio, SENSE data, RADIO networks, SPECTRUM allocation, COMPUTER network security, COMPUTER access control

Abstract

This is the era of Intelligent Cognitive Radio Network (CRN) technology that provides the available spectrum with efficient utilization. Cognitive Radio (CR) technology must promise to allow interference-free spectrum access by users. The paper discusses the several attacks and motives of attacks. The authentication mechanism role to prevent the attacks for hassle-free spectrum utilization is demonstrated. In this paper, resolving the cognitive network security issues by the authentication mechanism and the methods and need of authentication is discussed. This paper addresses the research challenges in the way of securing the CRN and countermeasures in CRN security strategies. Spectrum sensing data falsification (SSDF) attack is most disruptive in which the malicious users degrade the decision-making process by sending the false sensing reports to data fusion center's thus preventing honest users from utilizing the spectrum. In this paper, to counter the SSDF attack, the trust-based security mechanism is demonstrated to authenticate the honest users and it is observed that the proposed framework in the MATLAB environment is efficient and able to detect malicious users. CR technology is the strategy applied to the spectrum to make it efficient for wireless communication. The strategy is an intelligent way to access the spectrum as it can learn its environment and make decisions by easy adaptation of operating parameters. The initial step is to sense the spectrum available further steps are spectrum decision making, spectrum management, and spectrum mobility. The network is vulnerable to various attacks on spectrum sensing and policy protocols which lead to disturbing functionality of CR technology. The defence mechanism based on public-key cryptography is proposed in which the Primary User (PU) is authenticated by appending signature provided to PU signal. Authentication with a tag to the primary users is another perspective proposed. CRN technology should provide integrity, confidentiality and authenticity to the users. [ABSTRACT FROM AUTHOR]

Published

2022

130. A Novel Framework for Open-Set Authentication of Internet of Things Using Limited Devices.

Author

Huang, Keju, Yang, Junan, Hu, Pengjiang, and Liu, Hui

Subjects

*DEEP learning, *INTERNET of things, *AUTOMATIC dependent surveillance-broadcast, *COMPUTER access control

Abstract

The Internet of Things (IoT) is promising to transform a wide range of fields. However, the open nature of IoT makes it exposed to cybersecurity threats, among which identity spoofing is a typical example. Physical layer authentication, which identifies IoT devices based on the physical layer characteristics of signals, serves as an effective way to counteract identity spoofing. In this paper, we propose a deep learning-based framework for the open-set authentication of IoT devices. Specifically, additive angular margin softmax (AAMSoftmax) was utilized to enhance the discriminability of learned features and a modified OpenMAX classifier was employed to adaptively identify authorized devices and distinguish unauthorized ones. The experimental results for both simulated data and real ADS–B (Automatic Dependent Surveillance–Broadcast) data indicate that our framework achieved superior performance compared to current approaches, especially when the number of devices used for training is limited. [ABSTRACT FROM AUTHOR]

Published

2022

131. 基于生物特征识别的门限身份认证方案.

Author

刘 尧, 郭 帅, and 杨晓元

Subjects

*BIOMETRIC identification, *DATA protection, *OFFICIAL secrets, *PROBLEM solving, *BIOMETRY, *COMPUTER access control, *MULTI-factor authentication

Abstract

In the traditional biometric identity authentication system, for the protection of important targets, the single user identity authentication scheme has the problem of excessive user authority. In order to solve such problems, this paper used the BGN semi-homomorphic encryption algorithm and Shamir secret sharing to design a threshold identity authentication scheme based on biometrics. This scheme mainly used the BGN homomorphic encryption algorithm on the bilinear pair for data protection, and used a third-party authentication center for secret division. The server authenticated the user's identity in the ciphertext state to achieve threshold identity authentication. Through the performance analysis of the scheme, the safety and efficiency of the scheme are verified. [ABSTRACT FROM AUTHOR]

Published

2022

132. Secured Vehicle Life Cycle Tracking Using Blockchain and Smart Contract.

Author

Bragadeesh, Srinivasan Ananthanarayanan and Umamakeswari, Arumugam

Subjects

BLOCKCHAINS, STAKEHOLDERS, DATA encryption, SUPPORT vector machines, COMPUTER access control

Abstract

Life Cycle Tracking (LCT) involves continuous monitoring and analysis of various activities associated with a vehicle. The crucial factor in the LCT is to ensure the validity of gathered data as numerous supply chain phases are involved and the data is assessed by multiple stakeholders. Frauds and swindling activities can be prevented if the history of the vehicles is made available to the interested parties. Blockchain provides a way of enforcing trustworthiness to the supply chain participants and the data associated with the various actions performed. Machine learning techniques when combined decentralized nature of blockchains can be used to develop a robust Vehicle LCT model. In the proposed work, Harmonic Optimized Gradient Descent and Łukasiewicz Fuzzy (HOGDLF) Vehicle Life Cycle Tracking in Cloud Environment is proposed and it involves three stages. First, the Progressive Harmonic Optimized User Registration and Authentication model is designed for computationally efficient registration and authentication. Next, for the authentic user, the Gradient Descent Blockchain-based SVM Data Encryption model is designed with minimum CPU utilization. Finally, Łukasiewicz Fuzzy Smart Contract Verification is performed with encrypted data to ensure accurate and precise fraudulent activity deduction. The experimental analysis shows that the proposed method achieves significant performance in terms of life cycle's prediction time, overhead, and accuracy for a different number of users. [ABSTRACT FROM AUTHOR]

Published

2022

133. IPTV Access Methods with RADIUS-Server Authorization.

Author

Kovtsur, Maxim Mikhailovich, Muthanna, Ammar, Ridha Al-Khafaji, Hamza Mohammed, Karelsky, Pavel, Kozmyan, Alexander, and Voroshnin, Grigorii

Subjects

DATA transmission systems, COMPUTER access control, ACCESS control, TELECOMMUNICATION channels, MATHEMATICAL models

Abstract

Security is one of the most important aspects of data transmission. To provide controlled access to the network, user authorization and authentication are often used with the help of an AAA server. RADIUS servers provide users with access to data, user authentication, and configuration information. When designing networks with such access control method implementation, it is necessary to understand how the characteristics of the communication channel affect the switching time of IP-TV channels, and therefore the overall quality of IPTV services. The principles of the main protocols for IP-TV using a RADIUS server are described. The main parameters of the communication channel were identified. The mathematical model and the graphs demonstrate how IP-TV service access time depends on telecommunication channel parameters. The results of a practical experiment are presented to prove the formed mathematical model. The results of a practical experiment and theoretical calculation are compared. [ABSTRACT FROM AUTHOR]

Published

2022

134. A hybrid system for monitoring and automated recovery at the Glasgow Tier-2 cluster.

Author

Simili, Emanuele, Stewart, Gordon, Roy, Gareth, Skipsey, Samuel, and Britton, David

Subjects

*HYBRID systems, *DASHBOARDS (Management information systems), *CONFIGURATION management, *WORKFLOW management systems, *COMPUTER access control, *GRID computing

Abstract

We have deployed a central monitoring and logging system based on Prometheus, Loki and Grafana that collects, aggregates and displays metrics and logs from the Tier-2 ScotGrid cluster at Glasgow. Bespoke dashboards built on Prometheus metrics give a quick overview of cluster performance and make it easy to identify issues. Logs from all nodes and services are collected to a central Loki server and retained over time. This integrated system provides a full overview of the cluster's health and has become an essential tool for daily maintenance and in the investigation of any issue. The system includes an automated alerting application that parses metrics and logs and can send notifications when specified conditions are met, and as a further step toward automation, can also perform simple recovery actions based on well known issues and their encoded solutions. The general purpose is to create a more resilient Tier-2 cluster where human intervention is kept to a minimum. Given the funding constraints experienced by many academic research institutions, this promises to free staff from routine tasks, allowing them to address their expertise to more interesting problems. In this paper, we describe the tools and set-up of the existing monitoring system, the automated recovery methods implemented so far, and the plan for further automation. [ABSTRACT FROM AUTHOR]

Published

2021

135. WLCG Token Usage and Discovery.

Author

Bockelman, Brian, Ceccanti, Andrea, Dack, Thomas, Dykstra, Dave, Litmaath, Maarten, Sallé, Mischa, and Short, Hannah

Subjects

*LARGE Hadron Collider, *GRID computing, *COMPUTER access control, *MIDDLEWARE, *WORKFLOW management systems

Abstract

Since 2017, the Worldwide LHC Computing Grid (WLCG) has been working towards enabling token based authentication and authorisation throughout its entire middleware stack. Following the publication of the WLCG Common JSON Web Token (JWT) Schema v1.0 [1] in 2019, middleware developers have been able to enhance their services to consume and validate the JWT-based [2] OAuth2.0 [3] tokens and process the authorization information they convey. Complex scenarios, involving multiple delegation steps and command line flows, are a key challenge to be addressed in order for the system to be fully operational. This paper expands on the anticipated token based workflows, with a particular focus on local storage of tokens and their discovery by services. The authors include a walk-through of this token flow in the RUCIO managed data-transfer scenario, including delegation to FTS and authorised access to storage elements. Next steps are presented, including the current target of submitting production jobs authorised by Tokens within 2021. [ABSTRACT FROM AUTHOR]

Published

2021

136. Secure Command Line Solution for Token-based Authentication.

Author

Dykstra, Dave, Altunay, Mine, and Teheran, Jeny

Subjects

*WEB browsers, *HIGH performance computing, *MANAGEMENT software, *OPEN source software, *COMPUTER access control, *VIRTUAL corporations

Abstract

The WLCG is modernizing its security infrastructure, replacing X.509 client authentication with the newer industry standard of JSON Web Tokens (JWTs) obtained through the Open ID Connect (OIDC) protocol. There is a wide variety of software available using the standards, but most of it is for Web browser-based applications and doesn't adapt well to the command line-based software used heavily in High Throughput Computing (HTC). OIDC command line client software did exist, but it did not meet our requirements for security and convenience. This paper discusses a command line solution we have made based on the popular existing secrets management software from Hashicorp called vault. We made a package called htvault-config to easily configure a vault service and another called htgettoken to be the vault client. In addition, we have integrated use of the tools into the HTCondor workload management system, although they also work well independent of HTCondor. All of the software is open source, under active development, and ready for use. [ABSTRACT FROM AUTHOR]

Published

2021

137. LHC Data Storage: Preparing for the Challenges of Run-3.

Author

Arsuaga-Rios, Maria, Bahyl, Vladimír, Batalha, Manuel, Caffy, Cédric, Cano, Eric, Capitoni, Niccolo, Contescu, Cristian, Davis, Michael, Fernandez Alvarez, David, Guenther, Jaroslav, Karavakis, Edouardos, Keeble, Oliver, Leduc, Julien, Luchetti, Fabio, Mascetti, Luca, Murray, Steven, Patrascoiu, Mihai, Peters, Andreas, Kamil Simon, Michal, and Sindrilaru, Elvin

Subjects

*LARGE Hadron Collider, *FILE Transfer Protocol (Computer network protocol), *PHYSICS experiments, *COMPUTER access control, *QUEUEING networks

Abstract

The CERN IT Storage Group ensures the symbiotic development and operations of storage and data transfer services for all CERN physics data, in particular the data generated by the four LHC experiments (ALICE, ATLAS, CMS and LHCb). In order to accomplish the objectives of the next run of the LHC (Run-3), the Storage Group has undertaken a thorough analysis of the experiments' requirements, matching them to the appropriate storage and data transfer solutions, and undergoing a rigorous programme of testing to identify and solve any issues before the start of Run-3. In this paper, we present the main challenges presented by each of the four LHC experiments. We describe their workflows, in particular how they communicate with and use the key components provided by the Storage Group: the EOS disk storage system; its archival back-end, the CERN Tape Archive (CTA); and the File Transfer Service (FTS). We also describe the validation and commissioning tests that have been undertaken and challenges overcome: the ATLAS stress tests to push their DAQ system to its limits; the CMS migration from PhEDEx to Rucio, followed by large-scale tests between EOS and CTA with the new FTS "archive monitoring" feature; the LHCb Tier-0 to Tier-1 staging tests and XRootD Third Party Copy (TPC) validation; and the erasure coding performance in ALICE. [ABSTRACT FROM AUTHOR]

Published

2021

138. Accounting in the CloudVeneto private cloud.

Author

Andreetto, Paolo, Costa, Fulvia, Crescente, Alberto, Fantinel, Sergio, Fanzago, Federica, Lazzaro, Loris, Mazzon, Paolo Emilio, Menguzzato, Matteo, Sella, Gianpietro, Sgaravatto, Massimo, Traldi, Sergio, Verlato, Marco, and Zangrando, Lisa

Subjects

*CLOUD computing, *MIDDLEWARE, *COMPUTER access control, *DATA analytics, *GRAPHICS processing units

Abstract

CloudVeneto is a private cloud implemented as the result of merging two existing cloud infrastructures: the INFN Cloud Area Padovana, and a private cloud owned by 10 departments of University of Padova. This infrastructure is a full production facility, in continuous growth, both in terms of users, and in terms of computing and storage resources. Even if the usage of CloudVeneto is not regulated by a strict pay-per-use model, the availability of accounting information for such infrastructure is a requirement, to detect if the resources allocated to the user communities are effciently used, and to perform an effective capacity planning. We present in this paper how the accounting system used in CloudVeneto evolved over time, focusing on the accounting framework being used now, implemented by integrating existing components. [ABSTRACT FROM AUTHOR]

Published

2021

139. The new (and improved!) CERN Single-Sign-On.

Author

Ahmad, Adeel, Aguado Corman, Asier, Fava, Maria, Georgiou, Maria V., Rische, Julien, Schuszter, Ioan Cristian, Short, Hannah, and Tedesco, Paolo

Subjects

*COMPUTER access control, *OPEN source software, *CONFIGURATION management, *DATA security failures, *CHANGE management

Abstract

The new CERN Single-Sign-On (SSO), built around an open source stack, has been in production for over a year and many CERN users are already familiar with its approach to authentication, either as a developer or as an end user. What is visible upon logging in, however, is only the tip of the iceberg. Behind the scenes there has been a significant amount of work taking place to migrate accounts management and to decouple Kerberos [1] authentication from legacy Microsoft components. Along the way the team has been engaging with the community through multiple fora, to make sure that a solution is provided that not only replaces functionality but also improves the user experience for all CERN members. This paper will summarise key evolutions and clarify what is to come in the future. [ABSTRACT FROM AUTHOR]

Published

2021

140. Archival, anonymization and presentation of HTCondor logs with GlideinMonitor.

Author

Mambelli, Marco, Yancey, Mirica, and Hein, Thomas

Subjects

*WEB-based user interfaces, *DISTRIBUTED computing, *COMPUTER software development, *COMPUTER access control

Abstract

GlideinWMS is a pilot framework to provide uniform and reliable HTCondor clusters using heterogeneous resources. The Glideins are pilot jobs that are sent to the selected nodes, test them, set them up as desired by the user jobs, and ultimately start an HTCondor schedd to join an elastic pool. These Glideins collect information that is very useful to evaluate the health and efficiency of the worker nodes and invaluable to troubleshoot when something goes wrong. This data, including local stats, the results of all the tests, and the HTCondor log files, is packed and sent to the GlideinWMS Factory. To access this information, developers and troubleshooters must exchange emails with Factory operators and dig manually into files. Furthermore, these files contain also information like email and IP addresses, and user IDs, that we want to protect and limit access to. GlideinMonitor is a Web application to make these logs more accessible and useful: it organizes the logs in an efficient compressed archive; it allows to search, unpack, and inspect them, all in a convenient and secure Web interface; via plugins like the log anonymizer, it can redact protected information preserving the parts useful for troubleshooting. [ABSTRACT FROM AUTHOR]

Published

2021

141. The evolution of the CMS monitoring infrastructure.

Author

Ariza-Porras, Christian, Kuznetsov, Valentin, Legger, Federica, Indra, Rahul, Tuckus, Nikodemas, and Uzunoglu, Ceyhun

Subjects

*LARGE Hadron Collider, *DISTRIBUTED computing, *INFORMATION technology, *AUTOMATION, *COMPUTER access control, *DATA management

Abstract

The CMS experiment at the CERN LHC (Large Hadron Collider) relies on a distributed computing infrastructure to process the multi-petabyte datasets where the collision and simulated data are stored. A scalable and reliable monitoring system is required to ensure efficient operation of the distributed computing services, and to provide a comprehensive set of measurements of the system performances. In this paper we present the full stack of CMS monitoring applications, partly based on the MONIT infrastructure, a suite of monitoring services provided by the CERN IT department. These are complemented by a set of applications developed over the last few years by CMS, leveraging open-source technologies that are industry-standards in the IT world, such as Kubernetes and Prometheus. We discuss how this choice helped the adoption of common monitoring solutions within the experiment, and increased the level of automation in the operation and deployment of our services. [ABSTRACT FROM AUTHOR]

Published

2021

142. The Challenges of Open Source Software Alternatives.

Author

Chionis-Koufakos, Aristofanis, Dimou, Maria, and Kolodziejski, Michal

Subjects

*OPEN source software, *COMPUTER software development, *WEB-based user interfaces, *SWITCHING costs, *COMPUTER access control, *WEB browsers

Abstract

Developing an Open Source Software application is a challenge. Mainly because there are commercial alternatives that have an army of expert developers behind them, experienced supporters and wellestablished business processes in their development and promotion. Nevertheless, web-based applications, that securely handle the users' personal data are an area of freedom and ease of use, features that make such applications very attractive. The "ease-of-use" part is very hard to achieve, for the developers and the end-users. Dependencies change often in OSS packages, so the fear that something breaks is always around the corner. If the application looks attractive, additional user requirements fall like rain. This poses a problem of continuity, maintenance and operational quality of the packages. In this paper and presentation we shall share our experience in building such a tool, using https://cern.ch/slides, as a showcase and a learning exercise. We shall describe what was available, what was missing, how it was put together, how much effort it took, and what was achieved. [ABSTRACT FROM AUTHOR]

Published

2021

143. ARE YOU WHO YOU SAY YOU ARE? COMPUTER SCIENCE AND THE PROBLEM OF DIVINE SELF‐AUTHENTICATION.

Subjects

*COMPUTER access control, *REFORMED Church doctrines, *REFLECTION (Philosophy), *HOLY Spirit, *DECEPTION

Abstract

A vital axiom of Reformed theology is that God is who God claims to be, and that he acts to "self‐authenticate" his identity to humans through the internal witness of the Holy Spirit. But how ought theologians to represent and make sense of the multiform nature of divine self‐authentication (DSA)? And can their models account for the various kinds of evidence God utilizes in acts of DSA, or explain why doubt and deception about divine identity persists despite it? Operating at the intersection of theology and computer science, this study examines how modern authentication technologies can deepen theological reflection upon the nature, evidence, and efficacy of DSA. It proposes that computer authentication "trust systems": (1) offer a valuable schematic for representing the variegated structural patterns inherent in DSA; (2) shed critical light on the forms and functions of evidence used in DSA; and (3) provide strategies and practical measures for offsetting the continuing risk of deception about human and divine identity. [ABSTRACT FROM AUTHOR]

Published

2022

144. Evaluation of Machine Learning Algorithms for the Detection of Fake Bank Currency.

Author

Rajarao, P. B. V., Murthy, B. S. N., Lavanya, Kuppala, Lakshmi, Kurapati Chaitanya, Naga Praveen, Lingolu Satya Surya, and Lokesh, Gadi Sai

Subjects

*MACHINE learning, *BANK notes, *AUTOMATION, *COMPUTER access control, *QUANTITATIVE research

Abstract

In order to sabotage our country's currency, criminals have introduced counterfeit notes that look like the real thing into the financial market. In the wake of the country's demonetization, a lot of fake currency is circulating. In general, it is difficult for a human being to distinguish a forged note from a genuine one, as many features of a forged note are similar to those of the original one. It's difficult to tell the difference between a real bank note and a fake one. Because of this, there must be an automated system that can be found in banks or ATMs. It is necessary to design an efficient algorithm that can predict whether a banknote is genuine or forged in order to create such an automated system, as counterfeit banknotes are extremely precise. Bank currency authentication can be detected using six supervised machine learning algorithms that were tested on a dataset from the UCI machine learning repository. On the basis of various quantitative analysis parameters such as Precision and Accuracy as well as MCC and F1-Score, we have applied Support Vector Machine (SVM), Random Forest (Random Forest), Logistic Regression (Logistic Regression), Naive Bayes, Decision Tree (K-Nearest Neighbor), and K-Nearest Neighbor (KNN). [ABSTRACT FROM AUTHOR]

Published

2022

145. Modelling an Intrusion Detection system using ensemble approach based on voting to improve accuracy of base classifiers.

Author

Wani, Anwaar Ahmad, Iqbal, Juneed, and Makhdoomi, Mudassir

Subjects

*INTRUSION detection systems (Computer security), *ONLINE information services, *COMPUTER systems, *ARTIFICIAL intelligence, *COMPUTER access control

Abstract

Security is always a major concern when people put their money or assets online. Since a network is an open road for data, unwanted users always try to make illegal use of these networks. Many important measures like authentication, authorization and use of firewalls were used in early stages to prevent such illegal access into systems. This work is aimed to study the various techniques and algorithms of an IDS and pick out some good techniques by doing a comparative study and then try to improve and overcome the design parameters of these techniques such that the overall design and functionality of an IDS is enhanced. In our proposed empirical/theoretical model the dataset which was reduced to a set of most prominent features based on experiment on three parameters. Intrusions are defined as activities or events that violate the confidentiality, integrity and availability of a computing system. Advancements in the field of artificial intelligence has given a different face to IDSs. In our model we have used three base classifiers. Our descriptive and comparative study helped us to short list the three algorithms. We have also taken a technique from the theory of induction through decision trees which is considered to be an ensemble in itself. Hence the overall accuracy of random trees is already better. This has helped to improve the overall accuracy of the proposed system. The final proposed model turned out to be more accurate and the time taken was also reduced by a large extent. [ABSTRACT FROM AUTHOR]

Published

2022

146. Dynamic Image Capturing System for CCTV Managing.

Author

S., Divya and S., Saranya

Subjects

*CLOSED-circuit television, *IMAGE analysis, *COMPUTER access control, *ALGORITHMS, *OBJECT tracking (Computer vision)

Abstract

A secured protocol is defined for permanent authentication through continuous user verification. The protocol determines respective timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. But the existing system does not own an identity of the user interacted with the system. The main mechanism of proposed framework includes object tracking for user interrupted motions, and colour profile variation, edge detection based variation and the usage of immediate motions. For the initialization of colour based tracking, extend a Bitmap Algorithm for robotically initializing contours at the first frame. For user interaction-based contour evolution, the anonymous shape in sequence and the local basis information are joined to compare the colour, for the handling of unexpected motions; pixel block is accepted to capture the global activity which is functional to the outline in the current frame to make an initial contour in the next frame. [ABSTRACT FROM AUTHOR]

Published

2022

147. Recursive Equation Approach of Information Hiding for Authentication of Digital Data.

Author

Sharma, Ruchika and Kumar, Vinay

Subjects

*COMPUTER access control, *RECURSIVE functions, *INFORMATION & communication technologies, *INTERNET content, *CRYPTOGRAPHY, *PIXELS

Abstract

As the Information communication technology advances, it has become crucial to ensure the originality of digital content. This paper focuses on using recursive equation approach of steganography to ensure authenticity of digital content. This is achieved by embedding hash value of the digital data in the same digital file. In this paper, we have taken 24 bit BMP files to implement the concept. We have used recursive equation of any order as key to find pixel location in the BMP file to embed the 128 bit MD5 value of the BMP file before its transmission. At the receiving end the MD5 is extracted from the zero bytes of BMP file and the original bits in extra bytes are restored before computing the MD5 value of the received and restored BMP. The two MD5 values are compared. Equality of the value authenticates the originality of BMP file. [ABSTRACT FROM AUTHOR]

Published

2022

148. Identity Governance Framework for Privileged Users.

Author

Alruwies, Mansour Hammoud, Mishra, Shailendra, and AlShehri, Mohammed Abdul Rahman

Subjects

INFORMATION technology, ASSET management, COMPUTER access control, INTERNET security, DATA analysis

Abstract

Information technology companies have grown in size and recognized the need to protect their valuable assets. As a result, each IT application has its authentication mechanism, and an employee needs a username and password. As the number of applications increased, as a result, it became increasingly complex to manage all identities like the number of usernames and passwords of an employee. All identities had to be retrieved by users. Both the identities and the access rights associated with those identities had to be protected by an administrator. Management couldn't even capture such access rights because they couldn't verify things like privacy and security. Identity management can help solve this problem. The concept behind identity management is to centralize identity management and manage access identity centrally rather than multiple applications with their authentication and authorization mechanisms. In this research work, we develop governance and an identity management framework for information and technology infrastructures with privileged access management, consisting of cybersecurity policies and strategies. The results show the efficiency of the framework compared to the existing information security components. The integrated identity and access management and privileged access management enable organizations to respond to incidents and facilitate compliance. It can automate use cases that manage privileged accounts in the real world. [ABSTRACT FROM AUTHOR]

Published

2022

149. Improving Unlinkability of Attribute-based Authentication through Game Theory.

Author

ZOLOTAVKIN, YEVHEN, JEONG, JONGKIL JAY, KUCHTA, VERONIKA, SLAVNENKO, MAKSYM, and DOSS, ROBIN

Subjects

GAME theory, COMPUTER access control, NASH equilibrium, MATHEMATICAL optimization, DECISION making

Abstract

This article first formalizes the problem of unlinkable attribute-based authentication in the system where each user possesses multiple assertions and uses them interchangeably. Currently, there are no recommendations for optimal usage of assertions in such authentication systems. To mitigate this issue, we use conditional entropy to measure the uncertainty for a Relying Party who attempts to link observed assertions with user labels. Conditional entropy is the function of usage statistics for all assertions in the system. Personal decisions made by the users about the usage of assertions contribute to these statistics. This collective effect from all the users impacts the unlinkability of authentication and must be studied using game theory. We specify several instances of the game where context information that is provided to the users differs. Through game theory and based on conditional entropy, we demonstrate how each user optimizes usage for the personal set of assertions. In the experiment, we substantiate the advantage of the proposed rational decision-making approaches: Unlinkability that we obtain under Nash equilibrium is higher than in the system where users authenticate using their assertions at random. We finally propose an algorithm that calculates equilibrium and assists users with the selection of assertions. This manifests that described techniques can be executed in realistic settings. This does not require modification of existing authentication protocols and can be implemented in platform-independent identity agents. As a use case, we describe how our technique can be used in Digital Credential Wallets: We suggest that unlinkability of authentication can be improved for Verifiable Credentials. [ABSTRACT FROM AUTHOR]

Published

2022

150. CRYPTOGRAPHIC METHOD BASED ON NATURAL-ELZAKI TRANSFORM.

Author

HUMA, ZILL E, RAHMAN, JAMSHAID UL, SULEMAN, MUHAMMAD, and ANJUM, NAVEED

Subjects

*DATA security, *CRYPTOGRAPHY, *DATA integrity, *COMPUTER access control, *LAPLACE distribution

Abstract

Securing data in this era of technology is the most challenging task. Cryptography is a practice of different techniques and methodologies for data confidentiality, data integrity, authentication, and non-repudiation. Many mathematical techniques are being used in cryptography from ancient times. The Laplace integral transforms and its inverse forms gain significant importance to design cryptographic methods. In this work, we propose cryptography methodology based on Natural and Elzaki transform and this study comprises a unique structure that provides Laplace-Elzaki and Sumudu-Elzaki methodologies. A generalized version of Laplace and Sumudu transform is also presented. [ABSTRACT FROM AUTHOR]

Published

2022