Roadmap on optical security

Postprint (author's final draft

Security Limitations with Cloud Computing: Well-defined Security Measures Using Cloud Computing

Due to the ever-growing threat of security breaches that information technology (IT) organizations continually face, protecting customer information stored in the cloud is critical to ensure data integrity. Research shows that new categories of data breaches frequently emerge; thus, security strategies that build trust in consumers and improve system performance are crucial. The purpose of this qualitative multiple case study was to explore and analyze the strategies used by database administrators (DBAs) to secure data in a private infrastructure as a service (IaaS) cloud environment. The participants comprised of six DBAs from two IT companies in Baltimore, Maryland, with experience and knowledge of security strategies to secure data in private IaaS clouds. The disruptive innovation theory was the foundational framework for this study. Data were collected using semistructured interviews and a review of seven organizational documents. A thematic analysis was used to analyze the data. Two key themes are addressed in this article: importance of well-defined security measures in cloud computing and limitations of existing security controls in cloud computing. The findings of well-defined security strategies may benefit DBAs and IT organizations by providing strategies that may prevent future data breaches. Well-defined security strategies may protect an individual’s data which, in turn, may promote individual well-being and build strong communities. Keywords: cloud computing, security strategies, data breaches DOI: 10.7176/JIEA/11-2-05 Publication date: June 30th 202

NAVI: Novel authentication with visual information

Text-based passwords, despite their well-known drawbacks, remain the dominant user authentication scheme implemented. Graphical password systems, based on visual information such as the recognition of photographs and / or pictures, have emerged as a promising alternative to the aggregate reliance on text passwords. Nevertheless, despite the advantages offered they have not been widely used in practice since many open issues need to be resolved. In this paper we propose a novel graphical password scheme, NAVI, where the credentials of the user are his username and a password formulated by drawing a route on a predefined map. We analyze the strength of the password generated by this scheme and present a prototype implementation in order to illustrate the feasibility of our proposal. Finally, we discuss NAVI’s security features and compare it with existing graphical password schemes as well as text-based passwords in terms of key security features, such aspassword keyspace, dictionary attacks and guessing attacks. The proposed scheme appears to have the same or better performance in the majority of the security features examined

A review of multi-factor authentication in the internet of healthcare things

Objective: This review paper aims to evaluate existing solutions in healthcare authentication and provides an insight into the technologies incorporated in Internet of Healthcare Things (IoHT) and multi-factor authentication (MFA) applications for next-generation authentication practices. Our review has two objectives: (a) Review MFA based on the challenges, impact and solutions discussed in the literature; and (b) define the security requirements of the IoHT as an approach to adapting MFA solutions in a healthcare context. Methods: To review the existing literature, we indexed articles from the IEEE Xplore, ACM Digital Library, ScienceDirect, and SpringerLink databases. The search was refined to combinations of ‘authentication’, ‘multi-factor authentication’, ‘Internet of Things authentication’, and ‘medical authentication’ to ensure that the retrieved journal articles and conference papers were relevant to healthcare and Internet of Things-oriented authentication research. Results: The concepts of MFA can be applied to healthcare where security can often be overlooked. The security requirements identified result in stronger methodologies of authentication such as hardware solutions in combination with biometric data to enhance MFA approaches. We identify the key vulnerabilities of weaker approaches to security such as password use against various cyber threats. Cyber threats and MFA solutions are categorised in this paper to facilitate readers’ understanding of them in healthcare domains. Conclusions: We contribute to an understanding of up-to-date MFA approaches and how they can be improved for use in the IoHT. This is achieved by discussing the challenges, benefits, and limitations of current methodologies and recommendations to improve access to eHealth resources through additional layers of security

A Study of Online Security Practices

abstract: Data from a total of 282 online web applications was collected, and accounts for 230 of those web applications were created in order to gather data about authentication practices, multistep authentication practices, security question practices, fallback authentication practices, and other security practices for online accounts. The account creation and data collection was done between June 2016 and April 2017. The password strengths for online accounts were analyzed and password strength data was compared to existing data. Security questions used by online accounts were evaluated for security and usability, and fallback authentication practices were assessed based on their adherence to best practices. Alternative authentication schemes were examined, and other security considerations such as use of HTTPS and CAPTCHAs were explored. Based on existing data, password policies require stronger passwords in for web applications in 2017 compared to the requirements in 2010. Nevertheless, password policies for many accounts are still not adequate. About a quarter of online web applications examined use security questions, and many of the questions have usability and security concerns. Security mechanisms such as HTTPS and continuous authentication are in general not used in conjunction with security questions for most web applications, which reduces the overall security of the web application. A majority of web applications use email addresses as the login credential and the password recovery credential and do not follow best practices. About a quarter of accounts use multistep authentication and a quarter of accounts employ continuous authentication, yet most accounts fail to combine security measures for defense in depth. The overall conclusion is that some online web applications are using secure practices; however, a majority of online web applications fail to properly implement and utilize secure practices.Dissertation/ThesisCombination of Security PracticesCoded Account Data for 282 and 230 Web ApplicationsPassword Recovery Statistics and GraphsPassword Policies Statistics and GraphsSecurity Question Statistics and GraphsMasters Thesis Computer Science 201

Security Strategies to Prevent Data Breaches in Infrastructure as a Service Cloud Computing

Due to the ever-growing threat of security breaches that information technology (IT) organizations continually face, protecting customer information stored within the cloud is critical to ensuring data integrity. Research shows that new categories of data breaches constantly emerge; thus, security strategies that build trust in consumers and improve system performance are a must. The purpose of this qualitative multiple case study was to explore and analyze the strategies used by database administrators (DBAs) to secure data in a private infrastructure as a service (IaaS) cloud computing. The participants comprised of 6 DBAs from 2 IT companies in Baltimore, Maryland, with experience and knowledge of security strategies to secure data in private IaaS cloud computing. The disruptive innovation theory was the conceptual framework for this study. Data were collected using semistructured interviews and a review of 7 organizational documents. A thematic analysis was used to analyze the data. Four key themes emerged: importance of well-defined security measures in cloud computing, measures to address security controls in cloud computing, limitations of existing security controls in cloud computing, and future and potential security measures solutions in cloud computing. The findings may benefit DBAs and IT organizations by providing strategies to prevent future data breaches. Well-defined security strategies may protect an individual’s data, which in turn may promote individual well-being and build strong communities

Combating shoulder-surfing: a hidden button gesture based scheme

This project describes an authentication technique that is shoulder-surfing resistant. Shoulder surfing is an attack in which an attacker can get access to private information by observing the user’s interaction with a terminal, or by using recording tools to record the user interaction and study the obtained data, with the objective of obtaining unauthorized access to a target user’s personal information. The technique described here relies on gestural analysis coupled with a secondary channel of authentication that uses button pressing. The thesis presents and evaluates multiple alternative algorithms for gesture analysis, and furthermore assesses the effectiveness of the technique.Universidade da Madeir

A secure lightweight authentication mechanism for IoT devices in generic domain

The Internet of Things prompt deployment enhances the security concerns of these systems in recent years. The enormous exchange of sensory information between devices raises the necessity for a secure authentication scheme for Internet of Things devices. Despite many proposed schemes, providing authenticated and secure communication for Internet of Things devices is still an open issue. This research addresses challenges pertaining to the Internet of Things authentication, verification, and communication, and proposes a new secure lightweight mechanism for Internet of Things devices in the generic domain. The proposed authentication method utilizes environmental variables obtained by sensors to allow the system to identify genuine devices and reject anomalous connections