Identifying Comparison and Selection Criteria for Authentication Schemes and Methods

Multiple techniques exist for performing authentication such as text passwords and smart cards. Multi-factor authentication combines two or more of these techniques in order to enhance security. It is of interest to know what the current research on these authentication techniques is and what comparison and selection criteria exist that help in the decision of these techniques. A systematic literature review is performed in order to obtain the desired knowledge. Moreover, the found comparison and selection criteria are analyzed and organized in order to generate a list of criteria that can be used to help in the decision of authentication techniques in different situations. The results of this research help to cover the gap in literature that could be observed through literature, which is the lack of works that focus on the comparison and selection of authentication techniques.Sociedad Argentina de Informática e Investigación Operativ

Identifying Comparison and Selection Criteria for Authentication Schemes and Methods

Multiple techniques exist for performing authentication such as text passwords and smart cards. Multi-factor authentication combines two or more of these techniques in order to enhance security. It is of interest to know what the current research on these authentication techniques is and what comparison and selection criteria exist that help in the decision of these techniques. A systematic literature review is performed in order to obtain the desired knowledge. Moreover, the found comparison and selection criteria are analyzed and organized in order to generate a list of criteria that can be used to help in the decision of authentication techniques in different situations. The results of this research help to cover the gap in literature that could be observed through literature, which is the lack of works that focus on the comparison and selection of authentication techniques.Sociedad Argentina de Informática e Investigación Operativ

Using decoys to block SPIT in the IMS

Includes bibliographical references (leaves 106-111)In recent years, studies have shown that 80-85% of e-mails sent were spam. Another form of spam that has just surfaced is VoIP (Voice over Internet Telephony) spam. Currently, VoIP has seen an increasing numbers of users due to the cheap rates. With the introduction of the IMS (IP Multimedia Subsystem), the number of VoIP users are expected to increase dramatically. This calls for a cause of concern, as the tools and methods that have been used for blocking email spam may not be suitable for real-time voice calls. In addition, VoIP phones will have URI type addresses, so the same methods that were used to generate automated e-mail spam messages can be employed for unsolicited voice calls. Spammers will always be present to take advantage of and adapt to trends in communication technology. Therefore, it is important that IMS have structures in place to alleviate the problems of spam. Recent solutions proposed to block SPIT (Spam over Internet Telephony) have the following shortcomings: restricting the users to trusted senders, causing delays in voice call set-up, reducing the efficiency of the system by increasing burden on proxies which have to do some form of bayesian or statistical filtering, and requiring dramatic changes in the protocols being used. The proposed decoying system for the IMS fits well with the existing protocol structure, and customers are oblivious of its operation

A Correlation Framework for Continuous User Authentication Using Data Mining

Merged with duplicate records: 10026.1/572, 10026.1/334 and 10026.1/724 on 01.02.2017 by CS (TIS)The increasing security breaches revealed in recent surveys and security threats reported in the media reaffirms the lack of current security measures in IT systems. While most reported work in this area has focussed on enhancing the initial login stage in order to counteract against unauthorised access, there is still a problem detecting when an intruder has compromised the front line controls. This could pose a senous threat since any subsequent indicator of an intrusion in progress could be quite subtle and may remain hidden to the casual observer. Having passed the frontline controls and having the appropriate access privileges, the intruder may be in the position to do virtually anything without further challenge. This has caused interest'in the concept of continuous authentication, which inevitably involves the analysis of vast amounts of data. The primary objective of the research is to develop and evaluate a suitable correlation engine in order to automate the processes involved in authenticating and monitoring users in a networked system environment. The aim is to further develop the Anoinaly Detection module previously illustrated in a PhD thesis [I] as part of the conceptual architecture of an Intrusion Monitoring System (IMS) framework

A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

09192 Abstracts Collection -- From Quality of Service to Quality of Experience

From 05.05. to 08.05.2009, the Dagstuhl Seminar 09192 ``From Quality of Service to Quality of Experience\u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Programming exercises evaluation systems: an interoperability survey

Learning computer programming requires solving programming exercises. In computer programming courses teachers need to assess and give feedback to a large number of exercises. These tasks are time consuming and error-prone since there are many aspects relating to good programming that should be considered. In this context automatic assessment tools can play an important role helping teachers in grading tasks as well to assist students with automatic feedback. In spite of its usefulness, these tools lack integration mechanisms with other eLearning systems such as Learning Management Systems, Learning Objects Repositories or Integrated Development Environments. In this paper we provide a survey on programming evaluation systems. The survey gathers information on interoperability features of these systems, categorizing and comparing them regarding content and communication standardization. This work may prove useful to instructors and computer science educators when they have to choose an assessment system to be integrated in their e-Learning environment

Telecommunications Networks

This book guides readers through the basics of rapidly emerging networks to more advanced concepts and future expectations of Telecommunications Networks. It identifies and examines the most pressing research issues in Telecommunications and it contains chapters written by leading researchers, academics and industry professionals. Telecommunications Networks - Current Status and Future Trends covers surveys of recent publications that investigate key areas of interest such as: IMS, eTOM, 3G/4G, optimization problems, modeling, simulation, quality of service, etc. This book, that is suitable for both PhD and master students, is organized into six sections: New Generation Networks, Quality of Services, Sensor Networks, Telecommunications, Traffic Engineering and Routing