2,755 research outputs found
Conceivable security risks and authentication techniques for smart devices
With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques
e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices
To facilitate monitoring and management, modern Implantable Medical Devices
(IMDs) are often equipped with wireless capabilities, which raise the risk of
malicious access to IMDs. Although schemes are proposed to secure the IMD
access, some issues are still open. First, pre-sharing a long-term key between
a patient's IMD and a doctor's programmer is vulnerable since once the doctor's
programmer is compromised, all of her patients suffer; establishing a temporary
key by leveraging proximity gets rid of pre-shared keys, but as the approach
lacks real authentication, it can be exploited by nearby adversaries or through
man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one
of the most important design goals, few schemes explore to lower the
communication and computation overhead all at once. Finally, how to safely
record the commands issued by doctors for the purpose of forensics, which can
be the last measure to protect the patients' rights, is commonly omitted in the
existing literature. Motivated by these important yet open problems, we propose
an innovative scheme e-SAFE, which significantly improves security and safety,
reduces the communication overhead and enables IMD-access forensics. We present
a novel lightweight compressive sensing based encryption algorithm to encrypt
and compress the IMD data simultaneously, reducing the data transmission
overhead by over 50% while ensuring high data confidentiality and usability.
Furthermore, we provide a suite of protocols regarding device pairing,
dual-factor authentication, and accountability-enabled access. The security
analysis and performance evaluation show the validity and efficiency of the
proposed scheme
Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography
Several recent works have proposed and implemented cryptography as a means to
preserve privacy and security of patients health data. Nevertheless, the
weakest point of electronic health record (EHR) systems that relied on these
cryptographic schemes is key management. Thus, this paper presents the
development of privacy and security system for cryptography-based-EHR by taking
advantage of the uniqueness of fingerprint and iris characteristic features to
secure cryptographic keys in a bio-cryptography framework. The results of the
system evaluation showed significant improvements in terms of time efficiency
of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy
commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the
likelihood of imposters gaining successful access to the keys protecting
patients protected health information. This result also justifies the
feasibility of implementing fuzzy key binding scheme in real applications,
especially fuzzy vault which demonstrated a better performance during key
reconstruction
Authentication of Students and Students’ Work in E-Learning : Report for the Development Bid of Academic Year 2010/11
Global e-learning market is projected to reach $107.3 billion by 2015 according to a new report by The Global Industry Analyst (Analyst 2010). The popularity and growth of the online programmes within the School of Computer Science obviously is in line with this projection. However, also on the rise are students’ dishonesty and cheating in the open and virtual environment of e-learning courses (Shepherd 2008). Institutions offering e-learning programmes are facing the challenges of deterring and detecting these misbehaviours by introducing security mechanisms to the current e-learning platforms. In particular, authenticating that a registered student indeed takes an online assessment, e.g., an exam or a coursework, is essential for the institutions to give the credit to the correct candidate. Authenticating a student is to ensure that a student is indeed who he says he is. Authenticating a student’s work goes one step further to ensure that an authenticated student indeed does the submitted work himself. This report is to investigate and compare current possible techniques and solutions for authenticating distance learning student and/or their work remotely for the elearning programmes. The report also aims to recommend some solutions that fit with UH StudyNet platform.Submitted Versio
Frictionless Authentication Systems: Emerging Trends, Research Challenges and Opportunities
Authentication and authorization are critical security layers to protect a
wide range of online systems, services and content. However, the increased
prevalence of wearable and mobile devices, the expectations of a frictionless
experience and the diverse user environments will challenge the way users are
authenticated. Consumers demand secure and privacy-aware access from any
device, whenever and wherever they are, without any obstacles. This paper
reviews emerging trends and challenges with frictionless authentication systems
and identifies opportunities for further research related to the enrollment of
users, the usability of authentication schemes, as well as security and privacy
trade-offs of mobile and wearable continuous authentication systems.Comment: published at the 11th International Conference on Emerging Security
Information, Systems and Technologies (SECURWARE 2017
- …