1,922 research outputs found
Online at Will: A Novel Protocol for Mutual Authentication in Peer-to-Peer Networks for Patient-Centered Health Care Information Systems
Patient-centered health care information systems (PHSs) on peer-to-peer (P2P) networks promise decentralization benefits. P2P PHSs, such as decentralized personal health records or interoperable Covid-19 proximity trackers, can enhance data sovereignty and resilience to single points of failure, but the openness of P2P networks introduces new security issues. We propose a novel, simple, and secure mutual authentication protocol that supports offline access, leverages independent and stateless encryption services, and enables patients and medical professionals to establish secure connections when using P2P PHSs. Our protocol includes a virtual smart card (software-based) feature to ease integration of authentication features of emerging national health-IT infrastructures. The security evaluation shows that our protocol resists most online and offline threats while exhibiting performance comparable to traditional, albeit less secure, password-based authentication methods. Our protocol serves as foundation for the design and implementation of P2P PHSs that will make use of P2P PHSs more secure and trustworthy
Key exchange with the help of a public ledger
Blockchains and other public ledger structures promise a new way to create
globally consistent event logs and other records. We make use of this
consistency property to detect and prevent man-in-the-middle attacks in a key
exchange such as Diffie-Hellman or ECDH. Essentially, the MitM attack creates
an inconsistency in the world views of the two honest parties, and they can
detect it with the help of the ledger. Thus, there is no need for prior
knowledge or trusted third parties apart from the distributed ledger. To
prevent impersonation attacks, we require user interaction. It appears that, in
some applications, the required user interaction is reduced in comparison to
other user-assisted key-exchange protocols
On the security of software-defined next-generation cellular networks
In the recent years, mobile cellular networks are ndergoing fundamental changes and many established concepts are being revisited. Future 5G network architectures will be designed to employ a wide range of new and emerging technologies such as Software Defined Networking (SDN) and Network Functions Virtualization (NFV). These create new virtual network elements each affecting the logic of the network management and operation, enabling the creation of new generation services with substantially higher data rates and lower delays. However, new security challenges and threats are also introduced. Current Long-Term Evolution (LTE) networks are not able to accommodate these new trends in a secure and reliable way. At the same time, novel 5G systems have proffered invaluable opportunities of developing novel solutions for attack prevention, management, and recovery. In this paper, first we discuss the main security threats and possible attack vectors in cellular networks. Second, driven by the emerging next-generation cellular networks, we discuss the architectural and functional requirements to enable
appropriate levels of security
A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications
Existing authentication solutions proposed for Internet of Things (IoT)
provide a single Level of Assurance (LoA) regardless of the sensitivity levels
of the resources or interactions between IoT devices being protected. For
effective (with adequate level of protection) and efficient (with as low
overhead costs as possible) protections, it may be desirable to tailor the
protection level in response to the sensitivity level of the resources, as a
stronger protection level typically imposes a higher level of overheads costs.
In this paper, we investigate how to facilitate multi-LoA authentication for
IoT by proposing a multi-factor multi-level and interaction based (M2I)
authentication framework. The framework implements LoA linked and interaction
based authentication. Two interaction modes are investigated, P2P
(Peer-to-Peer) and O2M (One-to-Many) via the design of two corresponding
protocols. Evaluation results show that adopting the O2M interaction mode in
authentication can cut communication cost significantly; compared with that of
the Kerberos protocol, the O2M protocol reduces the communication cost by 42% ~
45%. The protocols also introduce less computational cost. The P2P and O2M
protocol, respectively, reduce the computational cost by 70% ~ 72% and 81% ~
82% in comparison with that of Kerberos. Evaluation results also show that the
two factor authentication option costs twice as much as that of the one-factor
option
- âŠ