A Protected Single Sign-On Technique Using 2D Password in Distributed Computer Networks

Single Sign-On (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, a new SSO scheme providing well-organized security argument failed to meet credential privacy and soundness of authentication. The main goal of this project is to provide security using Single Sign-On scheme meeting at least three basic security requirements, i.e., unforgetability, credential privacy, and soundness. User identification is an important access control mechanism for client–server networking architectures. The concept of Single Sign-On can allow legal users to use the unitary token to access different service providers in distributed computer networks. To overcome few drawbacks like not preserving user anonymity when possible attacks occur and extensive overhead costs of time-synchronized mechanisms, we propose a secure Single Sign-On mechanism that is efficient, secure, and suitable for mobile devices in distributed computer networks. In a real-life application, the mobile user can use the mobile device, e.g., a cell phone, with the unitary token to access multiservice, such as downloading music; receive/reply electronic mails etc. Our scheme is based on one-way hash functions and random nonce to solve the weaknesses described above and to decrease the overhead of the system. The proposed scheme is more secure with two types of password scheme namely, Text password and Graphical Password referred as 2D password in distributed computer networks that yields a more efficient system that consumes lower energy. The proposed system has less communication overhead. It eliminates the need for time synchronization and there is no need of holding multiple passwords for different services

Persistent Protection in Multicast Content Delivery

Computer networks make it easy to distribute digital media at low cost. Digital rights management (DRM) systems are designed to limit the access that paying subscribers (and non-paying intruders) have to these digital media. However, current DRM systems are tied to unicast delivery mechanisms, which do not scale well to very large groups. In addition, the protection provided by DRM systems is in most cases not persistent, i.e., it does not prevent the legitimate subscriber from re-distributing the digital media after reception. We have collected the requirements for digital rights management from various sources, and presented them as a set of eleven requirements, associated with five categories. Several examples of commercial DRM systems are briefly explained and the requirements that they meet are presented in tabular format. None of the example systems meet all the requirements that we have listed. The security threats that are faced by DRM systems are briefly discussed. We have discussed approaches for adapting DRM systems to multicast data transmission. We have explored and evaluated the security protocols of a unicast distribution model, published by Grimen, et al.\, that provides ``persistent protection''. We have found two security attacks and have provided the solution to overcome the discovered attacks. Then we have proposed a more scalable architecture based on the modified model. We call the resulting architecture persistent protection in multicast content delivery. We present and formally validate the protocol for control and data exchange among the interacting parties of our proposal

Public perceptions and user experience study on the use and adoption of a mobile internet e-Voting smartphone app within the Australian context

The Doctor of Philosophy (Innovation) (PhD.I) is a project-based higher research degree in which professional and industrial expertise combine with academic theory in the identification and creation of innovation. This innovation portfolio project is the culmination of a five-year journey on the first Australian university study on public perceptions and user experiences of using mobile internet e- Voting in the Australian context. This innovation portfolio project has produced baseline data on the perceptions of the Australian public, a prototype mobile voting smartphone app (the innovation), which allows for secure registration, casting a vote in a federal election and submitting a response to a national survey, and a user experience study on the app and A/B tests of various features. Trust is a core foundation of user adoption and, as such, is the underlying theme of the portfolio. Guided by the technology acceptance model (TAM) (Davis, 1989), data collected from an anonymous survey on perceptions of the Australian public towards using a mobile internet e-Voting platform (N = 295) are presented and analysed. Of the respondents, 72.88% either Completely Trusted or Slightly Trusted government and commercial systems as opposed to 15.93% who either Completely Distrusted or Slightly Distrusted government and commercial systems. The survey also found that 75.25% of respondents were in favour of using mobile internet e-Voting, with 15.93% of respondents requiring greater information about the technology and 8.82% being against its utilisation. The top appeals of the platform were its mobility (91.40%), verifiability (72.90%) and Innovation Portfolio Project speed (72.50%), with the top concerns being manipulation (75.10%), retrieval (65.30%) and monitoring (63.20%) of cast votes by malicious parties or software. This portfolio also provides a chronologically documented development journey of the “mobile voting app” project. Utilising the Scrum methodology, this portfolio documents the beginning of the development project (envisioning session), the product backlog construction, sprint cycles, retrospectives and features details. Next, the mobile voting app is user tested by way of qualitative in-depth interviews to gather perceptions of five participants from a young and tech savvy cohort who are likely to be early adopters (Rogers, 2010). This user experience study found that participants were pleased with the usefulness and simplicity of the app. Most participants stated that they would use the mobile voting app if it were made available in the next election. These findings correlate with the constructs of the TAM (Davis, 1989), which state that perceived ease of use (PEOU) and perceived usefulness (PU) directly influence a user's attitude towards new technology (A). Those who would not use the app in the next election were either those who had not voted in an Australian election previously and stated they would like to vote using paper ballots first then would use it in the following election or were those who has reservations about the technology and its usefulness, primarily around government support. These findings correlate with the unified theory of acceptance and the use of technology model (UTAUT) by Venkatesh, Morris, Davis, and Davis (2003), which states that the degree to which an individual believes that an organisational and technical infrastructure exists to support use of the system (facilitating conditions), directly influences the use behaviour and the moderating variable of experience. This portfolio concludes with a personal reflection on the findings and process of the works undertaken, the anticipations for this research and potential pathways for further development and application. Commentary is also provided on public events that occurred during the time of the research that widely impacted on public perceptions of the technology, including the 2016 census debacle, the 2015 NSW iVote hacking report and the Russian interference in the 2016 US presidential elections