Comments of an efficient and secure multi-server authentication scheme with key agreement

Recently, Tsaur et al. proposed an authentication scheme for multi-server environments and claimed their scheme could withstand various attacks. In this letter, we will point out that Tsaur et al. scheme is not suitable for multi-server environments since the user has to register for every server. Furthermore, we will show Tsaur et al. scheme is vulnerable to the password guessing attack and the privileged insider attack

Security Protocol Suite for Preventing Cloud-based Denial-of-Service Attacks

Cloud systems, also known as cloud services, are among the primary solutions of the information technology domain. Cloud services are accessed through an identity authentication process. These authentication processes have become increasingly vulnerable to adversaries who may perform denial-of-service (DoS) attacks to make cloud services inaccessible. Several strong authentication protocols have been employed to protect conventional network systems. Nevertheless, they can cause a DoS threat when implemented in the cloud-computing system. This is because the comprehensive verification process may exhaust the cloud resources and shut down cloud’s services. This thesis proposes a novel cloud-based secure authentication (CSA) protocol suite that provides a smart authentication approach not only for verifying the users’ identities but also for building a strong line of defense against the DoS attacks. CSA protocol suite offers two modules, CSAM-1 and CSAM-2. The decision of which module of CSA to be utilized depends on the deployment nature of the cloud computing. CSAM-1 is designed to prevent external risks of DoS attacks in private and community cloud computing. CSAM-1 utilizes multiple techniques that include the client puzzle problem and utilization of unique encrypted text (UET). Therefore, these techniques can distinguish between a legitimate user’s request and an attacker’s attempt. CSAM-2 is designed to prevent internal risks of DoS attacks in public and hybrid cloud computing. CSAM-2 combines an extended unique encrypted text (EUET) application, client puzzle problem, and deadlock avoidance algorithm to prevent DoS risks that occur from inside cloud computing systems. The authentication process in both modules is designed so that the cloud-based servers become footprint-free and fully able to detect the signs of DoS attacks. The reliability and scalability of these two modules have been measured through a number of experiments using the GreenCloud simulation tool. The experiments’ results have shown that the CSA protocol suite is practically applicable as a lightweight authentication protocol. These experiments have verified the ability of the CSA to protect the cloud-based system against DoS attacks with an acceptable mean time to failure while still having the spare capacity to handle a large number of user requests

Gestão dinâmica do processo de atendimento à vítima na APAV

A utilização de Sistemas de Informação (SI) tecnológicos numa organização altera significativamente a sua produtividade, uma vez que permite a automatização e uniformização de processos e a centralização de dados. No entanto, em muitos casos, os SI são pouco ágeis e pouco versáteis, e implementar uma nova funcionalidade ou alterar o modo de funcionamento para melhor adaptar o sistema às necessidades reais da organização, é uma tarefa complexa. A Associação Portuguesa de Apoio à Vítima (APAV) é uma instituição particular de solidariedade social, que tem como missão prestar apoio às vítimas de crime e aos seus familiares e amigos. Atualmente, a APAV utiliza sistemas informáticos de suporte a esse apoio que, para além de apresentarem problemas de funcionamento, não permitem a edição ou gestão dos formulários utilizados na recolha dos dados das vítimas e dos atendimentos efetuados. Estas limitações levantam dificuldades na recolha e tratamento da informação, e impedem que a associação possa melhorar o seu processo de atendimento. O projeto apresentado nesta dissertação consiste no planeamento e parcial implementação de um novo sistema, a Plataforma de Gestão de Atendimentos, que irá substituir os existentes, permitindo uma maior flexibilidade de gestão e implementando mecanismos mais seguros a nível da proteção dos dados de carácter confidencial e sensível que a APAV recolhe. O novo sistema reúne os dados dos atendimentos e dos processos de apoio, permite que os administradores possam criar e editar formulários de atendimentos de forma dinâmica, possibilita a monitorização de atividade dos utilizadores, gestão de eventos e agiliza o preenchimento dos diferentes atendimentos. Espera-se assim que o sistema contribua para aumentar a eficiência do processo de apoio, facilite a elaboração de relatórios estatísticos, minimize a existência de erros no registo da informação e diminua o trabalho necessário atual de gestão de processos.The usage of technological Information Systems in an organization makes a considerable impact on its productivity, as it allows the automation and uniformization of processes and data centralization. Although, in many scenarios, IS are not agile enough to allow the implementation of new functionalities or accommodate workflow changes that better adapt the real needs of the organization. The Portuguese Association for Victim Support (APAV) is a private charitable organization that supports crime victims and their family and friends. Currently, APAV uses software support systems to care for the victims. These systems have flaws as they do not allow the management of the forms that are used to collect data about the victims and the service. These limitations make it difficult to collect the information needed and prevent APAV from improving its victim care process. The project presented in this dissertation consists on the planning and partial implementation of a new system, the Victim Care Management Platform, that will replace the existing systems, providing more flexibility of management and implementing more secure mechanisms to protect the collected data about the victims. This new system brings together data from both victim's care service and support processes, allowing the administrators to create and edit dynamic forms to collect data about the victims, enables user's activity monitoring and event management, and making it easier to collect data. It is expected that this system could help APAV to increase the victim's care process efficiency and to build accurate statistical reports, minimizing errors related with the data collecting, and reducing the necessary work to manage the victim's care processes