Conceivable security risks and authentication techniques for smart devices

With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques

A Testbed for Developing and Evaluating GNSS Signal Authentication Techniques

An experimental testbed has been created for developing and evaluating Global Navigation Satellite System (GNSS) signal authentication techniques. The testbed advances the state of the art in GNSS signal authentication by subjecting candidate techniques to the strongest publicly-acknowledged GNSS spoofing attacks. The testbed consists of a real-time phase-coherent GNSS signal simulator that acts as spoofer, a real-time softwaredefined GNSS receiver that plays the role of defender, and post-processing versions of both the spoofer and defender. Two recently-proposed authentication techniques are analytically and experimentally evaluated: (1) a defense based on anomalous received power in a GNSS band, and (2) a cryptographic defense against estimation-and-replay-type spoofing attacks. The evaluation reveals weaknesses in both techniques; nonetheless, both significantly complicate a successful GNSS spoofing attackAerospace Engineering and Engineering Mechanic

Microelectronics Time-Space Authentication Techniques

DizertaÄn­ prce se zabv vyuit­m informace o poloze uivatele pi provÄovn­ uivatelovi identity v prosted­ poÄ­taÄovch s­t­. S nrstem mobiln­ch poÄ­taÄovch za­zen­ v posledn­ch dvou desetilet­ch se poloha uivatele stv jednou ze stÄejn­ch informac­ v syst©mech pro sprvu p­stupu. Prce pedkld reeri stvaj­c­ch een­, kter se dÄl­ na dvÄ skupiny v zvislosti na zdroji polohov© informace (een­ vyu­vaj­c­ satelitn­ navigaÄn­ syst©mu nap. GPS a een­ zaloen na komunikaci s aktivn­ infrastrukturou nap. GSM, Wi-Fi). Prce uvd­ metodiku pro vyhodnocovn­ autentizaÄn­ch dat, kter vyu­v princip fuzzy logiky. V porovnn­ s bivalentn­ logikou je mon© autentizaÄn­ data vyhodnotit relnÄji. Vsledek procesu autentizace m tak vy­ informaÄn­ hodnotu, kter me bt zohlednÄna pi stanoven­ rovnÄ p­stupovch prv uivatele. Dleitm aspektem pi prci s informac­ o poloze uivatele je prokzn­ faktu, e uivatel se nachz­ na stejn©m m­stÄ, ze kter©ho se d o p­stup do syst©mu. een­m t©to otzky me bt spojen­ polohov© informace uivatele s jeho biometrikou, nap­klad otiskem prstu. Tento princip je vyuit i ve dvou verz­ch mikroelektronickch autentizaÄn­ch terminl, kter© byly v souvislosti s een­m dizertaÄn­ prce realizovny. Prvn­ verze autentizaÄn­ho terminlu vyu­v jako zdroje polohov© informace pij­maÄe satelitn­ho navigaÄn­ho a bezdrtov komunikaÄn­ho modulu pro psmo ISM. Na prvn­ verzi autentizaÄn­ho terminlu byla ovÄena funkÄnost novÄ navrench mikroelektronickch autentizaÄn­ch technik. Pro provÄen­ biometriky uivatele je zde vyuito sn­maÄe otisku prst s vestavÄnm vyhodnocen­m. Ve druh© verzi byl autentizaÄn­ terminl doplnÄn o zdroje polohov© informace moduly Wi-Fi a GSM. V zvÄru prce je uvedeno testovn­ navren© metodiky vyhodnocovn­ autentizaÄn­ch dat pomoc­ druh© verze mikroelektronick©ho autentizaÄn­ho terminlu, kter© ovÄuje vyuitelnost navren© metodiky a celkovÄ ÄasovÄ-prostorov© informace v procesu autentizace.This dissertation work focusses on using information about the location of the user during the authentication process on computer networks. With the growth of mobile computer devices over the last two decades the physical location of users is becoming one of the main issues for access management. This work researches existing solutions which are divided in to two groups related to the source of location information (SATNAV systems for example GPS and based on communication with active infrastructure such as GSM, Wi-Fi). This work shows the methodology for evaluating authentication data which use the principle of fuzzy logic. In comparison with binary logic it is possible to evaluate authentication data accurately. As a result of the authentication process the information is of a higher value, which can be taken into account when setting the levels of user privileges. An important aspect of working with location information is that the user is located in the same place and from where they are asking for access to the system. Solving this question could be linking user biometrics for example finger prints. This principle is used in two types of microelectronic authentication terminals which were developed in conjunction with this work. The first type of terminal uses a SATNAV receiver and an ISM wireless communication module as a source of location information. On the first type of authentication terminal newly developed authentication techniques were tested. The users biometrics are checked by finger print sensor with embedded processing. In the second type authentication terminal a Wi-Fi and GSM module were added for location purposes. In the conclusion of this dissertation the testing methodology of the data authorization and evaluation process of the second type of microelectronic authentication terminal is shown. This confirms the practicality of the suggested methodology and the time-space information in the authentication process.

The Texas Spoofing Test Battery: Toward a Standard for Evaluating GPS Signal Authentication Techniques

A battery of recorded spoofing scenarios has been compiled for evaluating civil Global Positioning System (GPS) signal authentication techniques. The battery can be considered the data component of an evolving standard meant to define the notion of spoof resistance for commercial GPS receivers. The setup used to record the scenarios is described. A detailed description of each scenario reveals readily detectable anomalies that spoofing detectors could target to improve GPS securityAerospace Engineering and Engineering Mechanic

On the Achievable Error Region of Physical Layer Authentication Techniques over Rayleigh Fading Channels

For a physical layer message authentication procedure based on the comparison of channel estimates obtained from the received messages, we focus on an outer bound on the type I/II error probability region. Channel estimates are modelled as multivariate Gaussian vectors, and we assume that the attacker has only some side information on the channel estimate, which he does not know directly. We derive the attacking strategy that provides the tightest bound on the error region, given the statistics of the side information. This turns out to be a zero mean, circularly symmetric Gaussian density whose correlation matrices may be obtained by solving a constrained optimization problem. We propose an iterative algorithm for its solution: Starting from the closed form solution of a relaxed problem, we obtain, by projection, an initial feasible solution; then, by an iterative procedure, we look for the fixed point solution of the problem. Numerical results show that for cases of interest the iterative approach converges, and perturbation analysis shows that the found solution is a local minimum

A survey on Response Computaion Authentication techniques.

as we know the problems regarding data and system security are challenging and taking attraction of researchers. Although there are many techniques available which offers protection to systems there is no single Method which can provide full protection. As we know to provide security to system authentication in login system is main issue for developers. Response Computable Authentication is two way methods which are used by number of authentication system where an authentication system independently calculates the expected user response and authenticates a user if the actual user response matches the expected value. But such authentication system have been scare by malicious developer who can bypass normal authentication by covering logic in source code or using weak cryptography. This paper mainly focuses on RCA system to make sure that authentication system will not be influenced by backdoors. In this paper our main goal is to take review of different methods, approaches and techniques used for Response Computation Authentication

Food Authentication: Techniques, Trends and Emerging Approaches

Multiple factors can directly influence the chemical composition of foods and, consequently, their organoleptic, nutritional, and bioactive properties, including their geographical origin, the variety or breed, as well as the conditions of cultivation, breeding, and/or feeding, among others. Therefore, there is a great interest in the development of accurate, robust, and high-throughput analytical methods to guarantee the authenticity and traceability of foods. For these purposes, a large number of sensorial, physical, and chemical approaches can be used, which must be normally combined with advanced statistical tools. In this vein, the aim of the Special Issue “Food Authentication: Techniques, Trends, and Emerging Approaches” is to gather original research papers and review articles focused on the development and application of analytical techniques and emerging approaches in food authentication. This Special Issue comprises 12 valuable scientific contributions, including one review article and 11 original research works, dealing with the authentication of foods with great commercial value, such as olive oil, Iberian ham, and fruits, among others