Secure Identification in Social Wireless Networks

The applications based on social networking have brought revolution towards social life and are continuously gaining popularity among the Internet users. Due to the advanced computational resources offered by the innovative hardware and nominal subscriber charges of network operators, most of the online social networks are transforming into the mobile domain by offering exciting applications and games exclusively designed for users on the go. Moreover, the mobile devices are considered more personal as compared to their desktop rivals, so there is a tendency among the mobile users to store sensitive data like contacts, passwords, bank account details, updated calendar entries with key dates and personal notes on their devices. The Project Social Wireless Network Secure Identification (SWIN) is carried out at Swedish Institute of Computer Science (SICS) to explore the practicality of providing the secure mobile social networking portal with advanced security features to tackle potential security threats by extending the existing methods with more innovative security technologies. In addition to the extensive background study and the determination of marketable use-cases with their corresponding security requirements, this thesis proposes a secure identification design to satisfy the security dimensions for both online and offline peers. We have implemented an initial prototype using PHP Socket and OpenSSL library to simulate the secure identification procedure based on the proposed design. The design is in compliance with 3GPP‟s Generic Authentication Architecture (GAA) and our implementation has demonstrated the flexibility of the solution to be applied independently for the applications requiring secure identification. Finally, the thesis provides strong foundation for the advanced implementation on mobile platform in future

Single Sign On Using Keycloak Integrated Public Key Infrastructure for User Authentication In Indonesia’s Electronic Based Government System

The government in carrying out its function as a public administration servant is regulated in law of the Republic of Indonesia number 25/2009 on public services. In this regulated about electronic government (e-government), many individuals use various web applications that require users to authenticate themselves to access each application. Many entities require various web- based applications for operational activities. This makes centralized access management for web-based applications very much needed. Currently, access management is often implemented using Single Sign On (SSO) with password authentication method. Security considerations arise against the use of passwords. This is because passwords have a vulnerability to brute forcing using a password list, and human nature often uses repeated or uncomplicated passwords. There is an alternative authentication method, namely Mutual TLS which utilizes Public Key Infrastructure (PKI). Users authenticate with X.509 digital certificates, so the authentication factor becomes something you have. This research aims to implement an integrated PKI SSO system and RBAC access automation. The approach of this project is research, design, implementation, and testing. The entire system is built with open-source software and implemented on a cloud infrastructure. The system has three subsystems, namely registration, login and RBAC access automation. All subsystems are tested according to the specified flow. The test results show that the registration subsystem has been successfully carried out as evidenced by the success of filling in personal data, approval flow, and downloading of certificates. The login subsystem was also successfully implemented, as evidenced by the existence of mTLS authentication with certificate validation. In testing the RBAC access automation subsystem, it is shown that the script created can perform access checks and access remediation if needed

Mobile Identity, Credential, and Access Management Framework

Organizations today gather unprecedented quantities of data from their operations. This data is coming from transactions made by a person or from a connected system/application. From personal devices to industry including government, the internet has become the primary means of modern communication, further increasing the need for a method to track and secure these devices. Protecting the integrity of connected devices collecting data is critical to ensure the trustworthiness of the system. An organization must not only know the identity of the users on their networks and have the capability of tracing the actions performed by a user but they must trust the system providing them with this knowledge. This increase in the pace of usage of personal devices along with a lack of trust in the internet has driven demand for trusted digital identities. As the world becomes increasingly mobile with the number of smart phone users growing annually and the mobile web flourishing, it is critical to implement strong security on mobile devices. To manage the vast number of devices and feel confident that a machine’s identity is verifiable, companies need to deploy digital credentialing systems with a strong root of trust. As passwords are not a secure method of authentication, mobile devices and other forms of IoT require a means of two-factor authentication that meets NIST standards. Traditionally, this has been done with Public Key Infrastructure (PKI) through the use of a smart card. Blockchain technologies combined with PKI can be utilized in such a way as to provide an identity and access management solution for the internet of things (IoT). Improvements to the security of Radio Frequency Identification (RFID) technology and various implementations of blockchain make viable options for managing the identity and access of IoT devices. When PKI first began over two decades ago, it required the use of a smart card with a set of credentials known as the personal identity verification (PIV) card. The PIV card (something you have) along with a personal identification number (PIN) (something you know) were used to implement two-factor authentication. Over time the use of the PIV cards has proven challenging as mobile devices lack the integrated smart card readers found in laptop and desktop computers. Near Field Communication (NFC) capability in most smart phones and mobile devices provides a mechanism to allow a PIV card to be read by a mobile device. In addition, the existing PKI system must be updated to meet the demands of a mobile focused internet. Blockchain technology is the key to modernizing PKI. Together, blockchain-based PKI and NFC will provide an IoT solution that will allow industry, government, and individuals a foundation of trust in the world wide web that is lacking today

Efficient Queue And Gsi Security Management Framework For Mobile Desktop Grid

Kemajuan dan perkembangan yang amat besar dalam teknologi barangan pegang-tangan telah membuatkan pihak pengkaji berfikir akan cara untuk menggunakan kuasa alat-alat mobil dalam bidang arkitek yang begitu luas berhubungan dengan Penggunaan Komputer Bergrid. Peralatan mobil mempunyai sumber komputer dan kuasa operasi yang terhad, isu-isu lain yang terbatas dalam persumberan komputer adalah seperti jaringan terselindung, ketidaksinambungan jaringan yang kerap berlaku, penggunaan tenaga bateri, sekuriti dan kualiti servis dan lain-lain. Salah satu kajian pendekatan untuk membangkitkan isu ini ialah bidang arkitek proksi grid yang mobil dimana, alat-alat mobil berkomunikasi dengan alat servis proksi grid yang menghantarkan permintaan ke grid komputer bagi pihak alat mobil itu, dengan itu ia memperolehi kebanyakan daripada kegunaan grid komputer. Tremendous advancement and growth in the hand-held technology make the researchers think to utilize the power of mobile devices into the vast architecture of the Grid Computing hence lead to the new paradigm of mobile grid computing. Mobile devices are resource limited and have many issues such as computational resources limitations, network latency, frequent network disconnection, battery power consumption, security etc. To address these issues, researchers proposed mobile proxy grid architecture in which mobile devices communicated with grid proxy server which sends the request to the computational grid on behalf of the mobile device hence gets the most of the functionality of the grid computing

The Hedgehog and the Fox: Distinguishing Public and Private Sector Approaches to Managing Risk for Internet Transactions

In his essay The Hedgehog and the Fox, Isaiah Berlin used an ancient Greek proverb comparing these animals as a metaphor to express a deep division among thinkers and writers in their understanding of the human condition. In this essay, I extend the metaphor to contrast the differing approaches to risk management taken by the public sector in the exercise of its sovereign functions and that taken by members of the private sector in the conduct of commercial transactions. In light of the differences in these basic approaches to questions of risk management, I will evaluate some widely discussed models of public key infrastructures for administering digital signature authentication systems. The basic model most commonly discussed today can easily be assimilated to the public sector model of risk management, but does not readily permit the incorporation of the most important features of private sector risk management models. As a result, I predict that before digital signature technology will gain widespread use in business technology, further significant progress will have to be made in the design of public key infrastructures. In addition, I argue that a public sector risk management model is not appropriate for new technology distributed by private actors unless there is a consensus that such an indirect subsidy is in the public interest generally, not just in the interest of certain private promoters of the technology. Furthermore, before the public sector adopts digital signature technology, political issues outside the scope of risk management policies will have to be addressed. For example, political issues such as the degree of protection to be granted to citizens\u27 privacy rights within such an infrastructure will have to be resolved before a determination can be made whether the use of such a technology is genuinely in the public interest

Implementing a Secure Academic Grid System - A Malaysian Case

Computational grids have become very popular in the recent times due to their capabilities and flexibility in handling large computationally intensive jobs. When it comes to the implementation of practical grid systems, security plays a major role due to the confidentiality of the information handled and the nature of the resources employed. Also due to the complex nature of the grid operations, grid systems face unique security threats compared to other distributed systems. This paper describes how to implement a secure grid system with special emphasis on the steps to be followed in obtaining, implementing and testing PKI certificates

The Efficiency of Requesting Process for Formal Business-Documents in Indonesia: an Implementation of Web Application Base on Secure and Encrypted Sharing Process

In recent business practices, the need of the formal document for business, such as the business license documents, business domicile letters, halal certificates, and other formal documents, is desperately needed and becomes its own problems for businesses, especially for small and medium enterprises. One stop service unit that was conceived and implemented by the government today, has not been fully integrated yet. Not all permits (related with formal document for business) can be completed and finished in one place, businesses are still have to move from one government department to another government department to get a formal document for their business. With these practices, not only a lot of the time and cost will be sacrificed, but also businesses must always fill out a form with the same field. This study aims to assess and identify the problem, especially on applying the formal document for business, and use it as inputs for the development of a web application based on secure and encrypted sharing process. The study starts with a survey of 200 businesses that have applied the formal document for their business, to map the initial conditions of applying the formal document for business in Indonesia . With these applications that are built based on these needs, it is expected that not only the time, cost, and physical effort from both parties are becoming more efficient, but also the negative practices of bureaucratic and economic obstacles in business activities can be minimized, so the competitiveness of business and their contribution for national economy will increase