115,117 research outputs found
Integrating identity-based cryptography in IMS service authentication
Nowadays, the IP Multimedia Subsystem (IMS) is a promising research field.
Many ongoing works related to the security and the performances of its
employment are presented to the research community. Although, the security and
data privacy aspects are very important in the IMS global objectives, they
observe little attention so far. Secure access to multimedia services is based
on SIP and HTTP digest on top of IMS architecture. The standard deploys AKA-MD5
for the terminal authentication. The third Generation Partnership Project
(3GPP) provided Generic Bootstrapping Architecture (GBA) to authenticate the
subscriber before accessing multimedia services over HTTP. In this paper, we
propose a new IMS Service Authentication scheme using Identity Based
cryptography (IBC). This new scheme will lead to better performances when there
are simultaneous authentication requests using Identity-based Batch
Verification. We analyzed the security of our new protocol and we presented a
performance evaluation of its cryptographic operationsComment: 13Page
Multivariate Bayesian semiparametric models for authentication of food and beverages
Food and beverage authentication is the process by which foods or beverages
are verified as complying with its label description, for example, verifying if
the denomination of origin of an olive oil bottle is correct or if the variety
of a certain bottle of wine matches its label description. The common way to
deal with an authentication process is to measure a number of attributes on
samples of food and then use these as input for a classification problem. Our
motivation stems from data consisting of measurements of nine chemical
compounds denominated Anthocyanins, obtained from samples of Chilean red wines
of grape varieties Cabernet Sauvignon, Merlot and Carm\'{e}n\`{e}re. We
consider a model-based approach to authentication through a semiparametric
multivariate hierarchical linear mixed model for the mean responses, and
covariance matrices that are specific to the classification categories.
Specifically, we propose a model of the ANOVA-DDP type, which takes advantage
of the fact that the available covariates are discrete in nature. The results
suggest that the model performs well compared to other parametric alternatives.
This is also corroborated by application to simulated data.Comment: Published in at http://dx.doi.org/10.1214/11-AOAS492 the Annals of
Applied Statistics (http://www.imstat.org/aoas/) by the Institute of
Mathematical Statistics (http://www.imstat.org
Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication
We investigate whether a classifier can continuously authenticate users based
on the way they interact with the touchscreen of a smart phone. We propose a
set of 30 behavioral touch features that can be extracted from raw touchscreen
logs and demonstrate that different users populate distinct subspaces of this
feature space. In a systematic experiment designed to test how this behavioral
pattern exhibits consistency over time, we collected touch data from users
interacting with a smart phone using basic navigation maneuvers, i.e., up-down
and left-right scrolling. We propose a classification framework that learns the
touch behavior of a user during an enrollment phase and is able to accept or
reject the current user by monitoring interaction with the touch screen. The
classifier achieves a median equal error rate of 0% for intra-session
authentication, 2%-3% for inter-session authentication and below 4% when the
authentication test was carried out one week after the enrollment phase. While
our experimental findings disqualify this method as a standalone authentication
mechanism for long-term authentication, it could be implemented as a means to
extend screen-lock time or as a part of a multi-modal biometric authentication
system.Comment: to appear at IEEE Transactions on Information Forensics & Security;
Download data from http://www.mariofrank.net/touchalytics
Beyond the Hype: On Using Blockchains in Trust Management for Authentication
Trust Management (TM) systems for authentication are vital to the security of
online interactions, which are ubiquitous in our everyday lives. Various
systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage
trust in this setting. In recent years, blockchain technology has been
introduced as a panacea to our security problems, including that of
authentication, without sufficient reasoning, as to its merits.In this work, we
investigate the merits of using open distributed ledgers (ODLs), such as the
one implemented by blockchain technology, for securing TM systems for
authentication. We formally model such systems, and explore how blockchain can
help mitigate attacks against them. After formal argumentation, we conclude
that in the context of Trust Management for authentication, blockchain
technology, and ODLs in general, can offer considerable advantages compared to
previous approaches. Our analysis is, to the best of our knowledge, the first
to formally model and argue about the security of TM systems for
authentication, based on blockchain technology. To achieve this result, we
first provide an abstract model for TM systems for authentication. Then, we
show how this model can be conceptually encoded in a blockchain, by expressing
it as a series of state transitions. As a next step, we examine five prevalent
attacks on TM systems, and provide evidence that blockchain-based solutions can
be beneficial to the security of such systems, by mitigating, or completely
negating such attacks.Comment: A version of this paper was published in IEEE Trustcom.
http://ieeexplore.ieee.org/document/8029486
- …