14 research outputs found
LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments
The non-repudiation as an essential requirement of many applications can be
provided by the asymmetric key model. With the evolution of new applications
such as mobile commerce, it is essential to provide secure and efficient
solutions for the mobile environments. The traditional public key cryptography
involves huge computational costs and is not so suitable for the
resource-constrained platforms. The elliptic curve-based approaches as the
newer solutions require certain considerations that are not taken into account
in the traditional public key infrastructures. The main contribution of this
paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the
constrained platforms such as mobile phones. It takes advantages of elliptic
curve cryptography and signcryption to decrease the computational costs and
communication overheads, and adapting to the constraints. All the computational
costs of required validations can be eliminated from end-entities by
introduction of a validation authority to the introduced infrastructure and
delegating validations to such a component. LPKI is so suitable for mobile
environments and for applications such as mobile commerce where the security is
the great concern.Comment: 6 Pages, 6 Figure
Access Management in Lightweight IoT: A Comprehensive review of ACE-OAuth framework
With the expansion of Internet of Things (IoT), the need for secure and scalable authentication and
authorization mechanism for resource-constrained devices is becoming increasingly important. This
thesis reviews the authentication and authorization mechanisms in resource-constrained Internet of
Things (IoT) environments. The thesis focuses on the ACE-OAuth framework, which is a lightweight
and scalable solution for access management in IoT. Traditional access management protocols are not
well-suited for the resource-constrained environment of IoT devices. This makes the lightweight
devices vulnerable to cyber-attacks and unauthorized access. This thesis explores the security
mechanisms and standards, the protocol flow and comparison of ACE-OAuth profiles. It underlines
their potential risks involved with the implementation. The thesis delves into the existing and
emerging trends technologies of resource-constrained IoT and identifies limitations and potential
threats in existing authentication and authorization methods.
Furthermore, comparative analysis of ACE profiles demonstrated that the DTLS profile enables
constrained servers to effectively handle client authentication and authorization. The OSCORE
provides enhanced security and non-repudiation due to the Proof-of-Possession (PoP) mechanism,
requiring client to prove the possession of cryptographic key to generate the access token.
The key findings in this thesis, including security implications, strengths, and weaknesses for ACE
OAuth profiles are covered in-depth. It shows that the ACE-OAuth framework’s strengths lie in its
customization capabilities and scalability. This thesis demonstrates the practical applications and
benefits of ACE-OAuth framework in diverse IoT deployments through implementation in smart
home and factory use cases. Through these discussions, the research advances the application of
authentication and authorization mechanisms and provides practical insights into overcoming the
challenges in constrained IoT settings
Enhancing Privacy for Biometric Identification Cards
Most developed countries have started the implementation of biometric electronic identification cards, especially passports. The European Union and the United States of America struggle to introduce and standardize these electronic documents. Due to the personal nature of the biometric elements used for the generation of these cards, privacy issues were raised on both sides of the Atlantic Ocean, leading to civilian protests and concerns. The lack of transparency from the public authorities responsible with the implementation of such identification systems, and the poor technological approaches chosen by these authorities, are the main reasons for the negative popularity of the new identification methods. The following article shows an approach that provides all the benefits of modern technological advances in the fields of biometrics and cryptography, without sacrificing the privacy of those that will be the beneficiaries of the new systemsecurity, smart card, identification, passport, biometrics, public key infrastructure, government, identification
Ecosistema para la creación de firma digital avanzada en movilidad y autenticación mediante elemento seguro
Con el crecimiento exponencial de terminales móviles que se está dando en el mercado internacional actual, las necesidades de los usuarios están variando tanto a nivel personal como corporativo. Al aumentar la cantidad de operaciones que un usuario puede realizar desde su dispositivo móvil, la información personal que se almacena es mayor. Si las operaciones implican un compromiso legal por parte del usuario, los datos deben ser debidamente protegidos y avalados.
Dada esta situación, se estima de vital importancia la creación de entornos que permitan al usuario identificarse de manera que su identidad no pueda ser comprometida. Un ecosistema implica la creación, gestión y distribución de certificados. Ésta es la forma tecnológicamente más avanzada actualmente para su uso desde terminales móviles.
Para almacenar los datos del usuario de forma segura, se estudian las opciones de uso de elementos seguros.
El ecosistema que se crea en este proyecto de Fin de Máster hace segura la firma de documentos digitales de forma remota mientras se está fuera de la oficina o lejos del interesado, y permitirá la investigación de nuevos elementos que contribuyan a garantizar la autenticidad de acciones y documentos