7,784 research outputs found
Session Initiation Protocol Attacks and Challenges
In recent years, Session Initiation Protocol (SIP) has become widely used in
current internet protocols. It is a text-based protocol much like Hyper Text
Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). SIP is a
strong enough signaling protocol on the internet for establishing, maintaining,
and terminating session. In this paper the areas of security and attacks in SIP
are discussed. We consider attacks from diverse related perspectives. The
authentication schemes are compared, the representative existing solutions are
highlighted, and several remaining research challenges are identified. Finally,
the taxonomy of SIP threat will be presented
Providing secure remote access to legacy applications
While the widespread adoption of Internet and Intranet technology has been one of the exciting developments of recent years, many hospitals are finding that their data and legacy applications do not naturally fit into the new methods of dissemination. Existing applications often rely on isolation or trusted networks for their access control or security, whereas untrusted wide area networks pay little attention to the authenticity, integrity or confidentiality of the data they transport. Many hospitals do not have the resources to develop new ''network-ready'' versions of existing centralised applications. In this paper, we examine the issues that must be considered when providing network access to an existing health care application, and we describe how we have implemented the proposed solution in one healthcare application namely the diabetic register at Hope Hospital. We describe the architecture that allows remote access to the legacy application, providing it with encrypted communications and strongly authenticated access control but without requiring any modifications to the underlying application. As well as comparing alternative ways of implementing such a system, we also consider issues relating to usability and manageability, such as password management
SUPA: Strewn user-preserved authentication**
Objective – This paper presents the high level conceptual architecture of SUPA, an authentication system that
would allow a system to authenticate users without having its own repository of users’ secret identification
related data.
Methodology/Technique – Central storage and management of user credentials or passwords leave a single
tempting repository for the attackers. If the credentials are not stored by a system at all, there will be no stored
‘vault’ to allure the attackers. At the same time, there will be no single resource that holds the credentials of all
users of a system. SUPA enables a system to authenticate itself users without having their secret credentials
stored in it.
Findings – The proposed authentication system uses the features of asymmetric encryption as part of its
authentication process.
Novelty – SUPA eliminates the requirement of secret user credentials at the system end, the user credentials are
retained within the end-user’s devices
Recommended from our members
Selection of EAP-authentication methods in WLANs
IEEE 802.1X is a key part of IEEE802.11i. By employing Extensible Authentication Protocol (EAP) it supports a variety of upper layer
authentication methods each with different benefits and drawbacks. Any one of these authentication methods can be the ideal choice for a specific networking environment. The fact that IEEE 802.11i leaves the selection of the most suitable authentication method to system implementers makes the authentication framework more flexible, but on the other hand leads to the
question of how to select the authentication method that suits an organisation’s requirements and specific networking environment. This paper gives an overview of EAP authentication methods and provides a table comparing their properties. It then identifies the crucial factors to be considered when employing EAP authentication methods in WLAN environments. The paper presents algorithms that guide the selection of an EAP-authentication method for a WLAN and demonstrates their application through three examples
The Horcrux Protocol: A Method for Decentralized Biometric-based Self-sovereign Identity
Most user authentication methods and identity proving systems rely on a
centralized database. Such information storage presents a single point of
compromise from a security perspective. If this system is compromised it poses
a direct threat to users' digital identities. This paper proposes a
decentralized authentication method, called the Horcrux protocol, in which
there is no such single point of compromise. The protocol relies on
decentralized identifiers (DIDs) under development by the W3C Verifiable Claims
Community Group and the concept of self-sovereign identity. To accomplish this,
we propose specification and implementation of a decentralized biometric
credential storage option via blockchains using DIDs and DID documents within
the IEEE 2410-2017 Biometric Open Protocol Standard (BOPS)
- …