Review: Location Based Authentication to Mitigate Intruder Attack

Abstract -Recently the use of online banking has been increased to perform various online banking transactions. On the other hand, it is been targeted by various attacks found at the client side. Lately, traditional security methods were not capable enough to tackle these attacks such as intruder attacks, phishing attacks, etc. Presently remote authentication is the most efficient technique used to protect various services, resources, security for the unauthorized use. In this paper we use three-factor authentication and upgrade this method by including the fourth factor. The main three factors are (a) password (b) smart-card, and (c) biometrics. The newly introduced fourth factor is "Where you are" (Location), which mainly consist of REAL TIME LOCATING SYSTEM technique and instant generated pin code mechanism for the verification of the user performing the transaction

Block chain-Enhanced Security for Financial Institution Electronic Records Management System

With an emphasis on banking systems, this article explores how blockchain technology can be used to manage electronic records in the financial sector. This research looks at how well blockchain-based solutions work for ERM in terms of improving privacy, security, and data integrity. The research emphasizes the significance of cryptographic techniques, consensus protocols, access controls, and data integrity measures in guaranteeing the secrecy and dependability of financial data through a thorough examination of these components. In comparison to other studies, this one shows a small drop in accuracy with a precision ratio of. Blockchain technology has the potential to greatly improve the safety of financial institutions' electronic records, as this ratio is still very high. While there is certainly space for development, the results show that blockchain-based solutions have potential to strengthen the reliability and honesty of monetary systems

A Novel Technique for Cancelable and Irrevocable Biometric Template Generation for Fingerprints

Cancelable biometric key generation is vital in biometric systems to protect sensitive information of users. A novel technique called Reciprocated Magnitude and Complex Conjugate- Phase (RMCCP) transform is proposed. This proposed method comprises of different components for the development of new method. It is tested with the multiple aspects such as cancelability, irrevocability and security. FVC database and real time datasets are used to observe the performance on Match score using ROC, time complexity, and space complexity. The experimental results show that the proposed method is better in all the aspects of performance.

Leakage-resilient biometric-based remote user authentication with fuzzy extractors

National Research Foundation (NRF) Singapor

Device fingerprinting identification and authentication: A two-fold use in multi-factor access control schemes

Network security has always had an issue with secure authentication and identification. In the current mixed device network of today, the number of nodes on a network has expanded but these nodes are often unmanaged from a network security perspective. The solution proposed requires a paradigm shift, a recognition of what has already happened, identity is for sale across the internet. That identity is the users’ network ID, their behavior, and even their behavior in using the networks. Secondly a majority of the devices on the Internet have been fingerprinted. Use of device fingerprinting can help secure a network if properly understood and properly executed. The research into this area suggests a solution. Which is the use of device fingerprints including clock skews to identify the devices and a dual- authentication process targeted at authenticating the device and the user. Not only authenticating the identity presented but also combining them into a unified entity so failure to authenticate part of the entity means the whole is denied access to the network and its resources

Two-factor remote authentication protocol with user anonymity based on elliptic curve cryptography

In order to provide secure remote access control, a robust and efficient authentication protocol should realize mutual authentication and session key agreement between clients and the remote server over public channels. Recently, Chun-Ta Li proposed a password authentication and user anonymity protocol by using smart cards, and they claimed that their protocol has satisfied all criteria required by remote authentication. However, we have found that his protocol cannot provide mutual authentication between clients and the remote server. To realize ‘real’ mutual authentication, we propose a two-factor remote authentication protocol based on elliptic curve cryptography in this paper, which not only satisfies the criteria but also bears low computational cost. Detailed analysis shows our proposed protocol is secure and more suitable for practical application

Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement

During the past decade, the electronic healthcare (e-health) system has been evolved into a more patient-oriented service with smaller and smarter wireless devices. However, these convenient smart devices have limited computing capacity and memory size, which makes it harder to protect the user’s massive private data in the e-health system. Although some works have established a secure session key between the user and the medical server, the weaknesses still exist in preserving the anonymity with low energy consumption. Moreover, the misuse of biometric information in key agreement process may lead to privacy disclosure, which is irreparable. In this study, we design a dynamic privacy protection mechanism offering the biometric authentication at the server side whereas the exact value of the biometric template remains unknown to the server. And the user anonymity can be fully preserved during the authentication and key negotiation process because the messages transmitted with the proposed scheme are untraceable. Furthermore, the proposed scheme is proved to be semantic secure under the Real-or-Random Model. The performance analysis shows that the proposed scheme suits the e-health environment at the aspect of security and resource occupation