Applying MAC Address-Based Access Control for Securing Admin’s Login Page

Authentication is a very important process for securing web applications. Username and password are two parameters commonly used for user authentication on the administrator’s login page. However, such the two authentication parameters can be easily breached so that they can become a vulnerability that adversary parties can use to conduct malicious activities. For example, the attackers can commit a crime such as data modification or theft or even more dangerous take over administrator services of a system. Therefore, it is necessary to improve the security mechanism by adding additional factor of authentication other than username and password. In this study, an improvement in authentication mechanisms was carried out by applying MAC Address-based access control as an additional authentication factor. In this method, Address Resolution Protocol (ARP) is used in mapping the users Internet Protocol (IP) address to their MAC address during validation process. The experimental results showed that the addition of the MAC address made the authentication process resistant to Dictionary Attack and Shoulder Surfing Attack

Dashboard of intelligent transportation system (ITS) using mobile agents strategy on notification authentication process

Extracting accurate information from huge Transportation Database need to build efficiency Intelligent Transportation Systems ITS-Dashboard that should allow making correct decisions. The quality of decision and the achievement of performance depend on the quality of the information supplied. This information must be reliable, complete, pertinent and more to care about external attacks. Distributed Mobile Agent consists of autonomy of entities with capacities of perception, cooperation and action on their own environment. One of Agent function is the security of Authentication process by activation of notification system on Mobile Device. The main purpose of this paper is to make it consisting of an Agent Based Framework. The strategy is to exploit Mobile Agent capabilities in a Strict Notification Process when user validates his authentication request

Information Technology Project Update: 2011-2012

Marshall University Information Technology (MUIT) strives to provide seamless access to global resources, a robust infrastructure and current tools to support our faculty, staff and students, and high levels of technology to compete and excel in a world characterized by constant change with increased mobility. MUIT engages in collaborative relationships within the University and with the local community acting as a trusted partner anticipating needs and responding with innovative solutions in support of the University’s mission of teaching, research, and service via extensive research and planning endeavors

AN ANALYSIS OF VOICE OVER INTERNET PROTOCOL (VOIP) AND ITS SECURITY IMPLEMENTATION

Voice over Internet Protocol (VoIP) has been in existence for a number of years but only quite recently has it developed into mass adoption. As VoIP technology penetrates worldwide telecommunications markets, the advancements achieved in performance, cost reduction, and feature supportmake VoIP a convincingproposition for service providers, equipment manufacturers, and end users. Since the introduction of mass-market VoIP services over broadband Internet in 2004, security and safeguarding are becoming a more important obligation in VoIP solutions. The purpose of this final year project is to study and analyze VoIP and implement the security aspect using Secure Real-time Transport Protocol (SRTP) end-to-end media encryption in the Universiti Teknologi PETRONAS (UTP) laboratory. Extensive research, evaluation of case studies, literature reviews, network analysis, as well as testing and experimentation are the methods employed in achieving a secure and reliable VoIP network. With the given time frame and adequate resources, the study and analysis of VoIP and implementation of SRTP should prove to be very successful

ACUTA Journal of Telecommunications in Higher Education

In This Issue President\u27s Message From the ACUTA GEO Privacy Matters Crisis on Campus Appropriate and Reasonable Protections Securing the Cloud: Key Contract Provisions for lnstitutions Changing Behavior...Changing Mindsets Holes in University BYOD Policies The impact of the Smartphone Ecosystem Phishing, the Path of Least Resistance 2014 lnstitutional Excellence Awar

CPA WebTrust practitioners\u27 guide

https://egrove.olemiss.edu/aicpa_guides/1788/thumbnail.jp

Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations

Funding information: This research has been partially supported by the EU Horizon 2020 Grant 826278 "Securing Medical Data in Smart Patient-Centric Healthcare Systems" (Serums) , and the Research and Innovation Foundation (Project DiversePass: COMPLEMENTARY/0916/0182).This paper proposes a user-adaptable and personalized authentication paradigm for healthcare organizations, which anticipates to seamlessly reflect patients’ episodic and autobiographical memories to graphical and textual passwords aiming to improve the security strength of user-selected passwords and provide a positive user experience. We report on a longitudinal study that spanned over three years in which three public European healthcare organizations participated in order to design and evaluate the aforementioned paradigm. Three studies were conducted (n=169) with different stakeholders: i) a verification study aiming to identify existing authentication practices of the three healthcare organizations with diverse stakeholders (n=9); ii) a patient-centric feasibility study during which users interacted with the proposed authentication system (n=68); and iii) a human guessing attack study focusing on vulnerabilities among people sharing common experiences within location-aware images used for graphical passwords (n=92). Results revealed that the suggested paradigm scored high with regards to users’ likeability, perceived security, usability and trust, but more importantly it assists the creation of more secure passwords. On the downside, the suggested paradigm introduces password guessing vulnerabilities by individuals sharing common experiences with the end-users. Findings are expected to scaffold the design of more patient-centric knowledge-based authentication mechanisms within nowadays dynamic computation realms.PostprintPeer reviewe

Provisioning VolP wireless networks with security

Thesis (M. Tech.) - Central University of Technology, Free State, 200

User Authentication and Supervision in Networked Systems

This thesis considers the problem of user authentication and supervision in networked systems. The issue of user authentication is one of on-going concern in modem IT systems with the increased use of computer systems to store and provide access to sensitive information resources. While the traditional username/password login combination can be used to protect access to resources (when used appropriately), users often compromise the security that these methods can provide. While alternative (and often more secure) systems are available, these alternatives usually require expensive hardware to be purchased and integrated into IT systems. Even if alternatives are available (and financially viable), they frequently require users to authenticate in an intrusive manner (e.g. forcing a user to use a biometric technique relying on fingerprint recognition). Assuming an acceptable form of authentication is available, this still does not address the problem of on-going confidence in the users’ identity - i.e. once the user has logged in at the beginning of a session, there is usually no further confirmation of the users' identity until they logout or lock the session in which they are operating. Hence there is a significant requirement to not only improve login authentication but to also introduce the concept of continuous user supervision. Before attempting to implement a solution to the problems outlined above, a range of currently available user authentication methods are identified and evaluated. This is followed by a survey conducted to evaluate user attitudes and opinions relating to login and continuous authentication. The results reinforce perceptions regarding the weaknesses of the traditional username/password combination, and suggest that alternative techniques can be acceptable. This provides justification for the work described in the latter part o f the thesis. A number of small-scale trials are conducted to investigate alternative authentication techniques, using ImagePIN's and associative/cognitive questions. While these techniques are of an intrusive nature, they offer potential improvements as either initial login authentication methods or, as a challenge during a session to confirm the identity of the logged-in user. A potential solution to the problem of continuous user authentication is presented through the design and implementation o f a system to monitor user activity throughout a logged-in session. The effectiveness of this system is evaluated through a series of trials investigating the use of keystroke analysis using digraph, trigraph and keyword-based metrics (with the latter two methods representing novel approaches to the analysis of keystroke data). The initial trials demonstrate the viability of these techniques, whereas later trials are used to demonstrate the potential for a composite approach. The final trial described in this thesis was conducted over a three-month period with 35 trial participants and resulted in over five million samples. Due to the scope, duration, and the volume of data collected, this trial provides a significant contribution to the domain, with the use of a composite analysis method representing entirely new work. The results of these trials show that the technique of keystroke analysis is one that can be effective for the majority of users. Finally, a prototype composite authentication and response system is presented, which demonstrates how transparent, non-intrusive, continuous user authentication can be achieved

Managing Access Control in Virtual Private Networks

Virtual Private Network technology allows remote network users to benefit from resources on a private network as if their host machines actually resided on the network. However, each resource on a network may also have its own access control policies, which may be completely unrelated to network access. Thus users� access to a network (even by VPN technology) does not guarantee their access to the sought resources. With the introduction of more complicated access privileges, such as delegated access, it is conceivable for a scenario to arise where a user can access a network remotely (because of direct permissions from the network administrator or by delegated permission) but cannot access any resources on the network. There is, therefore, a need for a network access control mechanism that understands the privileges of each remote network user on one hand, and the access control policies of various network resources on the other hand, and so can aid a remote user in accessing these resources based on the user\u27s privileges. This research presents a software solution in the form of a centralized access control framework called an Access Control Service (ACS), that can grant remote users network presence and simultaneously aid them in accessing various network resources with varying access control policies. At the same time, the ACS provides a centralized framework for administrators to manage access to their resources. The ACS achieves these objectives using VPN technology, network address translation and by proxying various authentication protocols on behalf of remote users