1,654 research outputs found
Applying MAC Address-Based Access Control for Securing Admin’s Login Page
Authentication is a very important process for securing web applications. Username and password are two parameters commonly used for user authentication on the administrator’s login page. However, such the two authentication parameters can be easily breached so that they can become a vulnerability that adversary parties can use to conduct malicious activities. For example, the attackers can commit a crime such as data modification or theft or even more dangerous take over administrator services of a system. Therefore, it is necessary to improve the security mechanism by adding additional factor of authentication other than username and password. In this study, an improvement in authentication mechanisms was carried out by applying MAC Address-based access control as an additional authentication factor. In this method, Address Resolution Protocol (ARP) is used in mapping the users Internet Protocol (IP) address to their MAC address during validation process. The experimental results showed that the addition of the MAC address made the authentication process resistant to Dictionary Attack and Shoulder Surfing Attack
Dashboard of intelligent transportation system (ITS) using mobile agents strategy on notification authentication process
Extracting accurate information from huge Transportation Database need to build efficiency Intelligent Transportation Systems ITS-Dashboard that should allow making correct decisions. The quality of decision and the achievement of performance depend on the quality of the information supplied. This information must be reliable, complete, pertinent and more to care about external attacks. Distributed Mobile Agent consists of autonomy of entities with capacities of perception, cooperation and action on their own environment. One of Agent function is the security of Authentication process by activation of notification system on Mobile Device. The main purpose of this paper is to make it consisting of an Agent Based Framework. The strategy is to exploit Mobile Agent capabilities in a Strict Notification Process when user validates his authentication request
Information Technology Project Update: 2011-2012
Marshall University Information Technology (MUIT) strives to provide seamless access to global resources, a robust infrastructure and current tools to support our faculty, staff and students, and high levels of technology to compete and excel in a world characterized by constant change with increased mobility. MUIT engages in collaborative relationships within the University and with the local community acting as a trusted partner anticipating needs and responding with innovative solutions in support of the University’s mission of teaching, research, and service via extensive research and planning endeavors
AN ANALYSIS OF VOICE OVER INTERNET PROTOCOL (VOIP) AND ITS SECURITY IMPLEMENTATION
Voice over Internet Protocol (VoIP) has been in existence for a number of years but only
quite recently has it developed into mass adoption. As VoIP technology penetrates
worldwide telecommunications markets, the advancements achieved in performance, cost
reduction, and feature supportmake VoIP a convincingproposition for service providers,
equipment manufacturers, and end users. Since the introduction of mass-market VoIP
services over broadband Internet in 2004, security and safeguarding are becoming a more
important obligation in VoIP solutions. The purpose of this final year project is to study
and analyze VoIP and implement the security aspect using Secure Real-time Transport
Protocol (SRTP) end-to-end media encryption in the Universiti Teknologi PETRONAS
(UTP) laboratory. Extensive research, evaluation of case studies, literature reviews,
network analysis, as well as testing and experimentation are the methods employed in
achieving a secure and reliable VoIP network. With the given time frame and adequate
resources, the study and analysis of VoIP and implementation of SRTP should prove to
be very successful
ACUTA Journal of Telecommunications in Higher Education
In This Issue
President\u27s Message
From the ACUTA GEO
Privacy Matters
Crisis on Campus
Appropriate and Reasonable Protections
Securing the Cloud: Key Contract Provisions for lnstitutions
Changing Behavior...Changing Mindsets
Holes in University BYOD Policies
The impact of the Smartphone Ecosystem
Phishing, the Path of Least Resistance
2014 lnstitutional Excellence Awar
CPA WebTrust practitioners\u27 guide
https://egrove.olemiss.edu/aicpa_guides/1788/thumbnail.jp
Security and usability of a personalized user authentication paradigm : insights from a longitudinal study with three healthcare organizations
Funding information: This research has been partially supported by the EU Horizon 2020 Grant 826278 "Securing Medical Data in Smart Patient-Centric Healthcare Systems" (Serums) , and the Research and Innovation Foundation (Project DiversePass: COMPLEMENTARY/0916/0182).This paper proposes a user-adaptable and personalized authentication paradigm for healthcare organizations, which anticipates to seamlessly reflect patients’ episodic and autobiographical memories to graphical and textual passwords aiming to improve the security strength of user-selected passwords and provide a positive user experience. We report on a longitudinal study that spanned over three years in which three public European healthcare organizations participated in order to design and evaluate the aforementioned paradigm. Three studies were conducted (n=169) with different stakeholders: i) a verification study aiming to identify existing authentication practices of the three healthcare organizations with diverse stakeholders (n=9); ii) a patient-centric feasibility study during which users interacted with the proposed authentication system (n=68); and iii) a human guessing attack study focusing on vulnerabilities among people sharing common experiences within location-aware images used for graphical passwords (n=92). Results revealed that the suggested paradigm scored high with regards to users’ likeability, perceived security, usability and trust, but more importantly it assists the creation of more secure passwords. On the downside, the suggested paradigm introduces password guessing vulnerabilities by individuals sharing common experiences with the end-users. Findings are expected to scaffold the design of more patient-centric knowledge-based authentication mechanisms within nowadays dynamic computation realms.PostprintPeer reviewe
Provisioning VolP wireless networks with security
Thesis (M. Tech.) - Central University of Technology, Free State, 200
User Authentication and Supervision in Networked Systems
This thesis considers the problem of user authentication and supervision in networked
systems. The issue of user authentication is one of on-going concern in modem IT systems
with the increased use of computer systems to store and provide access to sensitive
information resources. While the traditional username/password login combination can be
used to protect access to resources (when used appropriately), users often compromise the
security that these methods can provide. While alternative (and often more secure)
systems are available, these alternatives usually require expensive hardware to be
purchased and integrated into IT systems. Even if alternatives are available (and
financially viable), they frequently require users to authenticate in an intrusive manner (e.g.
forcing a user to use a biometric technique relying on fingerprint recognition). Assuming
an acceptable form of authentication is available, this still does not address the problem of
on-going confidence in the users’ identity - i.e. once the user has logged in at the
beginning of a session, there is usually no further confirmation of the users' identity until
they logout or lock the session in which they are operating. Hence there is a significant
requirement to not only improve login authentication but to also introduce the concept of
continuous user supervision.
Before attempting to implement a solution to the problems outlined above, a range of
currently available user authentication methods are identified and evaluated. This is
followed by a survey conducted to evaluate user attitudes and opinions relating to login
and continuous authentication. The results reinforce perceptions regarding the weaknesses
of the traditional username/password combination, and suggest that alternative techniques
can be acceptable. This provides justification for the work described in the latter part o f
the thesis.
A number of small-scale trials are conducted to investigate alternative authentication
techniques, using ImagePIN's and associative/cognitive questions. While these techniques
are of an intrusive nature, they offer potential improvements as either initial login
authentication methods or, as a challenge during a session to confirm the identity of the
logged-in user.
A potential solution to the problem of continuous user authentication is presented through
the design and implementation o f a system to monitor user activity throughout a logged-in
session. The effectiveness of this system is evaluated through a series of trials
investigating the use of keystroke analysis using digraph, trigraph and keyword-based
metrics (with the latter two methods representing novel approaches to the analysis of
keystroke data). The initial trials demonstrate the viability of these techniques, whereas
later trials are used to demonstrate the potential for a composite approach. The final trial
described in this thesis was conducted over a three-month period with 35 trial participants
and resulted in over five million samples. Due to the scope, duration, and the volume of
data collected, this trial provides a significant contribution to the domain, with the use of a
composite analysis method representing entirely new work. The results of these trials
show that the technique of keystroke analysis is one that can be effective for the majority
of users. Finally, a prototype composite authentication and response system is presented,
which demonstrates how transparent, non-intrusive, continuous user authentication can be
achieved
Managing Access Control in Virtual Private Networks
Virtual Private Network technology allows remote network users to benefit from resources on a private network as if their host machines actually resided on the network. However, each resource on a network may also have its own access control policies, which may be completely unrelated to network access. Thus usersďż˝ access to a network (even by VPN technology) does not guarantee their access to the sought resources. With the introduction of more complicated access privileges, such as delegated access, it is conceivable for a scenario to arise where a user can access a network remotely (because of direct permissions from the network administrator or by delegated permission) but cannot access any resources on the network. There is, therefore, a need for a network access control mechanism that understands the privileges of each remote network user on one hand, and the access control policies of various network resources on the other hand, and so can aid a remote user in accessing these resources based on the user\u27s privileges. This research presents a software solution in the form of a centralized access control framework called an Access Control Service (ACS), that can grant remote users network presence and simultaneously aid them in accessing various network resources with varying access control policies. At the same time, the ACS provides a centralized framework for administrators to manage access to their resources. The ACS achieves these objectives using VPN technology, network address translation and by proxying various authentication protocols on behalf of remote users
- …