Anonymous Authentication Against Man-In-The-Middle Attack

Evolving enterprise in application and data with flexible and scalable infrastructure in cloud services could improve efficiency and productivity of a business operation. Cloud services also offer resource sharing, data storage and application platform as on-demand services that could reduce the operational expenditure. Nevertheless, increasing usage and accessibility to the cloud services require strong security control to preserve user’s privacy and data integrity due to network communication vulnerabilities. There are many possible attacks that could cause security breach and abuse the user’s identity, leading to illegal access to the server. Man-inthe-middle attack is one of the attacks that can intercept communication between users and collect all users’ information. The attacker can misuse the information and act as a legal user to gain access to the system. It is a big challenge to preserve user’s privacy and provide protection from malicious attack. This paper proposes anonymous authentication scheme to preserve user’s privacy and provide protection to such possible attacks. The proposed scheme also provides secure mutual authentication, anonymity, session key establishment and non-dependency with the third party. The proposed scheme uses password-based authentication as an authentication method with anonymity feature to preserve user’s privacy. Experiment was conducted to test and validate the proposed scheme with man-in-the-middle attack. The result of the experiment shows that the proposed scheme is able to provide the privacy to mitigate and successfully preserve the user’s identity from the attack

Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

Identity, location and query privacy for smart devices

In this thesis, we have discussed three important aspects of users\u27 privacy namely, location privacy, identity privacy and query privacy. The information related to identity, location and query is very sensitive as it can reveal behavior patterns, interests, preferences and habits of the users. We have proposed several techniques in the thesis on how to better protect the identity, location and query privacy

Overview and Features of Generic Security Protocols for Cloud Computing Environment

- In this research paper we are describing the several generic protocols use in Cloud computing environment. Now-a-days Cloud Computing has become very important in large and small enterprise so security has also become very important for Cloud Computing. Several technique use to protect the cloud. Techniques are implemented by protocols. This paper is based on overview of protocols that use in Cloud computing environment. The protocols of cloud computing can also use in different security system such as Cryptonet System, Mailing System and Authentication System