Supporting Decision Makers in Choosing Suitable Authentication Schemes

Despite its well-known deficiencies, the text password remains ubiquitous. Researchers previously suggested that this apparent conundrum was due to the complexity of choosing a suitable authentication scheme with respect to the desired application scenario. The plethora of alternatives can leave decision makers flummoxed and leads to their reaching for the familiar text password. To alleviate these difficulties, Renaud et al. suggested ACCESS (Authentication ChoiCE Support System), an abstract framework to support decision makers in this struggle. In this paper we present the first concrete realization of ACCESS. We create a knowledge base from the results of a literature review and present a technique which allows decision makers to specify their requirements effortlessly. The central contribution of this work is the realization of ACCESS’ feasibility analysis based on an adapted Analytic Hierarchy Process (AHP). This adaptation allows outsourcing the burden of knowing all authentication alternatives to experts, while keeping the complexity of the expert part as low as possible

POSTER: Towards Collaboratively Supporting Decision Makers in Choosing Suitable Authentication Schemes

In spite of the the issues associated with them, text passwords are the predominant means of user authentication today. To foster the adoption of alternative authentication schemes, Renaud et al. (2014) proposed the ACCESS (Authentication ChoiCE Support System) framework. In prior work, we presented the first implementation of this abstract framework as a decision support system. In this work, we report on the current progress of expanding our prototype implementation into a collaborative authentication research platform. In addition to a decision support system, this platform also includes an interface to systematically access all the information in the knowledge base and collaborative features to facilitate the process of keeping the data for the decision support system current

GTM approach towards engineering a features-oriented evaluation framework for secure authentication in IIoT environment

Industry Internet of Things (IIoT) has become the most evolving area over the last few years. The number of IoT devices connected in industry has sharply elevated but this surge has led to the vulnerability and data breach such as if a malicious entry is made to the secure network, it will forfeit all the network resources. For this purpose a full pledged secure authentication method is essential to safeguard IIoT network. There is a bulky list of number of authentications protocols available to keep network safe with a variety of features so but it becomes herculean task for network administrator to pick the strong and secure authentication method due to huge number of criteria, conflicting objectives and availability of authentication protocols in industry environment. It has become imperative to get the most rational authentication method in devices operating in IIoT. To address this issue, a feature-oriented assessment framework is put forward to provide a ground for ranking and selection of best authentication mechanism. This framework uses a mathematic approach known as Graph Theory Matrix Approach (GTMA) and selects the best authentication method based on the number of features. These features are related to authentication and covers almost every aspect of authentication method and are used as benchmark for selection purposes. This framework takes into account the most important features and helps in selecting the best and most ideal features-oriented authentication method that can be employed in IIoT to keep the integrity and security of connected devices and overall network infrastructure.Qatar National Library and Qatar University - grant No. QUHI-CBE-21/22-1

KALwEN: a new practical and interoperable key management scheme for body sensor networks

Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike

A Privacy Preserving Framework for RFID Based Healthcare Systems

RFID (Radio Frequency IDentification) is anticipated to be a core technology that will be used in many practical applications of our life in near future. It has received considerable attention within the healthcare for almost a decade now. The technology’s promise to efficiently track hospital supplies, medical equipment, medications and patients is an attractive proposition to the healthcare industry. However, the prospect of wide spread use of RFID tags in the healthcare area has also triggered discussions regarding privacy, particularly because RFID data in transit may easily be intercepted and can be send to track its user (owner). In a nutshell, this technology has not really seen its true potential in healthcare industry since privacy concerns raised by the tag bearers are not properly addressed by existing identification techniques. There are two major types of privacy preservation techniques that are required in an RFID based healthcare system—(1) a privacy preserving authentication protocol is required while sensing RFID tags for different identification and monitoring purposes, and (2) a privacy preserving access control mechanism is required to restrict unauthorized access of private information while providing healthcare services using the tag ID. In this paper, we propose a framework (PriSens-HSAC) that makes an effort to address the above mentioned two privacy issues. To the best of our knowledge, it is the first framework to provide increased privacy in RFID based healthcare systems, using RFID authentication along with access control technique

Assessment of work-based reports: an analysis of assessment frameworks

In Britain engineering professional development has traditionally been seen as a three phase process consisting of a period of engineering formation, a period of training and a period during which engineering responsibilities are demonstrated. An individual could submit evidence of these activities and become registered as a Professional Engineer. Increasing numbers of people employed in the role of engineer do not have formal engineering qualifications and a part or all their engineering formation is carried out within engineering companies or organizations. These people therefore do not have the academically authenticated credentials to register as professional engineers but if they are ignored then the pool of registered engineers will cease to be representative of the profession. The Engineering Council, the body responsible for registering engineers in the UK, has acknowledged the changes in the structure of the profession and has introduced an alternative route for assessing the knowledge and understanding that underpins the competence of a professional engineer. Individual engineers can demonstrate that they have an adequate engineering formation through any combination of academic qualifications and a technical report on some aspect of their professional engineering work. The introduction of the technical report requires the Professional Engineering Bodies to carry out an assessment outside the traditional assessment framework of the Universities. This paper reviews and analyses the requirements of assessment systems and derives the components of such a system that will ensure that the results of the assessment of a work-based technical report will be respected and be seen as assuring comparable standards to the academic routes to engineering formation. By examining assessment separately from the processes of teaching and learning, the paper also reveals the extent of an assessment process and its costs

Privacy-centered authentication: a new framework and analysis

© 2023 Elsevier. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/The usage of authentication schemes is increasing in our daily life with the ubiquitous spreading Internet services. The verification of user’s identity is still predominantly password-based, despite of being susceptible to various attacks and openly hated by users. Bonneau et al. presented a framework, based on Usability, Deployability, and Security criteria (UDS), to evaluate authentication schemes and find a replacement for passwords. Although the UDS framework is a mature and comprehensive evaluation framework and has been extended by other authors, it does not analyse privacy aspects in the usage of authentication schemes. In the present work, we extend the UDS framework with a privacy category to allow a more comprehensive evaluation, becoming an UDSP framework. We provide a thorough, rigorous assessment of sample authentication schemes, including analyse novel behavioural biometrics. Our work also discusses implementation aspects regarding the new privacy dimension and sketches the prospect of future authentication schemes.Javier Parra-Arnau is the recipient of a “Ramón y Cajal” fellowship (ref. RYC2021–034256-I) funded by the Spanish Ministry of Science and Innovation and the European Union – “NextGenerationEU”/PRTR (Plan de Recuperación, Transformación y Resiliencia). This work was also supported by the Spanish Government under the project “Enhancing Communication Protocols with Machine Learning while Protecting Sensitive Data (COMPROMISE)” PID2020–113795RB-C31, funded by MCIN/AEI/10.13039/501100011033, and through the project “MOBILYTICS” (TED2021–129782B-I00), funded by MCIN/AEI/10.13039/501100011033 and the European Union “NextGenerationEU”/PRTR.Peer ReviewedPostprint (published version

Access network selection schemes for multiple calls in next generation wireless networks

There is an increasing demand for internet services by mobile subscribers over the wireless access networks, with limited radio resources and capacity constraints. A viable solution to this capacity crunch is the deployment of heterogeneous networks. However, in this wireless environment, the choice of the most appropriate Radio Access Technology (RAT) that can Tsustain or meet the quality of service (QoS) requirements of users' applications require careful planning and cost efficient radio resource management methods. Previous research works on access network selection have focused on selecting a suitable RAT for a user's single call request. With the present request for multiple calls over wireless access networks, where each call has different QoS requirements and the available networks exhibit dynamic channel conditions, the choice of a suitable RAT capable of providing the "Always Best Connected" (ABC) experience for the user becomes a challenge. In this thesis, the problem of selecting the suitable RAT that is capable of meeting the QoS requirements for multiple call requests by mobile users in access networks is investigated. In addressing this problem, we proposed the use of Complex PRoprtional ASsesment (COPRAS) and Consensus-based Multi-Attribute Group Decision Making (MAGDM) techniques as novel and viable RAT selection methods for a grouped-multiple call. The performance of the proposed COPRAS multi-attribute decision making approach to RAT selection for a grouped-call has been evaluated through simulations in different network scenarios. The results show that the COPRAS method, which is simple and flexible, is more efficient in the selection of appropriate RAT for group multiple calls. The COPRAS method reduces handoff frequency and is computationally inexpensive when compared with other methods such as the Technique for Order Preference by Similarity to Ideal Solution (TOPSIS), Simple Additive Weighting (SAW) and Multiplicative Exponent Weighting (MEW). The application of the proposed consensus-based algorithm in the selection of a suitable RAT for group-multiple calls, comprising of voice, video-streaming, and file-downloading has been intensively investigated. This algorithm aggregates the QoS requirement of the individual application into a collective QoS for the group calls. This new and novel approach to RAT selection for a grouped-call measures and compares the consensus degree of the collective solution and individual solution against a predefined threshold value. Using the methods of coincidence among preferences and coincidence among solutions with a predefined consensus threshold of 0.9, we evaluated the performance of the consensus-based RAT selection scheme through simulations under different network scenarios. The obtained results show that both methods of coincidences have the capability to select the most suitable RAT for a group of multiple calls. However, the method of coincidence among solutions achieves better results in terms of accuracy, it is less complex and the number of iteration before achieving the predefined consensus threshold is reduced. A utility-based RAT selection method for parallel traffic-streaming in an overlapped heterogeneous wireless network has also been developed. The RAT selection method was modeled with constraints on terminal battery power, service cost and network congestion to select a specified number of RATs that optimizes the terminal interface utility. The results obtained show an optimum RAT selection strategy that maximizes the terminal utility and selects the best RAT combinations for user's parallel-streaming for voice, video and file-download

Blockchain and Cryptocurrencies: a Classification and Comparison of Architecture Drivers

Blockchain is a decentralized transaction and data management solution, the technological leap behind the success of Bitcoin and other cryptocurrencies. As the variety of existing blockchains and distributed ledgers continues to increase, adopters should focus on selecting the solution that best fits their needs and the requirements of their decentralized applications, rather than developing yet another blockchain from scratch. In this paper we present a conceptual framework to aid software architects, developers, and decision makers to adopt the right blockchain technology. The framework exposes the interrelation between technological decisions and architectural features, capturing the knowledge from existing academic literature, industrial products, technical forums/blogs, and experts' feedback. We empirically show the applicability of our framework by dissecting the platforms behind Bitcoin and other top 10 cryptocurrencies, aided by a focus group with researchers and industry practitioners. Then, we leverage the framework together with key notions of the Architectural Tradeoff Analysis Method (ATAM) to analyze four real-world blockchain case studies from industry and academia. Results shown that applying our framework leads to a deeper understanding of the architectural tradeoffs, allowing to assess technologies more objectively and select the one that best fit developers needs, ultimately cutting costs, reducing time-to-market and accelerating return on investment.Comment: Accepted for publication at journal Concurrency and Computation: Practice and Experience. Special Issue on distributed large scale applications and environment

GRIDA3—a shared resources manager for environmental data analysis and applications

GRIDA3 (Shared Resources Manager for Environmental Data Analysis and Applications) is a multidisciplinary project designed to deliver an integrated system to forge solutions to some environmental challenges such as the constant increase of polluted sites, the sustainability of natural resources usage and the forecast of extreme meteorological events. The GRIDA3 portal is mainly based on Web 2.0 technologies and EnginFrame framework. The portal, now at an advanced stage of development, provides end-users with intuitive Web-interfaces and tools that simplify job submission to the underneath computing resources. The framework manages the user authentication and authorization, then controls the action and job execution into the grid computing environment, collects the results and transforms them into an useful format on the client side. The GRIDA3 Portal framework will provide a problem-solving platform allowing, through appropriate access policies, the integration and the sharing of skills, resources and tools located at multiple sites across federated domains