Selection of EAP-authentication methods in WLANs

IEEE 802.1X is a key part of IEEE802.11i. By employing Extensible Authentication Protocol (EAP) it supports a variety of upper layer authentication methods each with different benefits and drawbacks. Any one of these authentication methods can be the ideal choice for a specific networking environment. The fact that IEEE 802.11i leaves the selection of the most suitable authentication method to system implementers makes the authentication framework more flexible, but on the other hand leads to the question of how to select the authentication method that suits an organisation’s requirements and specific networking environment. This paper gives an overview of EAP authentication methods and provides a table comparing their properties. It then identifies the crucial factors to be considered when employing EAP authentication methods in WLAN environments. The paper presents algorithms that guide the selection of an EAP-authentication method for a WLAN and demonstrates their application through three examples

Transparent end-user authentication across heterogeneous wireless networks

With the increasing number of mobile and wireless networks that are deployed, the handovers between these systems take place more often. In order to provide end-users with uninterrupted access to services, support for fast handover is essential. One of the prerequisites of a fast-handover is the transparent end-user authentication. In this paper we address the end-user authentication at network level. We focus on providing transparent end-user authentication across UMTS and WLAN network technologies. The end-user should be unaware of the underlying network technologies when it comes to authentication. We describe two solutions. For the first solution, authentication is based on the authentication mechanism of the UMTS network. This authentication relies on the shared secret between the UMTS SIM (USIM) card and the end-user's home network. The authentication in the second case is based on multiple authentication mechanisms; it overcomes the issue of authentication differences in UTMS and WLAN networks

Quantum authentication of classical messages

Although key distribution is arguably the most studied context on which to apply quantum cryptographic techniques, message authentication, i.e., certifying the identity of the message originator and the integrity of the message sent, can also benefit from the use of quantum resources. Classically, message authentication can be performed by techniques based on hash functions. However, the security of the resulting protocols depends on the selection of appropriate hash functions, and on the use of long authentication keys. In this paper we propose a quantum authentication procedure that, making use of just one qubit as the authentication key, allows the authentication of binary classical messages in a secure manner.Comment: LaTeX, 6 page

Seamless and Secure VR: Adapting and Evaluating Established Authentication Systems for Virtual Reality

Virtual reality (VR) headsets are enabling a wide range of new opportunities for the user. For example, in the near future users may be able to visit virtual shopping malls and virtually join international conferences. These and many other scenarios pose new questions with regards to privacy and security, in particular authentication of users within the virtual environment. As a first step towards seamless VR authentication, this paper investigates the direct transfer of well-established concepts (PIN, Android unlock patterns) into VR. In a pilot study (N = 5) and a lab study (N = 25), we adapted existing mechanisms and evaluated their usability and security for VR. The results indicate that both PINs and patterns are well suited for authentication in VR. We found that the usability of both methods matched the performance known from the physical world. In addition, the private visual channel makes authentication harder to observe, indicating that authentication in VR using traditional concepts already achieves a good balance in the trade-off between usability and security. The paper contributes to a better understanding of authentication within VR environments, by providing the first investigation of established authentication methods within VR, and presents the base layer for the design of future authentication schemes, which are used in VR environments only

Algorithm design for grip-pattern verification in smart gun

The Secure Grip project1 focuses on the development of a hand-grip pattern recognition system, as part of the smart gun. Its target customer is the police. To explore the authentication performance of this system, we collected data from a group of police officers, and made authentication simulations based on a likelihood-ratio classifier. This smart gun system has been proved to be useful in the authentication of the police officers. However, its authentication performance needs some further improvement, especially when data for training and testing were collected with some time in between. We present and analyze the simulation results of the authentication experiment. Based on the analyses, we propose some methods to improve the system¿s authentication performance

Design and Implementation of an IP based authentication mechanism for Open Source Proxy Servers in Interception Mode

Proxy servers are being increasingly deployed at organizations for performance benefits; however, there still exists drawbacks in ease of client authentication in interception proxy mode mainly for Open Source Proxy Servers. Technically, an interception mode is not designed for client authentication, but implementation in certain organizations does require this feature. In this paper, we focus on the World Wide Web, highlight the existing transparent proxy authentication mechanisms, its drawbacks and propose an authentication scheme for transparent proxy users by using external scripts based on the clients Internet Protocol Address. This authentication mechanism has been implemented and verified on Squid-one of the most widely used HTTP Open Source Proxy Server.Comment: 11 pages, Authenticating Clients in Transparent/ Interception Mode, Squid Proxy Serve