An Enhanced Cloud-Based Secure Authentication (ECSA) Protocol Suite for Prevention of Denial-of-Service (DoS) Attacks

Cloud systems are currently one of the primary solutions used in the information technology (IT) domain, also known as cloud services. Cloud services are accessed via an identity authentication process. These authentication processes have become gradually vulnerable to aggressive attackers who may perform Denial of Service (DoS) attacks to keep cloud services inaccessible. Several strong authentication protocols have been employed to protect traditional network systems and verify the identity of the users. Nevertheless, these authentication protocols could cause a DoS threat when implemented in the cloud-computing system. This is because the comprehensive verification process may exhaust the clouds� resources and shut their services down. In this work, we propose an enhanced cloud-based secure authentication protocol suite to operate as DoS resistance on multiple cloud layers. Our proposed solution utilizes multi-technique to prevent external and internal risks of DoS attacks. These techniques can distinguish legitimate a user�s requests from an attacker�s requests and then direct the legitimate user to the requested service(s). The cloud�s servers in the proposed authentication process become imprint-free servers, and fully aware of DoS attacks. To validate the proposed solution, an experiment is conducted using state-of-the-art cloud simulation (GreenCloud). The experimental results verify that the proposed solution is practically applicable as a lightweight authentication protocol suite in multiple cloud layers in terms of reliability and scalability

A Conceptual Framework for Measuring the Quality Aspect of Mobile Learning

With the continuing growth of mobile phones outpacing that of desktops and laptops, mobile phones are the new personal computer. These devices started becoming increasingly sophisticated and extremely powerful. In addition to making phone calls it have the capabilities to perform variety functions, one of the most important functions using it as a classroom tool. However, mobile phone applications must be designed and developed with respect to different technologies skills, learning capabilities and language proficiency in order to be accepted by wide audiences (e.g., students, instructors). However, there is much work that has been done to measure the quality of mobile applications, and there are many researchers attempting to figure out the most important reasons that make those applications fail. In this paper, we discuss the design issues of mobile learning specifically the usability and its sub- characteristics, by considering a case study based on our proposed framework. It concludes by introducing and discussing the results that were obtained, and also some suggestions are given to enhance the quality aspects of mobile learning

Continuous Authentication in the Digital Age: An Analysis of Reinforcement Learning and Behavioral Biometrics

This research article delves into the development of a reinforcement learning (RL)-based continuous authentication system utilizing behavioral biometrics for user identification on computing devices. Keystroke dynamics are employed to capture unique behavioral biometric signatures, while a reward-driven RL model is deployed to authenticate users throughout their sessions. The proposed system augments conventional authentication mechanisms, fortifying them with an additional layer of security to create a robust continuous authentication framework compatible with static authentication systems. The methodology entails training an RL model to discern atypical user typing patterns and identify potentially suspicious activities. Each user’s historical data are utilized to train an agent, which undergoes preprocessing to generate episodes for learning purposes. The environment involves the retrieval of observations, which are intentionally perturbed to facilitate learning of nonlinear behaviors. The observation vector encompasses both ongoing and summarized features. A binary and minimalist reward function is employed, with principal component analysis (PCA) utilized for encoding ongoing features, and the double deep Q-network (DDQN) algorithm implemented through a fully connected neural network serving as the policy net. Evaluation results showcase training accuracy and equal error rate (EER) ranging from 94.7% to 100% and 0 to 0.0126, respectively, while test accuracy and EER fall within the range of approximately 81.06% to 93.5% and 0.0323 to 0.11, respectively, for all users as encoder features increase in number. These outcomes are achieved through RL’s iterative refinement of rewards via trial and error, leading to enhanced accuracy over time as more data are processed and incorporated into the system

HSM4SSL: Leveraging HSMs for Enhanced Intra-Domain Security

In a world where digitization is rapidly advancing, the security and privacy of intra-domain communication within organizations are of critical concern. The imperative to secure communication channels among physical systems has led to the deployment of various security approaches aimed at fortifying networking protocols. However, these approaches have typically been designed to secure protocols individually, lacking a holistic perspective on the broader challenge of intra-domain communication security. This omission raises fundamental concerns about the safety and integrity of intra-domain environments, where all communication occurs within a single domain. As a result, this paper introduces HSM4SSL, a comprehensive solution designed to address the evolving challenges of secure data transmission in intra-domain environments. By leveraging hardware security modules (HSMs), HSM4SSL aims to utilize the Secure Socket Layer (SSL) protocol within intra-domain environments to ensure data confidentiality, authentication, and integrity. In addition, solutions proposed by academic researchers and in the industry have not addressed the issue in a holistic and integrative manner, as they only apply to specific types of environments or servers and do not utilize all cryptographic operations for robust security. Thus, HSM4SSL bridges this gap by offering a unified and comprehensive solution that includes certificate management, key management practices, and various security services. HSM4SSL comprises three layers to provide a standardized interaction between software applications and HSMs. A performance evaluation was conducted comparing HSM4SSL with a benchmark tool for cryptographic operations. The results indicate that HSM4SSL achieved 33% higher requests per second (RPS) compared to OpenSSL, along with a 13% lower latency rate. Additionally, HSM4SSL efficiently utilizes CPU and network resources, outperforming OpenSSL in various aspects. These findings highlight the effectiveness and reliability of HSM4SSL in providing secure communication within intra-domain environments, thus addressing the pressing need for enhanced security mechanisms

Authentication and Key Agreement Protocol in Hybrid Edge–Fog–Cloud Computing Enhanced by 5G Networks

The Internet of Things (IoT) has revolutionized connected devices, with applications in healthcare, data analytics, and smart cities. For time-sensitive applications, 5G wireless networks provide ultra-reliable low-latency communication (URLLC) and fog computing offloads IoT processing. Integrating 5G and fog computing can address cloud computing’s deficiencies, but security challenges remain, especially in Authentication and Key Agreement aspects due to the distributed and dynamic nature of fog computing. This study presents an innovative mutual Authentication and Key Agreement protocol that is specifically tailored to meet the security needs of fog computing in the context of the edge–fog–cloud three-tier architecture, enhanced by the incorporation of the 5G network. This study improves security in the edge–fog–cloud context by introducing a stateless authentication mechanism and conducting a comparative analysis of the proposed protocol with well-known alternatives, such as TLS 1.3, 5G-AKA, and various handover protocols. The suggested approach has a total transmission cost of only 1280 bits in the authentication phase, which is approximately 30% lower than other protocols. In addition, the suggested handover protocol only involves two signaling expenses. The computational cost for handover authentication for the edge user is significantly low, measuring 0.243 ms, which is under 10% of the computing costs of other authentication protocols