Strong Authentication for Web Services using Smartcards

The popularity of the Internet and the variety of services it provides has been immense. Unfortunately, many of these services require the user to register and subsequently login to the system in order to access them. This has resulted in the user having to remember a multitude of username and password combinations in order to use the service securely. However, literature has clearly demonstrated this is not an effective approach, as users will frequently choose simple passwords, write them down, share them or use the same password for multiple systems. This paper proposes a novel concept where Internet users authenticate to web services (service providers) by the use of a smartcard – taking away any requirement for the user to provide credentials. The smartcard is useful in this context as it is a trusted device that is capable of applying cryptography in a tamper resistant environment. The development of the concept is based upon an extension to Authentication Authorisation Infrastructure (AAI) models, where a trusted authority (Identity Provider) will provide and manage the smart card to end-users. In devices such as mobile phones, a smartcard is already present (e.g. the SIM) to facilitate this and it is envisaged such a card could also be produced for desktop environments – similarly to what many banks are currently implementing

�Strong Authentication for Web Services using Smartcards

The popularity of the Internet and the variety of services it provides has been immense. Unfortunately, many of these services require the user to register and subsequently login to the system in order to access them. This has resulted in the user having to remember a multitude of username and password combinations in order to use the service securely. However, literature has clearly demonstrated this is not an effective approach, as users will frequently choose simple passwords, write them down, share them or use the same password for multiple systems. This paper proposes a novel concept where Internet users authenticate to web services (service providers) by the use of a smartcard – taking away any requirement for the user to provide credentials. The smartcard is useful in this context as it is a trusted device that is capable of applying cryptography in a tamper resistant environment. The development of the concept is based upon an extension to Authentication Authorisation Infrastructure (AAI) models, where a trusted authority (Identity Provider) will provide and manage the smart card to end-users. In devices such as mobile phones, a smartcard is already present (e.g. the SIM) to facilitate this and it is envisaged such a card could also be produced for desktop environments – similarly to what many banks are currently implementing

Sea Ice concentration derived from GNSS reflection measurements in Fram Strait

Reflection power derived from the global navigation satellite system (GNSS) observations and its sensitivity to sea-ice concentration are investigated in this article. A corresponding experiment has been conducted during the Fram Strait cruise of the Norwegian research vessel Lance in summer 2016. The dedicated setup with a GNSS Occultation Reflectometry Scatterometry (GORS) receiver and dual-polarization (left- and right-handed) antenna links recorded 1922 h of reflection events during the 20-day cruise of the ship. The antenna setup, mounted 25.0 m above the waterline, serves to acquire sea surface reflections at grazing angles below 30°. Within a 5-min coherent integration period, direct and reflected signal contributions can be separated. Except for the highest sea states, with roll angle changes of 20° peak to peak, the separation allows to retrieve the reflection power and quantifies it in cross-, co-, and cross-to-co-polar ratios. The sea-ice concentration is inverted from power ratios using a non-linear least-squares algorithm. Additional data on sea-ice concentration gathered by a watchman on the ship are used for validation. The inversion results have a 20% resolution in concentration and 3-h resolution in time. The validation shows that the cross- and cross-to-co-polar data are sensitive to the sea-ice concentration. The respective Pearson correlation of 0.75 and 0.67 further suggests studies to foster the application of the GNSS data for sea-ice reflectometry