Search results
1 – 9 of 9Sandeep Kumar Reddy Thota, C. Mala and Geetha Krishnan
A wireless body area network (WBAN) is a collection of sensing devices attached to a person’s body that is typically used during health care to track their physical state. This…
Abstract
Purpose
A wireless body area network (WBAN) is a collection of sensing devices attached to a person’s body that is typically used during health care to track their physical state. This paper aims to study the security challenges and various attacks that occurred while transferring a person’s sensitive medical diagnosis information in WBAN.
Design/methodology/approach
This technology has significantly gained prominence in the medical field. These wearable sensors are transferring information to doctors, and there are numerous possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. As a result, mutual authentication and session key negotiations are critical security challenges for wearable sensing devices in WBAN. This work proposes an improved mutual authentication and key agreement protocol for wearable sensing devices in WBAN. The existing related schemes require more computational and storage requirements, but the proposed method provides a flexible solution with less complexity.
Findings
As sensor devices are resource-constrained, proposed approach only makes use of cryptographic hash-functions and bit-wise XOR operations, hence it is lightweight and flexible. The protocol’s security is validated using the AVISPA tool, and it will withstand various security attacks. The proposed protocol’s simulation and performance analysis are compared to current relevant schemes and show that it produces efficient outcomes.
Originality/value
This technology has significantly gained prominence in the medical sector. These sensing devises transmit information to doctors, and there are possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. Hence, this paper proposes a lightweight and flexible protocol for mutual authentication and key agreement for wearable sensing devices in WBAN only makes use of cryptographic hash-functions and bit-wise XOR operations. The proposed protocol is simulated using AVISPA tool and its performance is better compared to the existing methods. This paper proposes a novel improved mutual authentication and key-agreement protocol for wearable sensing devices in WBAN.
Details
Keywords
Nancy Ambritta P, Poonam N. Railkar and Parikshit N. Mahalle
This paper aims at providing a comparative analysis of the existing protocols that address the security issues in the Future Internet (FI) and also to introduce a Collaborative…
Abstract
Purpose
This paper aims at providing a comparative analysis of the existing protocols that address the security issues in the Future Internet (FI) and also to introduce a Collaborative Mutual Identity Establishment (CMIE) scheme which adopts the elliptical curve cryptography (ECC), to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as denial-of-service (DoS) and replay attack.
Design/methodology/approach
This paper provides a comparative analysis of the existing protocols that address the security issues in the FI and also provides a CMIE scheme, by adopting the ECC and digital signature verification mechanism, to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as DoS and replay attack. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI. Further, the algorithm is evaluated against Automated Validation of Internet Security Protocols and Application (AVISPA) tool to verify the security solutions that the CMIE scheme has claimed to address to have been effectively achieved in reality.
Findings
The algorithm is evaluated against AVISPA tool to verify the security solutions that the CMIE scheme has claimed to address and proved to have been effectively achieved in reality. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI.
Research limitations/implications
Considering the Internet of Things (IoT) scenario, another important aspect that is the device-to-location (D2L) aspect has not been considered in this protocol. Major focus of the protocol is centered around the device-to-device (D2D) and device-to-server (D2S) scenarios. Also, IoT basically works upon a confluence of hundreds for protocols that support the achievement of various factors in the IoT, for example Data Distribution Service, Message Queue Telemetry Transport, Extensible Messaging and Presence Protocol, Constrained Application Protocol (CoAP) and so on. Interoperability of the proposed CMIE algorithm with the existing protocols has to be considered to establish a complete model that fits the FI. Further, each request for mutual authentication requires a querying of the database and a computation at each of the participating entities side for verification which could take considerable amount of time. However, for applications that require firm authentication for maintaining and ensuring secure interactions between entities prior to access control and initiation of actual transfer of sensitive information, the negligible difference in computation time can be ignored for the greater benefit that comes with stronger security. Other factors such as quality of service (QoS) (i.e. flexibility of data delivery, resource usage and timing), key management and distribution also need to be considered. However, the user still has the responsibility to choose the required protocol that suits one’s application and serves the purpose.
Originality/value
The originality of the work lies in adopting the ECC and digital signature verification mechanism to develop a new scheme that ensures mutual authentication between participating entities in the FI based upon certain user information such as identities. ECC provides efficiency in terms of key size generated and security against main-in-middle attack. The proposed scheme provides secured interactions between devices/entities in the FI.
Details
Keywords
Krishna Prakasha, Balachandra Muniyal and Vasundhara Acharya
The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions…
Abstract
Purpose
The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions, users and resources are located at different places, and the sensitive information is to be protected and transferred using the suitable, reliable mechanism.
Design/methodology/approach
One of the latest approach to handle the requirement is by a Public Key Infrastructure (PKI) or its variant Wireless Public Key Infrastructure (WPKI). Fundamental management techniques are required to be very secure and vital since they are one of the points of attack in public key cryptosystem. Entity authentication and key agreement (AKA) is a critical cryptographic problem in wireless communication, where a mutual entity authentication plays a vital role in the establishment of the secure and authentic connection. This paper proposes an efficient and enhanced AKA scheme (EAKA) with the end-to-end security and verifies the proposed system for protection using automated validation of internet security protocols and applications. An efficient way for the implementation of an enhanced version of the protocol is proposed using a lattice-based cryptographic algorithm.
Findings
The time consumed for the proposed research work shows that it is practical and acceptable.
Originality/value
The proposed research work is an efficient and enhanced user authentication mechanism.
Details
Keywords
Ken Sumida, Junya Fujimoto and Masayuki Sakata
The purpose of this paper is to differentiate sport spectators’ attitudes, specifically team loyalty and attitude towards spectating behaviour by investigating the reliability and…
Abstract
Purpose
The purpose of this paper is to differentiate sport spectators’ attitudes, specifically team loyalty and attitude towards spectating behaviour by investigating the reliability and validity of the proposed model, and the influence of the attitudinal factors on intention to re-attend sporting events.
Design/methodology/approach
In this quantitative study, data were longitudinally collected from five professional soccer teams of the Japanese professional soccer league official surveys of 2008. The study was analysed in two phases by first examining the reliability and validity of the measurements and then the appropriateness of the model. Finally, a multiple group analysis was conducted to examine the applicability across the aforementioned five teams.
Findings
Team loyalty conceptually and empirically differed from attitudes towards spectating behaviour. The proposed model indicated how attitudes have impacts on spectators’ future attendance at professional sports events, but the model significantly changed when parameters of the model were progressively constrained, suggesting that each team's uniqueness may influence spectators’ intention to attend future games.
Originality/value
Sport spectators’ attitudes play a significant role in the decision-making process of deciding to attend an event, and an understanding of how spectators’ attitudes influence their intention to re-attend events could be of value to both scholars and sports team managers. Spectators of each team have their own characteristics and although this makes it difficult to generalise the results, this study contributes to an understanding of spectators’ attitudes.
Details
Keywords
Sanjay Sudhir Kulkarni and Arjav A. Bavarva
Fifth-generation (5G) networks play a significant role in handover methods. 5G wireless network is open, flexible and highly heterogeneous along with the overlay coverage and…
Abstract
Purpose
Fifth-generation (5G) networks play a significant role in handover methods. 5G wireless network is open, flexible and highly heterogeneous along with the overlay coverage and small cell deployments. Handover management is one of the main problems in the heterogeneous network. Also, handover satisfies the needs of ultra-reliable communications along with very high reliability and availability in 5G networks. Handover management deals with every active connection of a user’s device, which moves the connection between the user’s device and the counterparty from one network point to another. Thus, the handover decision determines the best access network and also decides whether the handover is performed or not.
Design/methodology/approach
The main intention of this survey is to review several existing handover technologies in 5G. Using the categories of analysis, the existing techniques are divided into different techniques such as authentication-based techniques, blockchain-based techniques, software-defined-based techniques and radio access-based techniques. The survey is made by considering the methods such as used software, categorization of methods and used in the research works. Furthermore, the handover rate is considered for performance evaluation for the handover techniques in 5G. The drawbacks present in the existing review papers are elaborated in research gaps and issues division.
Findings
Through the detailed analysis and discussion, it can be summarized that the widely concerned evaluation metric for the performance evaluation is the handover rate. It is exploited that the handover rate within the range of 91%–99% is achieved by three research papers.
Originality/value
A survey on the various handover mechanisms in 5G networks is expected in this study. The research papers used in this survey are gathered from different sources such as Google Scholar and IEEE. Also, this survey suggests a further extension for the handover mechanism in 5G networks by considering various research gaps and issues.
Details
Keywords
Uncertainty is one of the principal features of public administration in Colombia. Therefore, presenting a clear and consistent analysis is difficult. This uncertainty exists…
Abstract
Uncertainty is one of the principal features of public administration in Colombia. Therefore, presenting a clear and consistent analysis is difficult. This uncertainty exists alongside interesting efforts to modernize institutions. Among the challenges faced by public administration in Colombia, we find corruption, illegal bands of drug traffickers, and the lack of trust between critical actors involved in governance. The aim of this chapter is to share an analysis that illustrates the difficulties and contradictions faced by those working in the public sector.
“Colombia is a legal social state organized in the form of a unitary republic, decentralized, with the autonomy of its territorial units, democratic, participatory, and pluralistic, based on respect of human dignity, on the work and solidarity of the individuals who belong to it, and the predominance of the general interest” (National Constitution, 1st Article).
“Colombia is a legal social state organized in the form of a unitary republic, decentralized, with the autonomy of its territorial units, democratic, participatory, and pluralistic, based on respect of human dignity, on the work and solidarity of the individuals who belong to it, and the predominance of the general interest” (National Constitution, 1st Article).
Shuhei Yamamoto, Kei Wakabayashi, Noriko Kando and Tetsuji Satoh
Many Twitter users post tweets that are related to their particular interests. Users can also collect information by following other users. One approach clarifies user interests…
Abstract
Purpose
Many Twitter users post tweets that are related to their particular interests. Users can also collect information by following other users. One approach clarifies user interests by tagging labels based on the users. A user tagging method is important to discover candidate users with similar interests. This paper aims to propose a new user tagging method using the posting time series data of the number of tweets.
Design/methodology/approach
Our hypothesis focuses on the relationship between a user’s interests and the posting times of tweets: as users have interests, they will post more tweets at the time when events occur compared with general times. The authors assume that hashtags are labeled tags to users and observe their occurrence counts in each timestamp. The authors extract burst timestamps using Kleinberg’s burst enumeration algorithm and estimate the burst levels. The authors manage the burst levels as term frequency in documents and calculate the score using typical methods such as cosine similarity, Naïve Bayes and term frequency (TF) in a document and inversed document frequency (IDF; TF-IDF).
Findings
From the sophisticated experimental evaluations, the authors demonstrate the high efficiency of the tagging method. Naïve Bayes and cosine similarity are particular suitable for the user tagging and tag score calculation tasks, respectively. Some users, whose hashtags were appropriately estimated by our methods, experienced higher the maximum value of the number of tweets than other users.
Originality/value
Many approaches estimate user interest based on the terms in tweets and apply such graph theory as following networks. The authors propose a new estimation method that uses the time series data of the number of tweets. The merits to estimating user interest using the time series data do not depend on language and can decrease the calculation costs compared with the above-mentioned approaches because the number of features is fewer.
Details
Keywords
M.B. Benjula Anbu Malar and Prabhu J.
This paper aims to discuss the Silver and Golden ticket exploits that usually exists in the existing systems. To overcome these challenges, the data is first encrypted and then…
Abstract
Purpose
This paper aims to discuss the Silver and Golden ticket exploits that usually exists in the existing systems. To overcome these challenges, the data is first encrypted and then the ticket is granted to the validated user. The users are validated using the user privileges. The security levels of the proposed model are compared with the existing models and provide a better performance using the Key Distribution Centre (KDC). The number of authentication and authorization levels present in the existing and proposed model is also evaluated.
Design/methodology/approach
The methodology designed in this paper is discussed in this section. The existing models are designed in such a way that the client ID first asked to send an authorization request to the Authentication Server. The server looks up the user in its database and then sends back a ticket generated by it to the client to obtain services for the Service center. Numerous models have some additional features to these systems where the theme of KDC was introduced. The Key Distribution Centre (KDC), which is a set of nodes in a network where the data could be distributed and stored, such that any kind of attack on a single KDC will not impact other KDC and the data stored in it. The nodes other than the KDC in the network are termed as the slave nodes. The slave nodes communicate with each other within the network depending on the topology of the entire network. In this paper, the authors have used the Kerberos protocol for adding more security functions in the entire network. The system developed consists of a client, server and a set of nodes connected to each other in a ring fashion.
Findings
The proposed model provides security to the information being used by making use of the Kerberos protocol. Additional features and algorithms such as the use of the ticket-granting approach have been added at the protocol to make it more secure than the existing models. The ticket generation is done at the server-side that makes the user have proper authentication to make use of the services available from the server-side. The model is designed in such a way that it could remain operational even during the time of denial of service. As future work, use of machine learning and deep learning could be used to predict the attack on the network well before it is being misused.
Originality/value
The paper discusses the Silver and Golden ticket exploits that usually exists in the existing systems. To overcome these challenges, the data is first encrypted and then the ticket is granted to the validated user. The users are validated using the user privileges. The security levels of the proposed model are compared with the existing models and provide a better performance using the Key Distribution Centre (KDC). The number of authentication and authorization levels present in the existing and proposed model is also evaluated.
Details