Search results

In wireless sensor network (WSN), user authentication plays as a vital role in which data sensing, as well as sharing, will be spoiled by hackers. To enhance user security, user authentication must be focused.

In previous works, for secured authentication, Enhanced User Authentication Protocol (EUAP) is presented. On the other hand, the user free password generation is permitted in the previous technique.

Here, password leakage may cause a malevolent user's contribution to the WSN environment. By presenting the Flexible and Secured User Authentication Protocol (FSUAP), this is solved in the presented technique in which secured as well as reliable sharing of data contents via unsecured wireless sensor devices was accomplished.

The foremost objective of the present technique is to device the protocol that would verify the users beforehand letting them access the sensor devices situated in various sites. The use of a sensor device could be reduced in a significant way. Three-factor authentication protocols are presented in place of two-factor authentication protocol in the presented technique that could deal with and safeguard the environment from a brute force attack in an effective manner.

Cryptography has become an essential feature for many current technological applications. Cryptographic methods are usually divided into private‐key (or symmetric) and public‐key (or asymmetric) algorithms. The purpose of this paper is to propose a client/server architecture to efficiently authenticate users by means of their fingerprint biometric feature. To do this, the personal data of each user are acquired at the client and, afterwards, they are conveniently encrypted using a combination of up‐to‐date symmetric and asymmetric cryptographic algorithms.

First the main issues related to public‐key and private‐key cryptography, including well‐known algorithms, such as data encryption standard and Rijndael methods are reviewed. After that, a proposal for the implementation of a client/server architecture to authenticate users by means of fingerprint features is proposed.

The results of the experiments show that such architecture is optimal for being applied in real authentication systems, provides high‐security standards and can be applied to any practical biometric system.

Biometrics has become an attractive alternative to password‐based systems: using a password is insecure, as they can easily be forgotten or stolen. Fingerprints are the most widely used biometric feature. This paper uses recent fingerprint identification algorithms together with the most advanced cryptographic methods recommended nowadays. This way, the system utilizes state‐of‐the‐art techniques that are also introduced in many practical systems; that is the reason why it will be flexible enough to integrate, any forthcoming needs of cryptographic systems.

The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud-based web services have contributed to the level of integration that can be achieved between applications. This paper investigates the potential security issues of OAuth, an authorisation framework for granting third-party applications revocable access to user data. OAuth has rapidly become an interim de facto standard for protecting access to web API data. Vendors have implemented OAuth before the open standard was officially published. To evaluate whether the OAuth 2.0 specification is truly ready for industry application, an entire OAuth client server environment was developed and validated against the speciation threat model. The research also included the analysis of the security features of several popular OAuth integrated websites and comparing those to the threat model. High-impacting exploits leading to account hijacking were identified with a number of major online publications. It is hypothesised that the OAuth 2.0 specification can be a secure authorisation mechanism when implemented correctly.

To analyse the security of OAuth implementations in industry a list of the 50 most popular websites in Ireland was retrieved from the statistical website Alexa (Noureddine and Bashroush, 2011). Each site was analysed to identify if it utilised OAuth. Out of the 50 sites, 21 were identified with OAuth support. Each vulnerability in the threat model was then tested against each OAuth-enabled site. To test the robustness of the OAuth framework, an entire OAuth environment was required. The proposed solution would compose of three parts: a client application, an authorisation server and a resource server. The client application needed to consume OAuth-enabled services. The authorisation server had to manage access to the resource server. The resource server had to expose data from the database based on the authorisation the user would be given from the authorisation server. It was decided that the client application would consume emails from Google’s Gmail API. The authorisation and resource server were modelled around a basic task-tracking web application. The client application would also consume task data from the developed resource server. The client application would also support Single Sign On for Google and Facebook, as well as a developed identity provider “MyTasks”. The authorisation server delegated authorisation to the client application and stored cryptography information for each access grant. The resource server validated the supplied access token via public cryptography and returned the requested data.

Two sites out of the 21 were found to be susceptible to some form of attack, meaning that 10.5 per cent were vulnerable. In total, 18 per cent of the world’s 50 most popular sites were in the list of 21 OAuth-enabled sites. The OAuth 2.0 specification is still very much in its infancy, but when implemented correctly, it can provide a relatively secure and interoperable authentication delegation mechanism. The IETF are currently addressing issues and expansions in their working drafts. Once a strict level of conformity is achieved between vendors and vulnerabilities are mitigated, it is likely that the framework will change the way we access data on the web and other devices.

OAuth is flexible, in that it offers extensions to support varying situations and existing technologies. A disadvantage of this flexibility is that new extensions typically bring new security exploits. Members of the IETF OAuth Working Group are constantly refining the draft specifications and are identifying new threats to the expanding functionality. OAuth provides a flexible authentication mechanism to protect and delegate access to APIs. It solves the password re-use across multiple accounts problem and stops the user from having to disclose their credentials to third parties. Filtering access to information by scope and giving the user the option to revoke access at any point gives the user control of their data. OAuth does raise security concerns, such as defying phishing education, but there are always going to be security issues with any authentication technology. Although several high impacting vulnerabilities were identified in industry, the developed solution proves the predicted hypothesis that a secure OAuth environment can be built when implemented correctly. Developers must conform to the defined specification and are responsible for validating their implementation against the given threat model. OAuth is an evolving authorisation framework. It is still in its infancy, and much work needs to be done in the specification to achieve stricter validation and vendor conformity. Vendor implementations need to become better aligned in order to provider a rich and truly interoperable authorisation mechanism. Once these issues are resolved, OAuth will be on track for becoming the definitive authentication standard on the web.

The purpose of this paper is to solve the problem of information privacy and security of social users. Mobile internet and social network are more and more deeply integrated into people’s daily life, especially under the interaction of the fierce development momentum of the Internet of Things and diversified personalized services, more and more private information of social users is exposed to the network environment actively or unintentionally. In addition, a large amount of social network data not only brings more benefits to network application providers, but also provides motivation for malicious attackers. Therefore, under the social network environment, the research on the privacy protection of user information has great theoretical and practical significance.

In this study, based on the social network analysis, combined with the attribute reduction idea of rough set theory, the generalized reduction concept based on multi-level rough set from the perspectives of positive region, information entropy and knowledge granularity of rough set theory were proposed. Furthermore, it was traversed on the basis of the hierarchical compatible granularity space of the original information system and the corresponding attribute values are coarsened. The selected test data sets were tested, and the experimental results were analyzed.

The results showed that the algorithm can guarantee the anonymity requirement of data publishing and improve the effect of classification modeling on anonymous data in social network environment.

In the test and verification of privacy protection algorithm and privacy protection scheme, the efficiency of algorithm and scheme needs to be tested on a larger data scale. However, the data in this study are not enough. In the following research, more data will be used for testing and verification.

In the context of social network, the hierarchical structure of data is introduced into rough set theory as domain knowledge by referring to human granulation cognitive mechanism, and rough set modeling for complex hierarchical data is studied for hierarchical data of decision table. The theoretical research results are applied to hierarchical decision rule mining and k-anonymous privacy protection data mining research, which enriches the connotation of rough set theory and has important theoretical and practical significance for further promoting the application of this theory. In addition, combined the theory of secure multi-party computing and the theory of attribute reduction in rough set, a privacy protection feature selection algorithm for multi-source decision table is proposed, which solves the privacy protection problem of feature selection in distributed environment. It provides a set of effective rough set feature selection method for privacy protection classification mining in distributed environment, which has practical application value for promoting the development of privacy protection data mining.

In this study, the proposed algorithm and scheme can effectively protect the privacy of social network data, ensure the availability of social network graph structure and realize the need of both protection and sharing of user attributes and relational data.

Purpose: Cryptocurrency technology has improved fast in the social economy and growth. Because cryptocurrency has many good qualities, it is initially employed for Bitcoin transactions.

Methodology: With the advent of Bitcoin, the link between distributed ledger technology (DLT) and the banking market has become stronger and more integrated. As more banking institutions understood the relevance of DLT, they began experimenting with using it in financial activities, such as R3CEV, Hyperledger, and Qiwi.

Findings: Many commercial organisations are beginning to experiment with DLT to reduce transactional costs and boost operational effectiveness, particularly in financial notes, cross-border payments, and asset-backed financing.

Practical Implications: DLT has many potential applications in banking domains in the upcoming years.

The purpose of this study is to look into the concept of blockchain technology which stores data in a distributed, tamper-resistant setting and how this technology may affect the future library and information (LI) centers’ operations and policy. It explores the potential benefits and limitations of this technology, for LI centers are the core objectives of this paper.

A systematic review of both academic and practitioner literature was conducted. It followed the Preferred Reporting Items for Systematic Reviews and Meta-Analysis (2020) standards.

The review shows that the decentralized nature of blockchain will transform the work in libraries and improve the inter-communication among communities. It can provide better privacy of user data thus increasing collaboration. However, there might be technological, financial, legal and social challenges that may act as hurdles to the realization of these goals in the true sense. The overall result shows that by keeping data updated, libraries can evaluate blockchain opportunities and make the best use of this technology.

Given the huge investments by industry, academic research that explores potential ramifications and supports libraries is required. The adoption of blockchain was investigated in this study from a variety of perspectives for LI center’s while also providing directions for future research.

It is evident that globally there is progress in blockchain technology development in terms of research and adoption in many industries, but the intention to adopt blockchain by libraries is still a fantasy. The lack of empirical evidence in the existing literature justifies the gap that needs to be filled. This systematic review attempts to fill the gaps in the existing knowledge which may serve as a reference for future initiatives in this field.

The initiation of cryptocurrency such as bitcoin has invoked a general curiosity in the international financial regime. Bitcoin works in a peer-to-peer framework with no third party acting as a monitoring agency. This brings in both positive and negative spirit to the table. Though generic understanding is available, the studies done on bitcoin and blockchain are far and few. The purpose of this paper is to decipher the level of understanding the scientific world has on bitcoin and the underlying blockchain and thereby to find out the pertinent research gaps existing in this field.

A biblio-morphological analysis is undertaken which underscores a comprehensive framework characterizing the bitcoin and blockchain literature in terms of dimensions and options. This was developed as a result of extensive scanning of the relevant literature.

The biblio-morphological analysis broadly outlines the present status of the research on the topic. The morphological analysis brings out the 169 research gaps that exist in the area of bitcoin and underlying blockchain technology. The cross-consistency matrix underscores the fact that this novel technology bears large research potential.

The biggest contribution of this paper would be to underline the present status of the literature on bitcoin and blockchain technology. This study attempts to make this document a vade mecum for both the industry and the academia in the area of bitcoin and blockchain technology. The blockchain technology and its effects and influences on other disciplines can effectively be explored by taking cues from the gaps identified by this biblio-morphological analysis. Such unique combinations can open up new avenues of research in the broader realm of business and economics.

To the best of the authors’ knowledge, this is a first comprehensive biblio-morphological analysis on bitcoin and underlying blockchain technology, which characterizes blockchain literature and thereby offers to reduce redundant research by delineating the possible avenues in the area of blockchain technology.

The objectives of the study were to identify the effects of blockchain technology (BT) on the university librarians, the impact of BT on the university library services and to reveal the challenges to adopt BT in the university libraries.

A systematic literature review was applied to address the objectives of the study. Around 25 studies published in peer-reviewed journals were selected to conduct the study.

The findings of the study revealed that blockchain technology (BT) has positive effects on the university librarians as it assists them in digital resources management, provision of integrated library services, effective records management and continued professional development. The study also displayed that BT has a positive impact on the university libraries through effective information management, user privacy, collaboration, technological innovation and access control. Results also revealed that technical issues, financial constraints, security problems, skill issues and sociocultural issues created challenges to adopt BT in the university libraries.

The study has offered theoretical implications for future investigators through the provision of innovative literature on the prospectus and challenges associated with blockchain in the context of librarianship. The study has also provided practical implications for management bodies by offering recommendations for the successful adoption of blockchain in the university libraries. Additionally, a framework has been developed to adopt BT successfully in the university libraries for the delivery of smart library services to library patrons.

This paper seeks to advance research and strategies that lead to a heightened awareness of the need to protect data from disclosure, to guarantee the authenticity of data and messages, and to protect systems from network‐based attacks.

The paper introduces the necessary mathematics of cryptography: integer and modular arithmetic, linear congruence, Euclidean and extended Euclidean algorithm, Fermat's theorem, and Elliptic curve.

The results indicate that encryption has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs, and secure computation.

The results of this research show that all forms of e‐commerce activities such as online credit card processing, purchasing stocks, and banking data processing, if compromised, would lead to businesses losing billions of dollars in lost revenues as well as losing confidence in e‐commerce. In the last few years, it had been reported that organizations that store and maintain customers' private and confidential records were compromised on many occasions by hackers breaking into the data networks and stealing the records from the storage media.

This paper tackles one of the most critical problems of securing data networks. Security problems arise among other things to resource and workload sharing; complexity of interconnected networks; authentication of users; fast expandability of networks; threats to networks such as wiretapping and violations of the seven pillars of security: authentication, authorization, privacy, integrity, non‐repudiation, availability, and audit.

Blockchain is a distributed ledger technology that uses cryptography to ensure transmission and access security, which provides solutions to numerous challenges to complex supply networks. The purpose of this paper is to empirically test the impact of blockchain implementation on shareholder value varying from internal and external complexity from the complex adaptive systems (CASs) perspective. It further explores how business diversification, supply chain (SC) concentration and environmental complexity affect the relationship between blockchain implementation and shareholder value.

Based on 138 blockchain implementation announcements of listed companies on the Chinese A-share stock market, the authors use event study methodology to evaluate the impact of blockchain implementation on shareholder value.

The results show that blockchain implementation has a positive impact on shareholder value, and this impact will be moderated by business diversification, SC concentration and environmental complexity. In addition, environmental complexity exerts a moderating effect on SC concentration. In the post hoc analysis, the authors further explore the impact of blockchain implementation on long-term operational performance.

This is the first research empirically examining the effect of blockchain implementation on shareholder value varying from internal and external complexity from the CASs perspective. This paper provides evidence of the different effects of blockchain implementation on short- and long-term performance. It adds to the interdisciplinary research of information systems (IS) and operations management (OM).