Search results

The use of mobile devices in handling our daily activities that involve the storage or access of sensitive data (e.g. on-line banking, paperless prescription services, etc.) is becoming very common. These mobile electronic services typically use a knowledge-based authentication method to authenticate a user (claimed identity). However, this authentication method is vulnerable to several security attacks. To counter the attacks and to make the authentication process more secure, this paper aims to investigate the use of touch dynamics biometrics in conjunction with a personal identification number (PIN)-based authentication method, and demonstrate its benefits in terms of strengthening the security of authentication services for mobile devices.

The investigation has made use of three light-weighted matching functions and a comprehensive reference data set collected from 150 subjects.

The investigative results show that, with this multi-factor authentication approach, even when the PIN is exposed, as much as nine out of ten impersonation attempts can be successfully identified. It has also been discovered that the accuracy performance can be increased by combining different feature data types and by increasing the input string length.

The novel contributions of this paper are twofold. Firstly, it describes how a comprehensive experiment is set up to collect touch dynamics biometrics data, and the set of collected data is being made publically available, which may facilitate further research in the problem domain. Secondly, the paper demonstrates how the data set may be used to strengthen the protection of resources that are accessible via mobile devices.

This paper aims at providing a comparative analysis of the existing protocols that address the security issues in the Future Internet (FI) and also to introduce a Collaborative Mutual Identity Establishment (CMIE) scheme which adopts the elliptical curve cryptography (ECC), to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as denial-of-service (DoS) and replay attack.

This paper provides a comparative analysis of the existing protocols that address the security issues in the FI and also provides a CMIE scheme, by adopting the ECC and digital signature verification mechanism, to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as DoS and replay attack. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI. Further, the algorithm is evaluated against Automated Validation of Internet Security Protocols and Application (AVISPA) tool to verify the security solutions that the CMIE scheme has claimed to address to have been effectively achieved in reality.

The algorithm is evaluated against AVISPA tool to verify the security solutions that the CMIE scheme has claimed to address and proved to have been effectively achieved in reality. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI.

Considering the Internet of Things (IoT) scenario, another important aspect that is the device-to-location (D2L) aspect has not been considered in this protocol. Major focus of the protocol is centered around the device-to-device (D2D) and device-to-server (D2S) scenarios. Also, IoT basically works upon a confluence of hundreds for protocols that support the achievement of various factors in the IoT, for example Data Distribution Service, Message Queue Telemetry Transport, Extensible Messaging and Presence Protocol, Constrained Application Protocol (CoAP) and so on. Interoperability of the proposed CMIE algorithm with the existing protocols has to be considered to establish a complete model that fits the FI. Further, each request for mutual authentication requires a querying of the database and a computation at each of the participating entities side for verification which could take considerable amount of time. However, for applications that require firm authentication for maintaining and ensuring secure interactions between entities prior to access control and initiation of actual transfer of sensitive information, the negligible difference in computation time can be ignored for the greater benefit that comes with stronger security. Other factors such as quality of service (QoS) (i.e. flexibility of data delivery, resource usage and timing), key management and distribution also need to be considered. However, the user still has the responsibility to choose the required protocol that suits one’s application and serves the purpose.

The originality of the work lies in adopting the ECC and digital signature verification mechanism to develop a new scheme that ensures mutual authentication between participating entities in the FI based upon certain user information such as identities. ECC provides efficiency in terms of key size generated and security against main-in-middle attack. The proposed scheme provides secured interactions between devices/entities in the FI.

Security technology on mobile devices is increasingly more important as smartphones are becoming more versatile and, thus, store more sensitive information. Among the three indispensable factors of owner authentication technologies on mobile devices, security, usability and system efficiency, usability is considered the key factor. This paper aims to challenge the limits of usability on mobile device authentication technology with respect to input size.

This paper introduces one tap authentication as a novel authentication method on mobile devices. A user just has to tap the screen of a smartphone once, and he or she will be authenticated.

One tap authentication is proven possible in this paper. The average equal error rate among 10 owners against 25 unauthorized users is as low as 3.8.

This paper focuses on verifying the possibility on one tap authentication. However, the application to various environments, such as when standing or walking or on a train, is not explored.

This research explores tap authentication with a single tap for the first time in the field. To the best of the authors’ knowledge, the minimum number of taps required in tap authentication has been 4.

User authentication is generally used to protect personal information such as phone numbers, photos and account information stored in a mobile device by limiting the user to a specific person, e.g. the owner of the device. Authentication methods with password, PIN, face recognition and fingerprint identification have been widely used; however, these methods have problems of difficulty in one-handed operation, vulnerability to shoulder hacking and illegal access using fingerprint with either super glue or facial portrait. From viewpoints of usability and safety, strong and uncomplicated method is required.

In this paper, a user authentication method is proposed based on grip gestures using pressure sensors mounted on the lateral and back sides of a mobile phone. Grip gesture is an operation of grasping a mobile phone, which is assumed to be done instead of conventional unlock procedure. Grip gesture can be performed with one hand. Moreover, it is hard to imitate grip gestures, as finger movements and grip force during a grip gesture are hardly seen by the others.

The feature values of grip force are experimentally investigated and the proposed method from viewpoint of error rate is evaluated. From the result, this method achieved 0.02 of equal error rate, which is equivalent to face recognition.

Many researches using pressure sensors to recognize grip pattern have been proposed thus far; however, the conventional works just recognize grip patterns and do not identify users, or need long pressure data to finish confident authentication. This proposed method authenticates users with a short grip gesture.

Banking traces back to 2000 BC in Assyria, India and Sumeria. Merchants used to give grain loans to farmers and traders to carry goods between cities. In ancient Greece and Roman Empire, lenders in temples, provided loans, and accepted deposits while performed change of money. The archaeological evidence uncovered in India and China corroborates this. The major development in banking came predominantly in the mediaeval, Renaissance Italy, with the major cities Florence, Venice and Genoa being the financial centres. Technology has become an inherent and integral part of our lives. We are generating a huge amount of data in transfer, storage and usage, with greater demands of ubiquitous accessibility, inducing an enormous impact on industry and society. With the emergence of smarter cities and societies, the security challenges pertinent to data become greater, impending impact on the consumer protection and security. The aim of this chapter is to highlight if SSI and passwordless authentication using FIDO-2 protocol assuage security concerns such as authentication and authorisation while preserving the individual's privacy.

In this paper, we present Dynamic Re‐keying with Key Hopping (DRKH) encryption protocol that uses RC4 encryption technique to ensure a strong security level with the advantage of low execution cost compared to other IEEE 802.11 security schemes. Low computational complexity makes DRKH suitable for solar‐ and battery‐powered handheld devices such as nodes in Solar ESS (Extended Service Set) and wireless sensor networks. Our design goal is to eventually integrate DRKH with different emerging wireless technologies. However, in this paper, we will focus on the integration of DRKH with 802.11 standard since it is the most widely deployed wireless technology. The results and analysis show that DRKH overcomes all the security threats with Wired Equivalent Privacy (WEP) protocol while consuming a much lower power than WEP, Wi‐Fi Protected Access (WPA) 1.0 and WPA 2.0.

Ever since Mark Weiser coined the term “ubiquitous computing” (ubicomp) in 1988, there has been a general interest in proposing various solutions that would support his vision. However, attacks targeting devices and services of a ubicomp environment have demonstrated not only different privacy issues, but also a risk of endangering user’s life (e.g. by modifying medical sensor readings). Thus, the aim of this paper is to provide a comprehensive overview of security challenges of ubicomp environments and the corresponding countermeasures proposed over the past decade.

The results of this paper are based on a literature review method originally used in evidence-based medicine called systematic literature review (SLR), which identifies, filters, classifies and summarizes the findings.

Starting from the bibliometric results that clearly show an increasing interest in the topic of ubicomp security worldwide, the findings reveal specific types of attacks and vulnerabilities that have motivated the research over the past decade. This review describes most commonly proposed countermeasures – context-aware access control and authentication mechanisms, cryptographic protocols that account for device’s resource constraints, privacy-preserving mechanisms, and trust mechanisms for wireless ad hoc and sensor networks.

To the best of our knowledge, this is the first SLR on security challenges in ubicomp. The findings should serve as a reference to an extensive list of scientific contributions, as well as a guiding point for the researchers’ novel to the security research in ubicomp.

This paper aims to propose that more useful novel schemes could develop from a more principled examination and application of promising authentication features. Text passwords persist despite several decades of evidence of their security and usability challenges. It seems extremely unlikely that a single scheme will globally replace text passwords, suggesting that a diverse ecosystem of multiple authentication schemes designed for specific environments is needed. Authentication scheme research has thus far proceeded in an unstructured manner.

This paper presents the User-Centred Authentication Feature Framework, a conceptual framework that classifies the various features that knowledge-based authentication schemes may support. This framework can used by researchers when designing, comparing and innovating authentication schemes, as well as administrators and users, who can use the framework to identify desirable features in schemes available for selection.

This paper illustrates how the framework can be used by demonstrating its applicability to several authentication schemes, and by briefly discussing the development and user testing of two framework-inspired schemes: Persuasive Text Passwords and Cued Gaze-Points.

This framework is intended to support the increasingly diverse ecosystem of authentication schemes by providing authentication researchers, professionals and users with the increased ability to design, develop and select authentication schemes better suited for particular applications, environments and contexts.

The purpose of this paper is to provide an in-depth overview of the security requirements and challenges for Internet of Things (IoT) and discuss security solutions for various enabling technologies and implications to various applications.

Security requirements and solutions are analysed based on a four-layer framework of IoT on sensing layer, network layer, service layer, and application layer. The cross-layer threats are analysed followed by the security discussion for the enabling technologies including identification and tracking technologies, WSN and RFID, communication, networks, and service management.

IoT calls for new security infrastructure based on the new technical standards. As a consequence, new security design for IoT shall pay attention to these new standards. Security at both the physical devices and service-applications is critical to the operation of IoT, which is indispensable for the success of IoT. Open problems remain in a number of areas, such as security and privacy protection, network protocols, standardization, identity management, trusted architecture, etc.

The implications to various applications including supervisory control and data acquisition, enterprise systems, social IoT are discussed. The paper will serve as a starting point for future IoT security design and management. The security strategies for IoT should be carefully designed by managing the tradeoffs among security, privacy, and utility to provide security in multi-layer architecture of IoT.

The paper synthesizes the current security requirements for IoT and provides a clear framework of security infrastructure based on four layers. Accordingly, the security requirements and potential threats in the four-layer architecture are provided in terms of general devices security, communication security, network security, and application security.

Any node in a mobile ad hoc network (MANET) can act as a host or router at any time and so, the nodes in the MANET are vulnerable to many types of attacks. Sybil attack is one of the harmful attacks in the MANET, which produces fake identities similar to legitimate nodes in the network. It is a serious threat to the MANET when a malicious node uses the fake identities to enter the network illegally.

A MANET is an independent collection of mobile nodes that form a temporary or arbitrary network without any fixed infrastructure. The nodes in the MANET lack centralized administration to manage the network and change their links to other devices frequently.

So for securing a MANET, an approach based on biometric authentication can be used. The multimodal biometric technology has been providing some more potential solutions for the user to be able to devise an authentication in MANETs of high security.

The Sybil detection approach, which is based on the received signal strength indicator (RSSI) variations, permits the node to be able to verify the authenticity of communicating nodes in accordance with their localizations.

As the MANET node suffers from a low level of memory and power of computation, there is a novel technique of feature extraction that is proposed for the multimodal biometrics that makes use of palm prints that are based on a charge-coupled device and fingerprints, along with the features that are fused.

This paper proposes an RSSI-based multimodal biometric solution to detect Sybil attack in MANETs.

The results of the experiment have indicated that this method has achieved a performance which is better compared to that of the other methods.