257 resultados para Authentication
Resumo:
A novel and fast technique for cryptographic applications is designed and developed using the symmetric key algorithm “MAJE4” and the popular asymmetric key algorithm “RSA”. The MAJE4 algorithm is used for encryption / decryption of files since it is much faster and occupies less memory than RSA. The RSA algorithm is used to solve the problem of key exchange as well as to accomplish scalability and message authentication. The focus is to develop a new hybrid system called MARS4 by combining the two cryptographic methods with an aim to get the advantages of both. The performance evaluation of MARS4 is done in comparison with MAJE4 and RSA.
Resumo:
Now a days, email has become the most widely communication way in daily life. The main reason for using email is probably because of the convenience and speed in which it can be transmitted irrespective of geographical distances. To improve security and efficiency of email system, most of the email system adopt PKI and IBE encryption schemes. However, both PKI and IBE encryption schemes have their own shortcomings and consequently bring security issues to email systems. This paper proposes a new secure email system based on IBE which combines finger print authentication and proxy service for encryption and decryption
Resumo:
Fingerprint based authentication systems are one of the cost-effective biometric authentication techniques employed for personal identification. As the data base population increases, fast identification/recognition algorithms are required with high accuracy. Accuracy can be increased using multimodal evidences collected by multiple biometric traits. In this work, consecutive fingerprint images are taken, global singularities are located using directional field strength and their local orientation vector is formulated with respect to the base line of the finger. Feature level fusion is carried out and a 32 element feature template is obtained. A matching score is formulated for the identification and 100% accuracy was obtained for a database of 300 persons. The polygonal feature vector helps to reduce the size of the feature database from the present 70-100 minutiae features to just 32 features and also a lower matching threshold can be fixed compared to single finger based identification
Resumo:
Bildbasierte Authentifizierung und Verschlüsselung: Identitätsbasierte Kryptographie (oft auch identity Based Encryption, IBE) ist eine Variation der asymmetrischen Schlüsselverfahren, bei der der öffentliche Schlüssel des Anwenders eine beliebig wählbare Zeichenfolge sein darf, die dem Besitzer offensichtlich zugeordnet werden kann. Adi Shamir stellte 1984 zunächst ein solches Signatursystem vor. In der Literatur wird dabei als öffentlicher Schlüssel meist die Email-Adresse oder eine Sozialversicherungsnummer genannt. Der Preis für die freie Schlüsselwahl ist die Einbeziehung eines vertrauenswürdigen Dritten, genannt Private Key Generator, der mit seinem privaten Generalschlüssel den privaten Schlüssel des Antragstellers generiert. Mit der Arbeit von Boneh und Franklin 2001 zum Einsatz der Weil-Paarbildung über elliptischen Kurven wurde IBE auf eine sichere und praktikable Grundlage gestellt. In dieser Arbeit wird nach einer allgemeinen Übersicht über Probleme und Lösungsmöglichkeiten für Authentifizierungsaufgaben im zweiten Teil als neue Idee der Einsatz eines Bildes des Anwenders als öffentlicher Schlüssel vorgeschlagen. Dazu wird der Ablauf der Schlüsselausgabe, die Bestellung einer Dienstleistung, z. B. die Ausstellung einer personengebundenen Fahrkarte, sowie deren Kontrolle dargestellt. Letztere kann offline auf dem Gerät des Kontrolleurs erfolgen, wobei Ticket und Bild auf dem Handy des Kunden bereitliegen. Insgesamt eröffnet sich dadurch die Möglichkeit einer Authentifizierung ohne weitere Preisgabe einer Identität, wenn man davon ausgeht, dass das Bild einer Person angesichts allgegenwärtiger Kameras sowieso öffentlich ist. Die Praktikabilität wird mit einer Implementierung auf der Basis des IBE-JCA Providers der National University of Ireland in Maynooth demonstriert und liefert auch Aufschluss auf das in der Praxis zu erwartende Laufzeitverhalten.
Resumo:
Abstract Passwords are the most common form of authentication, and most of us will have to log in to several accounts every day which require passwords. Unfortunately, passwords often do not do a good job of proving who we are, and come with a host of usability problems. Probably the only reason that passwords still exist is that there often isn't a better alternative, so we are likely to be stuck with them for the foreseeable future. Password cracking has been a problem for years, and becomes more problematic as computer become more powerful and attackers get a better idea of the sort of passwords people use. This presentation will look at two free password cracking tools: Hashcat and John the Ripper, and how even a non-expert on a laptop (i.e. me) can use them effectively. An introduction to some of the research surrounding the economics and usability of passwords will also be discussed. Note that the speaker is not an expert in this area, so it will be a fairly informal since I'm sure you're all tired after a long term.
Resumo:
Cross-contamination between cell lines is a longstanding and frequent cause of scientific misrepresentation. Estimates from national testing services indicate that up to 36% of cell lines are of a different origin or species to that claimed. To test a standard method of cell line authentication, 253 human cell lines from banks and research institutes worldwide were analyzed by short tandem repeat profiling. The short tandem repeat profile is a simple numerical code that is reproducible between laboratories, is inexpensive, and can provide an international reference standard for every cell line. If DNA profiling of cell lines is accepted and demanded internationally, scientific misrepresentation because of cross-contamination can be largely eliminated.
Resumo:
The Universal Serial Bus (USB) is an extremely popular interface standard for computer peripheral connections and is widely used in consumer Mass Storage Devices (MSDs). While current consumer USB MSDs provide relatively high transmission speed and are convenient to carry, the use of USB MSDs has been prohibited in many commercial and everyday environments primarily due to security concerns. Security protocols have been previously proposed and a recent approach for the USB MSDs is to utilize multi-factor authentication. This paper proposes significant enhancements to the three-factor control protocol that now makes it secure under many types of attacks including the password guessing attack, the denial-of-service attack, and the replay attack. The proposed solution is presented with a rigorous security analysis and practical computational cost analysis to demonstrate the usefulness of this new security protocol for consumer USB MSDs.
Resumo:
Electrochromic devices (ECD) are systems of considerable commercial interest due to their controllable transmission, absorption and/or reflectance. For instance, these devices are mainly applied to glare attenuation in automobile rearview mirrors and also in some smart windows that can regulate the solar gains of buildings. Other possible applications of ECDs include solar cells, small-and large-area flat panel displays, frozen food monitoring and document authentication also are of great interest. Over the past 20 years almost 1000 patents and 1500 papers in journals and proceedings have been published with the keyword ""electrochromic windows"". Most of these documents report on materials for electrochromic devices and only some of them about complete systems. This paper describes the first patents and some of the recent ones on ECDs, whose development is possible due to the advances in nanotechnology.
Resumo:
The ever increasing spurt in digital crimes such as image manipulation, image tampering, signature forgery, image forgery, illegal transaction, etc. have hard pressed the demand to combat these forms of criminal activities. In this direction, biometrics - the computer-based validation of a persons' identity is becoming more and more essential particularly for high security systems. The essence of biometrics is the measurement of person’s physiological or behavioral characteristics, it enables authentication of a person’s identity. Biometric-based authentication is also becoming increasingly important in computer-based applications because the amount of sensitive data stored in such systems is growing. The new demands of biometric systems are robustness, high recognition rates, capability to handle imprecision, uncertainties of non-statistical kind and magnanimous flexibility. It is exactly here that, the role of soft computing techniques comes to play. The main aim of this write-up is to present a pragmatic view on applications of soft computing techniques in biometrics and to analyze its impact. It is found that soft computing has already made inroads in terms of individual methods or in combination. Applications of varieties of neural networks top the list followed by fuzzy logic and evolutionary algorithms. In a nutshell, the soft computing paradigms are used for biometric tasks such as feature extraction, dimensionality reduction, pattern identification, pattern mapping and the like.
Resumo:
A área de Detecção de Intrusão, apesar de muito pesquisada, não responde a alguns problemas reais como níveis de ataques, dim ensão e complexidade de redes, tolerância a falhas, autenticação e privacidade, interoperabilidade e padronização. Uma pesquisa no Instituto de Informática da UFRGS, mais especificamente no Grupo de Segurança (GSEG), visa desenvolver um Sistema de Detecção de Intrusão Distribuído e com características de tolerância a falhas. Este projeto, denominado Asgaard, é a idealização de um sistema cujo objetivo não se restringe apenas a ser mais uma ferramenta de Detecção de Intrusão, mas uma plataforma que possibilite agregar novos módulos e técnicas, sendo um avanço em relação a outros Sistemas de Detecção atualmente em desenvolvimento. Um tópico ainda não abordado neste projeto seria a detecção de sniffers na rede, vindo a ser uma forma de prevenir que um ataque prossiga em outras estações ou redes interconectadas, desde que um intruso normalmente instala um sniffer após um ataque bem sucedido. Este trabalho discute as técnicas de detecção de sniffers, seus cenários, bem como avalia o uso destas técnicas em uma rede local. As técnicas conhecidas são testadas em um ambiente com diferentes sistemas operacionais, como linux e windows, mapeando os resultados sobre a eficiência das mesmas em condições diversas.
Resumo:
The present study of case empirically investigates the existence of indicators that suggest the social exclusion preoccupation from the organizations with a strategic management of human resources focus. The objects of study are two subsidiaries of a multinational enterprise in emergency and first-aid services area. One of them is Portuguese and the other is a Brazilian one. This exploratory research has used a sectional way with a longitudinal perspective, since it has considered a specific verified data referring to 2004 and 2005 years, beyond the deeper interviews with actual managers to an evaluation of these studied perception and its authentication. Our indicators identification sources were principally the individual and social rights and duties broaching and the fundamental guarantees disposed in the Brazilian and Portuguese Constitutions as such as the European Constitution project. The results appoint to great differences of management between both subsidiaries, being the Brazilian one closer to our research proposes, as such as suggest us that the human resource areas, still acting in an instrumentalist way, establish a great barrier to better practices in social inclusion and they would be unprepared for a management with the focus in the employees. Although our study has been realized in a specific activity enterprise, we believe that our results can stimulate the realization of other investigations with the same objectives. In this way, we contribute to a better comprehension of the social exclusion causes and the organizations participations in this process.
Resumo:
Em compras realizadas pela internet ou televendas com cartões de crédito, em muitos países como Brasil e EUA, não há apresentação física do cartão em nenhum momento da compra ou entrega da mercadoria ou serviço, tampouco são populares mecanismos como senhas que assegurem a autenticidade do cartão e seu portador. Ao mesmo tempo, a responsabilidade por assumir os custos nessas transações é dos lojistas. Em todos os estudos anteriores presentes na literatura, a detecção de fraudes com cartões de crédito não abrangia somente esses canais nem focava a detecção nos principais interessados nela, os lojistas. Este trabalho apresenta os resultados da utilização de cinco das técnicas de modelagem mais citadas na literatura e analisa o poder do compartilhamento de dados ao comparar os resultados dos modelos quando processados apenas sobre a base da loja ou com ela compartilhando dados com outros lojistas.
Resumo:
This project describes an authentication technique that is shoulder-surfing resistant. Shoulder surfing is an attack in which an attacker can get access to private information by observing the user’s interaction with a terminal, or by using recording tools to record the user interaction and study the obtained data, with the objective of obtaining unauthorized access to a target user’s personal information. The technique described here relies on gestural analysis coupled with a secondary channel of authentication that uses button pressing. The thesis presents and evaluates multiple alternative algorithms for gesture analysis, and furthermore assesses the effectiveness of the technique.
