Design of User Authentication System for Multi-operator wireless LANs

Langattomat lähiverkot ovat viime vuosikymmeninä saavuttaneet suuren suosion. Tässä työssä käsitellään käyttäjien todentamisjärjestelmän suunnittelua ja kehitystä langattomaan monioperaattoriverkkoon. Langattomassa monioperaattoriverkossa käyttäjillä on mahdollisuus käyttää eri operaattoreiden palveluita. Aluksi käsitellään olemassa olevia todentamismenetelmiä ja -järjestelmiä. minkä jälkeen kuvaillaan todentamisjärjestelmä langattomille monioperaattoriverkoille. Todentamisjärjestelmän ratkaisuvaihtoehtoja esitellään kaksi, niin sanotut moni- istunto - ja yksittäisistuntomalli. Moni-istuntomalli on normaali lähestymistapa käyttäjien todentamiseen tietokonejärjestelmissä. Siinä käyttäjän pitää tunnistautua ja todentaa itsensä jokaiselle verkon palvelulle erikseen. Yksittäisistuntomallissa pyritään parempaan luotettavuuteen ja käytettävyyteen. Siinä käyttäjä todentaa itsensä vain kerran ja voi sen jälkeen päästä useisiin palveluihin. Työn loppuosassa kuvaillaan suunnitellun järjestelmän toteutusta. Lisäksi ehdotetaan vaihtoehtoisia toteutustapoja, analysoidaan järjestelmän heikkouksia ja kerrotaan jatkokehitysmahdoillisuuksista.

OpenGId : Un servidor OpenID de autenticación gráfica

El presente trabajo propone el uso de autenticación por tercera parte, para centralizar el proceso de autenticación y utilizar solo una contraseña para acceder a los distintos servicios y propone también el uso de contraseñas gráficas, para crear contraseñas robustas y fácilmente recordables.

Security Authentication using Phase-Encoded Nanoparticle Structures and Polarized Light

Phase encoded nano structures such as Quick Response (QR) codes made of metallic nanoparticles are suggested to be used in security and authentication applications. We present a polarimetric optical method able to authenticate random phase encoded QR codes. The system is illuminated using polarized light and the QR code is encoded using a phase-only random mask. Using classification algorithms it is possible to validate the QR code from the examination of the polarimetric signature of the speckle pattern. We used Kolmogorov-Smirnov statistical test and Support Vector Machine algorithms to authenticate the phase encoded QR codes using polarimetric signatures.

Authentication and authorization service for a community network

Wireless community networks became popular in uniting people with common interests. This thesis presents authentication and authorization service for a wireless community network using captive portal approach including ability to authenticate clients from associated networks thereby combining multiple communities in a syndicate. The system is designed and implemented to be reliable, scalable and flexible. Moreover, the result includes software management system, which automatically performs software updates at network’s access points. Future development of the system can be concentrated on an improvement of the software management system.

Organic chicken product authentication: state-of-the-art and future perspectives

Organic food products are highly susceptible to fraud. Currently, administrative controls are conducted to detect fraud, but having an analytical tool able to verify the organic identity of food would be very supportive. The state-of-the-art in food authentication relies on fingerprinting approaches that find characteristic analytical patterns to unequivocally identify authentic products. While wide research on authentication has been conducted for other commodities, the authentication of organic chicken products is still in its infancy. Challenges include finding fingerprints to discriminate organic from conventional products, and recruiting sample sets that cover natural variability. Future research might be oriented towards developing new authentication models for organic feed, eggs and chicken meat, keeping models updated and implementing them into regulations. Meanwhile, these models might be very supportive to the administrative controls directing inspections towards suspicious fraudulent samples.

Proximity Based Authentication in IoT

IoT consists of essentially thousands of tiny sensor nodes interconnected to the internet, each one of which executes the programmed functions under memory and power limita- tions. The sensor nodes are distributed mainly for gathering data in various situations. IoT envisions the future technologies such as e-health, smart city, auto-mobiles automa- tion, construction sites automation, and smart home. Secure communication of data under memory and energy constraints is major challenge in IoT. Authentication is the first and important phase of secure communication. This study presents a protocol to authenticate resource constraint devices in physical proximity by solely using the shared wireless communication interfaces. This model of authentication only relies on the abundance of ambient radio signals to authenticate in less than a second. To evaluate the designed protocol, SkyMotes are emulated in a network environment simulated by Contiki/COOJA. Results presented during this study proves that this approach is immune against passive and active attacks. An adversary located as near as two meters can be identified in less than a second with minimal expense of energy. Since, only radio device is used as required hardware for the authentication, this technique is scalable and interoperable to heterogeneous nature of IoT.

Use of Novel Algorithms MAJE4 and MACJER-320 for Achieving Confidentiality and Message Authentication in SSL & TLS

Extensive use of the Internet coupled with the marvelous growth in e-commerce and m-commerce has created a huge demand for information security. The Secure Socket Layer (SSL) protocol is the most widely used security protocol in the Internet which meets this demand. It provides protection against eaves droppings, tampering and forgery. The cryptographic algorithms RC4 and HMAC have been in use for achieving security services like confidentiality and authentication in the SSL. But recent attacks against RC4 and HMAC have raised questions in the confidence on these algorithms. Hence two novel cryptographic algorithms MAJE4 and MACJER-320 have been proposed as substitutes for them. The focus of this work is to demonstrate the performance of these new algorithms and suggest them as dependable alternatives to satisfy the need of security services in SSL. The performance evaluation has been done by using practical implementation method.

Development of a Biometric Personal Authentication System Based on Fingerprint and Speech

Biometrics deals with the physiological and behavioral characteristics of an individual to establish identity. Fingerprint based authentication is the most advanced biometric authentication technology. The minutiae based fingerprint identification method offer reasonable identification rate. The feature minutiae map consists of about 70-100 minutia points and matching accuracy is dropping down while the size of database is growing up. Hence it is inevitable to make the size of the fingerprint feature code to be as smaller as possible so that identification may be much easier. In this research, a novel global singularity based fingerprint representation is proposed. Fingerprint baseline, which is the line between distal and intermediate phalangeal joint line in the fingerprint, is taken as the reference line. A polygon is formed with the singularities and the fingerprint baseline. The feature vectors are the polygonal angle, sides, area, type and the ridge counts in between the singularities. 100% recognition rate is achieved in this method. The method is compared with the conventional minutiae based recognition method in terms of computation time, receiver operator characteristics (ROC) and the feature vector length. Speech is a behavioural biometric modality and can be used for identification of a speaker. In this work, MFCC of text dependant speeches are computed and clustered using k-means algorithm. A backpropagation based Artificial Neural Network is trained to identify the clustered speech code. The performance of the neural network classifier is compared with the VQ based Euclidean minimum classifier. Biometric systems that use a single modality are usually affected by problems like noisy sensor data, non-universality and/or lack of distinctiveness of the biometric trait, unacceptable error rates, and spoof attacks. Multifinger feature level fusion based fingerprint recognition is developed and the performances are measured in terms of the ROC curve. Score level fusion of fingerprint and speech based recognition system is done and 100% accuracy is achieved for a considerable range of matching threshold

Use of Novel Algorithms MAJE4 and MACJER-320 for Achieving Confidentiality and Message Authentication in SSL & TLS.

Extensive use of the Internet coupled with the marvelous growth in e-commerce and m-commerce has created a huge demand for information security. The Secure Socket Layer (SSL) protocol is the most widely used security protocol in the Internet which meets this demand. It provides protection against eaves droppings, tampering and forgery. The cryptographic algorithms RC4 and HMAC have been in use for achieving security services like confidentiality and authentication in the SSL. But recent attacks against RC4 and HMAC have raised questions in the confidence on these algorithms. Hence two novel cryptographic algorithms MAJE4 and MACJER-320 have been proposed as substitutes for them. The focus of this work is to demonstrate the performance of these new algorithms and suggest them as dependable alternatives to satisfy the need of security services in SSL. The performance evaluation has been done by using practical implementation method.

Improved Biometric Authentication System Using Multimodal Cue Integration

Biometrics is an efficient technology with great possibilities in the area of security system development for official and commercial applications. The biometrics has recently become a significant part of any efficient person authentication solution. The advantage of using biometric traits is that they cannot be stolen, shared or even forgotten. The thesis addresses one of the emerging topics in Authentication System, viz., the implementation of Improved Biometric Authentication System using Multimodal Cue Integration, as the operator assisted identification turns out to be tedious, laborious and time consuming. In order to derive the best performance for the authentication system, an appropriate feature selection criteria has been evolved. It has been seen that the selection of too many features lead to the deterioration in the authentication performance and efficiency. In the work reported in this thesis, various judiciously chosen components of the biometric traits and their feature vectors are used for realizing the newly proposed Biometric Authentication System using Multimodal Cue Integration. The feature vectors so generated from the noisy biometric traits is compared with the feature vectors available in the knowledge base and the most matching pattern is identified for the purpose of user authentication. In an attempt to improve the success rate of the Feature Vector based authentication system, the proposed system has been augmented with the user dependent weighted fusion technique.

INFO6003 Network Security: WLAN authentication and roaming

Describes different approaches to authentication for wireless networks, and the evolution of eduroam

Mac Printing Password update (workaround)

Quick video for iSolutions to sanity check workaround as all staff will be asked to change network passwords which could have a major affecting on staff authenticating to network printers from a Mac. If good can be used by Serviceline. Do not Contact Adam Procter about this

Behaviour-based authentication in the built enviromnent

This paper proposes a novel method of authentication of users in secure buildings. The main objective is to investigate whether user actions in the built environment can produce consistent behavioural signatures upon which a building intrusion detection system could be based. In the process three behavioural expressions were discovered: time-invariant, co-dependent and idiosyncratic.

User-friendly free-text keystroke dynamics authentication for practical applications

This paper introduces a novel approach for free-text keystroke dynamics authentication which incorporates the use of the keyboard’s key-layout. The method extracts timing features from specific key-pairs. The Euclidean distance is then utilized to find the level of similarity between a user’s profile data and his/her test data. The results obtained from this method are reasonable for free-text authentication while maintaining the maximum level of user relaxation. Moreover, it has been proven in this study that flight time yields better authentication results when compared with dwell time. In particular, the results were obtained with only one training sample for the purpose of practicality and ease of real life application.

Enhanced three-factor security protocol for consumer USB mass storage devices

The Universal Serial Bus (USB) is an extremely popular interface standard for computer peripheral connections and is widely used in consumer Mass Storage Devices (MSDs). While current consumer USB MSDs provide relatively high transmission speed and are convenient to carry, the use of USB MSDs has been prohibited in many commercial and everyday environments primarily due to security concerns. Security protocols have been previously proposed and a recent approach for the USB MSDs is to utilize multi-factor authentication. This paper proposes significant enhancements to the three-factor control protocol that now makes it secure under many types of attacks including the password guessing attack, the denial-of-service attack, and the replay attack. The proposed solution is presented with a rigorous security analysis and practical computational cost analysis to demonstrate the usefulness of this new security protocol for consumer USB MSDs.