987 resultados para Password-based authentication
Resumo:
Kerberos是一个成熟的产品,广泛应用于金融、邮电、保险等行业.但仍存在一些隐患,例如:重放攻击、密码猜测、会话中选择明文攻击等等.该文针对Kerberos系统登录时可能遭到密码猜测,即所谓的离线字典攻击(Off line Dictionary Attack)的问题,提出一种基于椭圆曲线的零知识证明方法对系统进行改进,并给出相应的协议.
Resumo:
Swertia mussotii is an important species in Tibetan folk medicine. However, it is quite expensive and frequently adulterated, so reliable methods for authentication of putative specimens and preparations of the species are needed to protect consumers and to support conservation measures. We show here that the chloroplast (cp) DNA rpl16 intron has limited utility for differentiating S. mussotii from closely related species, since the cpDNA rpl16 sequences are identical in S. mussotii and two other species of Swertia. However, the rDNA internal transcribed spacer (ITS) sequences differ significantly between S. mussotii and all of 13 tested potential adulterants. Thus, the ITS region provides a robust molecular marker for differentiating the medicinal S. mussotii from related adulterants. Therefore, a pair of allele-specific diagnostic primers based on the divergent ITS region was designed to distinguish S. mussotii from the other species. Authentication by allele-specific diagnostic PCR using these primers is convenient, effective and both simpler and less time-consuming than sequencing the ITS region.
Resumo:
Analysis of the generic attacks and countermeasures for block cipher based message authentication code algorithms (MAC) in sensor applications is undertaken; the conclusions are used in the design of two new MAC constructs Quicker Block Chaining MAC1 (QBC-MAC1) and Quicker Block Chaining MAC2 (QBC-MAC2). Using software simulation we show that our new constructs point to improvements in usage of CPU instruction clock cycle and energy requirement when benchmarked against the de facto Cipher Block Chaining MAC (CBC-MAC) based construct used in the TinySec security protocol for wireless sensor networks.
Resumo:
Goats’ milk is responsible for unique traditional products such as Halloumi cheese. The characteristics of Halloumi depend on the original features of the milk and on the conditions under which the milk has been produced such as feeding regime of the animals or region of production. Using a range of milk (33) and Halloumi (33) samples collected over a year from three different locations in Cyprus (A, Anogyra; K, Kofinou; P, Paphos), the potential for fingerprint VOC analysis as marker to authenticate Halloumi was investigated. This unique set up consists of an in-injector thermo desorption (VOCtrap needle) and a chromatofocusing system based on mass spectrometry (VOCscanner). The mass spectra of all the analyzed samples are treated by multivariate analysis (Principle component analysis and Discriminant functions analysis). Results showed that the highland area of product (P) is clearly identified in milks produced (discriminant score 67%). It is interesting to note that the higher similitude found on milks from regions “A” and “K” (with P being distractive; discriminant score 80%) are not ‘carried over’ on the cheeses (higher similitude between regions “A” and “P”, with “K” distinctive). Data have been broken down into three seasons. Similarly, the seasonality differences observed in different milks are not necessarily reported on the produced cheeses. This is expected due to the different VOC signatures developed in cheeses as part of the numerous biochemical changes during its elaboration compared to milk. VOC however it is an additional analytical tool that can aid in the identification of region origin in dairy products.
Resumo:
Physically Unclonable Functions (PUFs), exploit inherent manufacturing variations and present a promising solution for hardware security. They can be used for key storage, authentication and ID generations. Low power cryptographic design is also very important for security applications. However, research to date on digital PUF designs, such as Arbiter PUFs and RO PUFs, is not very efficient. These PUF designs are difficult to implement on Field Programmable Gate Arrays (FPGAs) or consume many FPGA hardware resources. In previous work, a new and efficient PUF identification generator was presented for FPGA. The PUF identification generator is designed to fit in a single slice per response bit by using a 1-bit PUF identification generator cell formed as a hard-macro. In this work, we propose an ultra-compact PUF identification generator design. It is implemented on ten low-cost Xilinx Spartan-6 FPGA LX9 microboards. The resource utilization is only 2.23%, which, to the best of the authors' knowledge, is the most compact and robust FPGA-based PUF identification generator design reported to date. This PUF identification generator delivers a stable range of uniqueness of around 50% and good reliability between 85% and 100%.
Resumo:
In order to protect user privacy on mobile devices, an event-driven implicit authentication scheme is proposed in this paper. Several methods of utilizing the scheme for recognizing legitimate user behavior are investigated. The investigated methods compute an aggregate score and a threshold in real-time to determine the trust level of the current user using real data derived from user interaction with the device. The proposed scheme is designed to: operate completely in the background, require minimal training period, enable high user recognition rate for implicit authentication, and prompt detection of abnormal activity that can be used to trigger explicitly authenticated access control. In this paper, we investigate threshold computation through standard deviation and EWMA (exponentially weighted moving average) based algorithms. The result of extensive experiments on user data collected over a period of several weeks from an Android phone indicates that our proposed approach is feasible and effective for lightweight real-time implicit authentication on mobile smartphones.
Resumo:
It is difficult to get the decision about an opinion after many users get the meeting in same place. It used to spend too much time in order to find solve some problem because of the various opinions of each other. TAmI (Group Decision Making Toolkit) is the System to Group Decision in Ambient Intelligence [1]. This program was composed with IGATA [2], WebMeeting and the related Database system. But, because it is sent without any encryption in IP / Password, it can be opened to attacker. They can use the IP / Password to the bad purpose. As the result, although they make the wrong result, the joined member can’t know them. Therefore, in this paper, we studied the applying method of user’s authentication into TAmI.
Resumo:
Trabalho de Projeto realizado para obtenção do grau de Mestre em Engenharia Informática e de Computadores
Resumo:
Atualmente a popularidade das comunicações Wi-Fi tem crescido, os utilizadores acedem a partir de vários dispositivos como telemóveis, tablets, computadores portáteis sendo estes utilizados por qualquer pessoa nos mais variados locais. Com esta utilização massiva por parte dos utilizadores surgiram os hotspots Wi-Fi públicos (em aeroportos, estações de comboios, etc) que permitem a ligação de clientes recorrendo a ligações wireless não seguras (ou abertas). Tais hotspots utilizam, após a ligação de um cliente, um captive portal que captura o tráfego IP com origem no cliente e o redireciona para uma página Web de entrada. A página Web permite ao cliente comprar tempo de acesso à Internet ou, caso já seja um cliente da empresa, autenticar-se para ter acesso à Internet. A necessidade da ligação aberta assenta na possibilidade do operador do hotspot vender acesso à Internet a utilizadores não conhecidos (caso contrário teria de fornecerlhes uma senha previamente). No entanto, fornecer um acesso à Internet wireless sem qualquer tipo de segurança ao nível físico permite que qualquer outro utilizador consiga obter informação sobre a navegação Web dos utilizadores ligados (ex.: escuta de pedidos DNS). Nesta tese pretende-se apresentar uma solução que estenda um dos atuais mecanismos de autenticação Wi-Fi (WPA, WPA2) para que permita, após autenticação em captive portal, a migração de uma ligação aberta para uma ligação segura.
Resumo:
Now a days, email has become the most widely communication way in daily life. The main reason for using email is probably because of the convenience and speed in which it can be transmitted irrespective of geographical distances. To improve security and efficiency of email system, most of the email system adopt PKI and IBE encryption schemes. However, both PKI and IBE encryption schemes have their own shortcomings and consequently bring security issues to email systems. This paper proposes a new secure email system based on IBE which combines finger print authentication and proxy service for encryption and decryption
Resumo:
Abstract Passwords are the most common form of authentication, and most of us will have to log in to several accounts every day which require passwords. Unfortunately, passwords often do not do a good job of proving who we are, and come with a host of usability problems. Probably the only reason that passwords still exist is that there often isn't a better alternative, so we are likely to be stuck with them for the foreseeable future. Password cracking has been a problem for years, and becomes more problematic as computer become more powerful and attackers get a better idea of the sort of passwords people use. This presentation will look at two free password cracking tools: Hashcat and John the Ripper, and how even a non-expert on a laptop (i.e. me) can use them effectively. An introduction to some of the research surrounding the economics and usability of passwords will also be discussed. Note that the speaker is not an expert in this area, so it will be a fairly informal since I'm sure you're all tired after a long term.
Resumo:
The TCABR data analysis and acquisition system has been upgraded to support a joint research programme using remote participation technologies. The architecture of the new system uses Java language as programming environment. Since application parameters and hardware in a joint experiment are complex with a large variability of components, requirements and specification solutions need to be flexible and modular, independent from operating system and computer architecture. To describe and organize the information on all the components and the connections among them, systems are developed using the extensible Markup Language (XML) technology. The communication between clients and servers uses remote procedure call (RPC) based on the XML (RPC-XML technology). The integration among Java language, XML and RPC-XML technologies allows to develop easily a standard data and communication access layer between users and laboratories using common software libraries and Web application. The libraries allow data retrieval using the same methods for all user laboratories in the joint collaboration, and the Web application allows a simple graphical user interface (GUI) access. The TCABR tokamak team in collaboration with the IPFN (Instituto de Plasmas e Fusao Nuclear, Instituto Superior Tecnico, Universidade Tecnica de Lisboa) is implementing this remote participation technologies. The first version was tested at the Joint Experiment on TCABR (TCABRJE), a Host Laboratory Experiment, organized in cooperation with the IAEA (International Atomic Energy Agency) in the framework of the IAEA Coordinated Research Project (CRP) on ""Joint Research Using Small Tokamaks"". (C) 2010 Elsevier B.V. All rights reserved.
Resumo:
The advent of Internet Banking has shown the importance of effective method of authenticating a users in a remote environment. There are many different countenances to contemplate when examining Internet based security. One of the most tried and trusted techniques of protecting the safety of systems and data is to control people's access. The foundation for such measures is authentication. Specifically for Internet banking there is a real need for a way to uniquely identify and authenticate users without the possibility of their authenticity being cloned. This paper proposes a framework concerning how to identify security requirements for Internet Banking.
Resumo:
Reasons for the adoption of smart cards and biometric authentication mechanisms have been discussed in the past, yet many organisations are still resorting to traditional methods of authentication. Passwords possess several encumbrances not the least of which includes the difficulty some users have in remembering them. Often users inadvertently write difficult passwords down near the workstation, which negates any security password authentication, may provide and opens the floodgates to identity theft. In the current mainstream authentication paradigm, system administrators must ensure all users are educated on the need for a password policy, and implement it strictly. This paper discusses a conceptual framework for an alternative authentication paradigm. The framework attempts to reduce complexity for the user as well as increase security at the network and application levels.
Resumo:
Password authentication has failed to address the compounding business requirement for increased security. Biometric authentication is beginning to address the need for tighter security, but it costs several orders of magnitude more than basic password implementations. Biometric authentication also possesses several shortcomings that inhibit its widespread adoption. In this paper we describe the trends in the literature before presenting the justifications and objectives for graphical authentication: a viable alternative to both biometrics and passwords. We also intend the paper to serve as a
prelude to forthcoming implementation and validation research.
