Secure Localization Based Authentication (SLA) Strategy for Data Integrity in WNS

Wireless Sensor Networks(WSN)has been extensively utilized as a communication model in Internet of Things(IoT).As well,to offer service,numerous IoT based applications need effective transmission over unstable locations.To ensure reliability,prevailing investigations exploit multiple candidate forwarders over geographic opportunistic routing in WSNs.Moreover,these models are affected by crucial denial of service(DoS)attacks,where huge amount of invalid data are delivered intentionally to the receivers to disturb the functionality of WSNs.Here,secure localization based authentication(SLA)is presented to fight against DoS attack,and to fulfil the need of reliability and authentication.By examining state information,SLA projects a trust model to enhance efficacy of data delivery.Indeed,of the prevailing opportunistic protocols,SLA guarantees data integrity by modelling a trust based authentication,providing protection against DoS attackers and diminishing computational costs.Specifically,this model acts as a verification strategy to accelerate?attackers and to handle isolation.This strategy helps SLA in eliminating duplicate transmission and by continuous verification that results from conventional opportunistic routing.Simulation is performed in a MATLAB environment that offers authentic and reliable delivery by consuming approximately 50%of the cost in contrast to other approaches.The anticipated model shows better trade off in comparison to the prevailing ones.

An improved and secure multiserver authentication scheme based on biometrics and smartcard

With the advancement in internet technologies, the number of servers has increased remarkably to provide more services to the end users. These services are provided over the public channels, which are insecure and susceptible to interception, modification, and deletion. To provide security, registered entities are authenticated and then a session key is established between them to communicate securely. The conventional schemes anow a user to access services only after their independent registration with each desired server in a multiserver system. Therefore, a user must possess multiple smartcards and memorize various identities and passwords for obtaining services from multiple servers. This has led to the adoption of multiserver authentication in which a user accesses services of multiple servers after registering himself at only one central authority. Recently, Kumar and Om discussed a scheme for multiserver environment by using smartcard. Since the user-memorized passwords are of low entropy, it is possible for an attacker to guess them. This paper uses biometric information of user to enhance the security of the scheme by Kumar and Ore. Moreover, we conducted rigorous security analyses （informal and formal） in this study to prove the security of the proposed scheme against all known attacks. We also simulated our scheme by using the automated tool, ProVerif, to prove its secrecy and authentication properties. A comparative study of the proposed scheme with the existing related schemes shows its effectiveness.

High-Capacity Quantum Secure Communication with Authentication Using Einstein-Podolsky-Rosen Pairs

A new protocol for quantum secure communication with authentication is proposed. The proposed protocol has a higher capacity as each EPR pair can carry four classical bits by the XOR operation and an auxiliary photon. Tile security and efficiency are analyzed in detail and the major advantage of this protocol is that it is more efficient without losing security.

A distributed authentication and authorization scheme for in-network big data sharing

Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking （ICN） is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography （IBC） to propose a Distributed Authentication and Authorization Scheme （DAAS）, where an identity-based signature （IBS） is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption （CP-ABE） is used to enable the distributed and fine-grained authorization. DAAS consists of three phases： initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest （NOAM） dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest （AM） distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.

A NEW TWO-WAY AUTHENTICATION AND PRIVACY MECHANISM FOR WLAN SECURITY

Objective Aiming at lots of vulnerabilities in the Wired Equivalent Privacy (WEP) which threats the authentication and confidentiality in wireless communication, a new kind of mutual authentication and privacy mechanism named MWEP(Modified WEP) is proposed. Methods MWEP is based on pseudo random number generator (PRNG) and asymmetric cryptograph approach, it generates a unique session key like “One Time Password” for each data frame transmission between any two mobile stations. Results Using this session key to encrypt the transmission data, not only can it avoid replay attack, but also provide a good secure virtual channel for the sender and receiver. MWEP can be incorporated into IEEE 802.11. Conclusion It shows that the proposed mechanism is effective and practical after comparison with WEP and simulation.

Advanced Authentication Mechanisms for Identity and Access Management inCloud Computing

Identity management is based on the creation and management of useridentities for granting access to the cloud resources based on the user attributes.The cloud identity and access management (IAM) grants the authorization tothe end-users to perform different actions on the specified cloud resources. Theauthorizations in the IAM are grouped into roles instead of granting them directlyto the end-users. Due to the multiplicity of cloud locations where data resides anddue to the lack of a centralized user authority for granting or denying cloud userrequests, there must be several security strategies and models to overcome theseissues. Another major concern in IAM services is the excessive or the lack ofaccess level to different users with previously granted authorizations. This paperproposes a comprehensive review of security services and threats. Based on thepresented services and threats, advanced frameworks for IAM that provideauthentication mechanisms in public and private cloud platforms. A threat modelhas been applied to validate the proposed authentication frameworks with different security threats. The proposed models proved high efficiency in protectingcloud platforms from insider attacks, single sign-on failure, brute force attacks,denial of service, user privacy threats, and data privacy threats.

Efficient and Secure Authenticated Quantum Dialogue Protocols over Collective-Noise Channels

Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free states are introduced for resisting against collective-dephasing noise, collective-rotation noise and all kinds of unitary collective noise, respectively. Compared with the existing similar protocols, the analyses on security and information-theoretical emciency show that the proposed protocol is more secure and emeient.

Security Considerations on Three-Factor Anonymous Authentication Scheme for WSNs

Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li et al. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li et al.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.

Hybrid Trust Based Reputation Mechanism for Discovering Malevolent Node in MANET

A self-contained connection of wireless links that functions without any infrastructure is known as Mobile Ad Hoc Network(MANET).A MANET’s nodes could engage actively and dynamically with one another.However,MAN-ETs,from the other side,are exposed to severe potential threats that are difficult to counter with present security methods.As a result,several safe communication protocols designed to enhance the secure interaction among MANET nodes.In this research,we offer a reputed optimal routing value among network nodes,secure computations,and misbehavior detection predicated on node’s trust levels with a Hybrid Trust based Reputation Mechanism(HTRM).In addition,the study designs a robust Public Key Infrastructure(PKI)system using the suggested trust evaluation method in terms of“key”generation,which is a crucial component of a PKI cryptosystem.We also concentrate on the solid node authenticating process that relies on pre-authentication.To ensure edge-to-edge security,we assess safe,trustworthy routes to secure computations and authenticate mobile nodes,incorporating uncertainty into the trust management solution.When compared to other protocols,our recommended approach performs better.Finally,we use simulations data and performance evaluation metrics to verify our suggested approach’s validity Our approach outperformed the competing systems in terms of overall end-to-end delay,packet delivery ratio,performance,power consumption,and key-computing time by 3.47%,3.152%,2.169%,and 3.527%,3.762%,significantly.

Security Considerations Based on PKI/CA in Manufacturing Grid

In the manufacturing grid environment, the span of the consideration of security issues is more extensive, and the solutions for them are more complex, therefore these problems in manufacturing grid can＇t longer be addressed by existing security technologies. In order to solve this problem, the paper first puts forward the security architecture of manufacturing grid on the basis of the proposal of the security strategies for manufacturing grid; then the paper introduces key technologies based on public key infrastructure-certificate authority （PKI/CA） to ensure the security of manufacturing grid, such as single sign-on, security proxy, independent authentication and so on. Schemes discussed in the paper have some values to settle security problems in the manufacturing grid environment.

Research and Implementation of Time Synchronous Dynamic Password Based on SM3 Hash Algorithm

With the rapid development of information technology, demand of network & information security has increased. People enjoy many benefits by virtue of information technology. At the same time network security has become the important challenge, but network information security has become a top priority. In the field of authentication, dynamic password technology has gained users’ trust and favor because of its safety and ease of operation. Dynamic password, SHA (Secure Hash Algorithm) is widely used globally and acts as information security mechanism against potential threat. The cryptographic algorithm is an open research area, and development of these state-owned technology products helps secure encryption product and provides safeguard against threats. Dynamic password authentication technology is based on time synchronization, using the state-owned password algorithm. SM3 hash algorithm can meet the security needs of a variety of cryptographic applications for commercial cryptographic applications and verification of digital signatures, generation and verification of message authentication code. Dynamic password basically generates an unpredictable random numbers based on a combination of specialized algorithms. Each password can only be used once, and help provide high safety. Therefore, the dynamic password technology for network information security issues is of great significance. In our proposed algorithm, dynamic password is generated by SM3 Hash Algorithm using current time and the identity ID and it varies with time and changes randomly. Coupled with the SM3 hash algorithm security, dynamic password security properties can be further improved, thus it effectively improves network authentication security.

Research on a provable security RFID authentication protocol based on Hash function

Research on existing radio frequency identification（RFID） authentication protocols security risks, poor performance and other problems, a RFID security authentication protocol based on dynamic identification（ID） and Key value renewal is proposed. Meanwhile, the security problems based on Hash function RFID security authentication protocol in recent years have been also sorted and analyzed. Then a security model to design and analyze RFID protocols is built. By using the computational complexity, its correctness and security have been proved. Compared with the safety performance, storage overhead, computational overhead and other aspects of other protocols, the protocol for RFID has more efficient performance and ability to withstand various attacks. And the C# programming language is used to simulate the authentication process on the visual studio platform, which verifies the feasibility of the protocol.

A novel pairing-free certificateless authenticated key agreement protocol with provable security

Recently, He et al. （Computers and Mathematics with Applications, 2012） proposed an efficient pairing-free certificateless authenticated key agreement （CL-AKA） protocol and claimed their protocol was provably secure in the extended Canetti-Krawczyk （eCK） model. By giving concrete attacks, we indicate that their protocol is not secure in the eCK model. We propose an improved protocol and show our improvement is secure in the eCK model under the gap DiffieHellman （GDH） assumption. Furthermore, the proposed protocol is very efficient.