Cloud-based SDN(Software Defined Network)integration offers new kinds of agility,flexibility,automation,and speed in the network.Enterprises and Cloud providers both leverage the benefits as networks can be configured...Cloud-based SDN(Software Defined Network)integration offers new kinds of agility,flexibility,automation,and speed in the network.Enterprises and Cloud providers both leverage the benefits as networks can be configured and optimized based on the application requirement.The integration of cloud and SDN paradigms has played an indispensable role in improving ubiquitous health care services.It has improved the real-time monitoring of patients by medical practitioners.Patients’data get stored at the central server on the cloud from where it is available to medical practitioners in no time.The centralisation of data on the server makes it more vulnerable to malicious attacks and causes a major threat to patients’privacy.In recent days,several schemes have been proposed to ensure the safety of patients’data.But most of the techniques still lack the practical implementation and safety of data.In this paper,a secure multi-factor authentication protocol using a hash function has been proposed.BAN(Body Area Network)logic has been used to formally analyse the proposed scheme and ensure that no unauthenticated user can steal sensitivepatient information.Security Protocol Animator(SPAN)–Automated Validation of Internet Security Protocols and Applications(AVISPA)tool has been used for simulation.The results prove that the proposed scheme ensures secure access to the database in terms of spoofing and identification.Performance comparisons of the proposed scheme with other related historical schemes regarding time complexity,computation cost which accounts to only 423 ms in proposed,and security parameters such as identification and spoofing prove its efficiency.展开更多
The rise of the digital economy and the comfort of accessing by way of user mobile devices expedite human endeavors in financial transactions over the Virtual Private Network(VPN)backbone.This prominent application of...The rise of the digital economy and the comfort of accessing by way of user mobile devices expedite human endeavors in financial transactions over the Virtual Private Network(VPN)backbone.This prominent application of VPN evades the hurdles involved in physical money exchange.The VPN acts as a gateway for the authorized user in accessing the banking server to provide mutual authentication between the user and the server.The security in the cloud authentication server remains vulnerable to the results of threat in JP Morgan Data breach in 2014,Capital One Data Breach in 2019,and manymore cloud server attacks over and over again.These attacks necessitate the demand for a strong framework for authentication to secure from any class of threat.This research paper,propose a framework with a base of EllipticalCurve Cryptography(ECC)to performsecure financial transactions throughVirtual PrivateNetwork(VPN)by implementing strongMulti-Factor Authentication(MFA)using authentication credentials and biometric identity.The research results prove that the proposed model is to be an ideal scheme for real-time implementation.The security analysis reports that the proposed model exhibits high level of security with a minimal response time of 12 s on an average of 1000 users.展开更多
Most network service providers like MTN Nigeria, currently use two-factor authentication for their 4G wireless networks. This exposes the network subscribers to identify theft and users data to security threats like s...Most network service providers like MTN Nigeria, currently use two-factor authentication for their 4G wireless networks. This exposes the network subscribers to identify theft and users data to security threats like snooping, sniffing, spoofing and phishing. There is need to curb these problems with the use of an enhanced multi-factor authentication approach. The objective of this work is to create a multi-factor authentication software for a 4G wireless network. Multi-factor authentication involves user’s knowledge factor, user’s possession factor and user’s inherence factor;that is who the user is to be presented before system access can be granted. The research methodologies used for this work include Structured System Analysis and Design Methodology, SSADM and Prototyping. The result of this work will be a Multi-factor authentications software. This software was designed with programming languages like ASP. NET, C# and Microsoft SQL Server for the database.展开更多
Multi-factor Authentication(MFA)often referred to as Two-factor Authentication(2FA),which is a subset of MFA,is the practice of implementing additional security methods on top of a standard username and password...Multi-factor Authentication(MFA)often referred to as Two-factor Authentication(2FA),which is a subset of MFA,is the practice of implementing additional security methods on top of a standard username and password to help authenticate the identity of a user and increase the security of data.This chapter will investigate the problem with username and password logins,the different types of authentication,current best practice for multi-factor authentication and interpretations about how the technology will grow in the upcoming years.展开更多
With the development of computer hardware technology and network technology,the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all profe...With the development of computer hardware technology and network technology,the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle.The information perception of the Internet of Things plays a key role as a link between the computer world and the real world.However,there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power,limited power supply,and open communication links.We proposed a novel lightweight authentication protocol based on password,smart card and biometric identification that achieves mutual authentication among User,GWN and sensor node.Biometric identification can increase the nonrepudiation feature that increases security.After security analysis and logical proof,the proposed protocol is proven to have a higher reliability and practicality.展开更多
Multi-factor authentication(MFA)was proposed by Pointcheval et al.[Pointcheval and Zimmer(2008)]to improve the security of single-factor(and two-factor)authentication.As the backbone of multi-factor authentication,bio...Multi-factor authentication(MFA)was proposed by Pointcheval et al.[Pointcheval and Zimmer(2008)]to improve the security of single-factor(and two-factor)authentication.As the backbone of multi-factor authentication,biometric data are widely observed.Especially,how to keep the privacy of biometric at the password database without impairing efficiency is still an open question.Using the vulnerability of encryption(or hash)algorithms,the attacker can still launch offline brute-force attacks on encrypted(or hashed)biometric data.To address the potential risk of biometric disclosure at the password database,in this paper,we propose a novel efficient and secure MFA key exchange(later denoted as MFAKE)protocol leveraging the Pythia PRF service and password-to-random(or PTR)protocol.Armed with the PTR protocol,a master password pwd can be translated by the user into independent pseudorandom passwords(or rwd)for each user account with the help of device(e.g.,smart phone).Meanwhile,using the Pythia PRF service,the password database can avoid leakage of the local user’s password and biometric data.This is the first paper to achieve the password and biometric harden service simultaneously using the PTR protocol and Pythia PRF.展开更多
基金Taif University Researchers Supporting Project number(TURSP-2020/98),Taif University,Taif,Saudi Arabia。
文摘Cloud-based SDN(Software Defined Network)integration offers new kinds of agility,flexibility,automation,and speed in the network.Enterprises and Cloud providers both leverage the benefits as networks can be configured and optimized based on the application requirement.The integration of cloud and SDN paradigms has played an indispensable role in improving ubiquitous health care services.It has improved the real-time monitoring of patients by medical practitioners.Patients’data get stored at the central server on the cloud from where it is available to medical practitioners in no time.The centralisation of data on the server makes it more vulnerable to malicious attacks and causes a major threat to patients’privacy.In recent days,several schemes have been proposed to ensure the safety of patients’data.But most of the techniques still lack the practical implementation and safety of data.In this paper,a secure multi-factor authentication protocol using a hash function has been proposed.BAN(Body Area Network)logic has been used to formally analyse the proposed scheme and ensure that no unauthenticated user can steal sensitivepatient information.Security Protocol Animator(SPAN)–Automated Validation of Internet Security Protocols and Applications(AVISPA)tool has been used for simulation.The results prove that the proposed scheme ensures secure access to the database in terms of spoofing and identification.Performance comparisons of the proposed scheme with other related historical schemes regarding time complexity,computation cost which accounts to only 423 ms in proposed,and security parameters such as identification and spoofing prove its efficiency.
文摘The rise of the digital economy and the comfort of accessing by way of user mobile devices expedite human endeavors in financial transactions over the Virtual Private Network(VPN)backbone.This prominent application of VPN evades the hurdles involved in physical money exchange.The VPN acts as a gateway for the authorized user in accessing the banking server to provide mutual authentication between the user and the server.The security in the cloud authentication server remains vulnerable to the results of threat in JP Morgan Data breach in 2014,Capital One Data Breach in 2019,and manymore cloud server attacks over and over again.These attacks necessitate the demand for a strong framework for authentication to secure from any class of threat.This research paper,propose a framework with a base of EllipticalCurve Cryptography(ECC)to performsecure financial transactions throughVirtual PrivateNetwork(VPN)by implementing strongMulti-Factor Authentication(MFA)using authentication credentials and biometric identity.The research results prove that the proposed model is to be an ideal scheme for real-time implementation.The security analysis reports that the proposed model exhibits high level of security with a minimal response time of 12 s on an average of 1000 users.
文摘Most network service providers like MTN Nigeria, currently use two-factor authentication for their 4G wireless networks. This exposes the network subscribers to identify theft and users data to security threats like snooping, sniffing, spoofing and phishing. There is need to curb these problems with the use of an enhanced multi-factor authentication approach. The objective of this work is to create a multi-factor authentication software for a 4G wireless network. Multi-factor authentication involves user’s knowledge factor, user’s possession factor and user’s inherence factor;that is who the user is to be presented before system access can be granted. The research methodologies used for this work include Structured System Analysis and Design Methodology, SSADM and Prototyping. The result of this work will be a Multi-factor authentications software. This software was designed with programming languages like ASP. NET, C# and Microsoft SQL Server for the database.
文摘Multi-factor Authentication(MFA)often referred to as Two-factor Authentication(2FA),which is a subset of MFA,is the practice of implementing additional security methods on top of a standard username and password to help authenticate the identity of a user and increase the security of data.This chapter will investigate the problem with username and password logins,the different types of authentication,current best practice for multi-factor authentication and interpretations about how the technology will grow in the upcoming years.
基金This work is supported by the National Science Foundation of China(Grant No.61501132,Grant Nos.61771154,61301095,61370084)the China Postdoctoral Science Foundation No.2016M591515+1 种基金the Heilongjiang Postdoctoral Sustentation Fund with No.LBH-Z14055Harbin Application Technology Research and Development Project(Grant Nos.2016RAQXJ063,2016RAXXJ013).
文摘With the development of computer hardware technology and network technology,the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle.The information perception of the Internet of Things plays a key role as a link between the computer world and the real world.However,there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power,limited power supply,and open communication links.We proposed a novel lightweight authentication protocol based on password,smart card and biometric identification that achieves mutual authentication among User,GWN and sensor node.Biometric identification can increase the nonrepudiation feature that increases security.After security analysis and logical proof,the proposed protocol is proven to have a higher reliability and practicality.
基金This work was supported by the National Natural Science Foundation of China(No.61802214)the Natural Science Foundation of Shandong Province(Nos.ZR2019BF009,ZR2018LF007,ZR2017MF0,ZR2016YL011)+2 种基金the Shandong Provincial Key Research and Development Program of China(2018GGX1010052017,CXGC07012016,GGX109001)the Project of Shandong Province Higher Educational Science and Technology Program(No.J17KA049)the Global Infrastructure Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Science and ICT(NRF-2018K1A3A1A20026485).
文摘Multi-factor authentication(MFA)was proposed by Pointcheval et al.[Pointcheval and Zimmer(2008)]to improve the security of single-factor(and two-factor)authentication.As the backbone of multi-factor authentication,biometric data are widely observed.Especially,how to keep the privacy of biometric at the password database without impairing efficiency is still an open question.Using the vulnerability of encryption(or hash)algorithms,the attacker can still launch offline brute-force attacks on encrypted(or hashed)biometric data.To address the potential risk of biometric disclosure at the password database,in this paper,we propose a novel efficient and secure MFA key exchange(later denoted as MFAKE)protocol leveraging the Pythia PRF service and password-to-random(or PTR)protocol.Armed with the PTR protocol,a master password pwd can be translated by the user into independent pseudorandom passwords(or rwd)for each user account with the help of device(e.g.,smart phone).Meanwhile,using the Pythia PRF service,the password database can avoid leakage of the local user’s password and biometric data.This is the first paper to achieve the password and biometric harden service simultaneously using the PTR protocol and Pythia PRF.