Most network service providers like MTN Nigeria, currently use two-factor authentication for their 4G wireless networks. This exposes the network subscribers to identify theft and users data to security threats like s...Most network service providers like MTN Nigeria, currently use two-factor authentication for their 4G wireless networks. This exposes the network subscribers to identify theft and users data to security threats like snooping, sniffing, spoofing and phishing. There is need to curb these problems with the use of an enhanced multi-factor authentication approach. The objective of this work is to create a multi-factor authentication software for a 4G wireless network. Multi-factor authentication involves user’s knowledge factor, user’s possession factor and user’s inherence factor;that is who the user is to be presented before system access can be granted. The research methodologies used for this work include Structured System Analysis and Design Methodology, SSADM and Prototyping. The result of this work will be a Multi-factor authentications software. This software was designed with programming languages like ASP. NET, C# and Microsoft SQL Server for the database.展开更多
Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs...Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li <i>et al</i>. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li <i>et al</i>.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.展开更多
The passwords for unlocking the mobile devices are relatively simple,easier to be stolen,which causes serious potential security problems.An important research direction of identity authentication is to establish user...The passwords for unlocking the mobile devices are relatively simple,easier to be stolen,which causes serious potential security problems.An important research direction of identity authentication is to establish user behavior models to authenticate users.In this paper,a mobile terminal APP browsing behavioral authentication system architecture which synthesizes multiple factors is designed.This architecture is suitable for users using the mobile terminal APP in the daily life.The architecture includes data acquisition,data processing,feature extraction,and sub model training.We can use this architecture for continuous authentication when the user uses APP at the mobile terminal.展开更多
This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in ...This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.展开更多
In view of the security risks of using static passwords to authenticate users, this paper gives a solution to implement two-factor authentication by using RSA token. A set of corresponding realization processes is pro...In view of the security risks of using static passwords to authenticate users, this paper gives a solution to implement two-factor authentication by using RSA token. A set of corresponding realization processes is proposed as well. Using dynamic password given by RSA can further verify user identity to improve the reliability of authentication.展开更多
One of the advantages of One Time Password (OTP) is that it’s free from brute force, replay, and shoulder attacks. The codes may originate from different entropy attributes and schemes, such as true random and digita...One of the advantages of One Time Password (OTP) is that it’s free from brute force, replay, and shoulder attacks. The codes may originate from different entropy attributes and schemes, such as true random and digital random number generators. Businesses, organizations, and academic institutions have adopted OTP methods for credit card transaction confirmation, recalling forgotten passwords, and validating web portal accounts. This paper proposed a new method in authenticating login credentials using a 3 × 3 matrix and random system key as Two-Factor Authentication (2FA) with an SMS-enabled feature. We used the 6-codes pseudorandom method and a 4-codes validation to allow mobile flexibility and ensure that the user has the required access. The page link and evaluation form are sent to students, IT professionals, and researchers. The results showed respondents are satisfied in terms of functionality, usability, efficiency, and reliability. The developed system could safeguard information, disallow unauthorized access, and impose acceptable data protection measures and minimal system requirements to use the system.展开更多
文摘Most network service providers like MTN Nigeria, currently use two-factor authentication for their 4G wireless networks. This exposes the network subscribers to identify theft and users data to security threats like snooping, sniffing, spoofing and phishing. There is need to curb these problems with the use of an enhanced multi-factor authentication approach. The objective of this work is to create a multi-factor authentication software for a 4G wireless network. Multi-factor authentication involves user’s knowledge factor, user’s possession factor and user’s inherence factor;that is who the user is to be presented before system access can be granted. The research methodologies used for this work include Structured System Analysis and Design Methodology, SSADM and Prototyping. The result of this work will be a Multi-factor authentications software. This software was designed with programming languages like ASP. NET, C# and Microsoft SQL Server for the database.
文摘Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li <i>et al</i>. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li <i>et al</i>.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.
基金partially supported by the National Key Research and Development Program of China(2018YFB2100801)。
文摘The passwords for unlocking the mobile devices are relatively simple,easier to be stolen,which causes serious potential security problems.An important research direction of identity authentication is to establish user behavior models to authenticate users.In this paper,a mobile terminal APP browsing behavioral authentication system architecture which synthesizes multiple factors is designed.This architecture is suitable for users using the mobile terminal APP in the daily life.The architecture includes data acquisition,data processing,feature extraction,and sub model training.We can use this architecture for continuous authentication when the user uses APP at the mobile terminal.
基金Supported by Natural Science Funds of Shanxi Province(No. 2010021016-3)
文摘This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.
文摘In view of the security risks of using static passwords to authenticate users, this paper gives a solution to implement two-factor authentication by using RSA token. A set of corresponding realization processes is proposed as well. Using dynamic password given by RSA can further verify user identity to improve the reliability of authentication.
文摘One of the advantages of One Time Password (OTP) is that it’s free from brute force, replay, and shoulder attacks. The codes may originate from different entropy attributes and schemes, such as true random and digital random number generators. Businesses, organizations, and academic institutions have adopted OTP methods for credit card transaction confirmation, recalling forgotten passwords, and validating web portal accounts. This paper proposed a new method in authenticating login credentials using a 3 × 3 matrix and random system key as Two-Factor Authentication (2FA) with an SMS-enabled feature. We used the 6-codes pseudorandom method and a 4-codes validation to allow mobile flexibility and ensure that the user has the required access. The page link and evaluation form are sent to students, IT professionals, and researchers. The results showed respondents are satisfied in terms of functionality, usability, efficiency, and reliability. The developed system could safeguard information, disallow unauthorized access, and impose acceptable data protection measures and minimal system requirements to use the system.