scholarly journals Design and Implementation of Continuous Authentication Mechanism Based on Multimodal Fusion Mechanism

2021 ◽  
Vol 2021 ◽  
pp. 1-19
Author(s):  
Jianfeng Guan ◽  
Xuetao Li ◽  
Ying Zhang

Most of the current authentication mechanisms adopt the “one-time authentication,” which authenticate users for initial access. Once users have been authenticated, they can access network services without further verifications. In this case, after an illegal user completes authentication through identity forgery or a malicious user completes authentication by hijacking a legitimate user, his or her behaviour will become uncontrollable and may result in unknown risks to the network. These kinds of insider attacks have been increasingly threatening lots of organizations, and have boosted the emergence of zero trust architecture. In this paper, we propose a Multimodal Fusion-based Continuous Authentication (MFCA) scheme, which collects multidimensional behaviour characteristics during the online process, verifies their identities continuously, and locks out the users once abnormal behaviours are detected to protect data privacy and prevent the risk of potential attack. More specifically, MFCA integrates the behaviours of keystroke, mouse movement, and application usage and presents a multimodal fusion mechanism and trust model to effectively figure out user behaviours. To evaluate the performance of the MFCA, we designed and implemented the MFCA system and the experimental results show that the MFCA can detect illegal users in quick time with high accuracy.

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Javier Junquera-Sánchez ◽  
Carlos Cilleruelo ◽  
Luis De-Marcos ◽  
José-Javier Martinez-Herráiz

Nowadays, the Zero Trust model has become one of the standard security models. This paradigm stipulates as mandatory the protection of each endpoint, looking for providing security to all the network. To meet this end, it is necessary to guarantee the integrity of the access control systems. One possibility for bringing security to the different endpoints is continuous authentication, as an access control system. Continuous authentication is the set of technologies capable of determining if a user’s identity remains in time; whether he is the legitimate user (i.e., the only one who should know the secret credentials) or the identity has been impersonated by someone else after the authentication’s process was completed. Continuous authentication does not require the active participation of the user. Aiming to identify the different technologies involved in continuous authentication’s implementations, evaluation methods, and its use cases, this paper presents a systematic review that synthesizes the state of the art. This review is conducted to get a picture about which data sources could allow continuous authentication, in which systems it has been successfully implemented, and which are the most adequate ways to process the data. This review also identifies the defining dimensions of continuous authentication systems.


2021 ◽  
pp. 174387212110493
Author(s):  
Gordon Hull

This paper situates the data privacy debate in the context of what I call the death of the data subject. My central claim is that concept of a rights-bearing data subject is being pulled in two contradictory directions at once, and that simultaneous attention to these is necessary to understand and resist the extractive practices of the data industry. Specifically, it is necessary to treat the problems facing the data subject structurally, rather than by narrowly attempting to vindicate its rights. On the one hand, the data industry argues that subjects of biometric identification lack legal standing to pursue claims in court, and Facebook recently denied that that its facial recognition software recognizes faces. On the other hand, industry takes consent to terms of service and arbitration clauses to create enforceable legal subject positions, while using promises of personalization to create a phenomenological subject that is unaware of the extent to which it is being manipulated. Data subjects thus have no legal existence when it is a matter of corporate liability, but legal accountability when it is a matter of their own liability. Successful reform should address the power asymmetries between individuals and data companies that enable this structural disempowerment.


2013 ◽  
Vol 411-414 ◽  
pp. 40-44
Author(s):  
Xiao Yong Tang ◽  
Jin Wei Li ◽  
Gui Ping Liao

The use of Cloud computing systems to run large-scale scientific, business and consumer based IT applications has increased rapidly in recent years. More and more Cloud users concern the data privacy protection and security in such systems. A natural way to tackle this problem is to adopt data encryption and access control policy. However, this solution is inevitably introduced a heavy computation overhead. In this paper, we first establish a trust model between Cloud servers and Cloud users. Then, we build the trust-aware attribute-based access control policies according to Cloud user trust level and Cloud request attributes. This technique can give different encryption and decryption data to Cloud user and substantive reduce the computation overhead of Cloud computing.


2021 ◽  
pp. 104-110
Author(s):  
Le Duc Huy ◽  
◽  
Luong Thai Ngoc ◽  
Nguyen Van Tam ◽  

On-demand routing protocol is designed to work efficiently on mobile ad hoc networks (MANET). They operate with the belief that all nodes in the network are friendly, thus hackers exploiting security vulnerabilities to carry out some form of cyber attacks, especially Flooding attacks. This form of attack is easily accomplished by overflowing route request packets into the network. Once the attack frequency is large enough, it shall interfere with the route discovery of other network nodes, damaging network performance. In this article, we will analyze and evaluate the impact of flood attacks on the performance of two routing protocols AOMDV. Thereby, we describe a security solutions using the One Time Password (OTP) authentication mechanism (OAM) and implementing AOMDV-OAM security protocol, which is improved from the AOMDV protocol by using OAM to reduce the harmful effects of flood attacks. Using NS2, we assess the security effectiveness of the AOMDV-OAM protocol in random waypoint network topologies where has flooding attacks. Simulation results show that AOMDV-OAM protocol is very effective in minimizing the harmful effects of flood attacks, the rate of successful packet delivery reached over 99% when the one malicious node attacked with a frequency of 20pkt/s and 50pkt/s for Grid network topology.


2015 ◽  
Vol 28 (3) ◽  
pp. 439-456 ◽  
Author(s):  
Vanja Miskovic ◽  
Djordje Babic

One of the most promising applications of sensor networks is mobile health monitoring. The key concept of New Generation Networks (NGN) is IP Multimedia Subsystem (IMS). The possibility of using mobile devices as gateways between sensor networks and IMS has led to the development of integrated solutions such as the one proposed in this paper. Event-based SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE) architecture is considered as the best solution for IMS based mobile health monitoring. This paper also describes usage of the Session Initiation Protocol (SIP) protocol to communicate with the IMS core, whereas data are transmitted within the body of SIP messages. Thus there is no need for additional transport protocol. Presence Information Data Format (PIDF) is used as data format and data privacy is controlled by XML Configuration Access Protocol (XCAP), which also provides the ability to manage groups of patients.


2019 ◽  
Vol 2019 ◽  
pp. 1-20 ◽  
Author(s):  
Vicente Mayor ◽  
Rafael Estepa ◽  
Antonio Estepa ◽  
German Madinabeitia

When telecommunication infrastructure is damaged by natural disasters, creating a network that can handle voice channels can be vital for search and rescue missions. Unmanned Aerial Vehicles (UAV) equipped with WiFi access points could be rapidly deployed to provide wireless coverage to ground users. This WiFi access network can in turn be used to provide a reliable communication service to be used in search and rescue missions. We formulate a new problem for UAVs optimal deployment which considers not only WiFi coverage but also the mac sublayer (i.e., quality of service). Our goal is to dispatch the minimum number of UAVs for provisioning a WiFi network that enables reliable VoIP communications in disaster scenarios. Among valid solutions, we choose the one that minimizes energy expenditure at the user’s WiFi interface card in order to extend ground user’s smartphone battery life as much as possible. Solutions are found using well-known heuristics such as K-means clusterization and genetic algorithms. Via numerical results, we show that the IEEE 802.11 standard revision has a decisive impact on the number of UAVs required to cover large areas, and that the user’s average energy expenditure (attributable to communications) can be reduced by limiting the maximum altitude for drones or by increasing the VoIP speech quality.


2017 ◽  
Vol 5 (4RACSIT) ◽  
pp. 47-52
Author(s):  
Rohini B.R. ◽  
Thippeswamy G.

Authentication plays a vital role in Information security. The need for identification of legitimate user has increased in the waking concerns for global security. Biometric recognition Systems is a major tool for Authentication mechanism. Biometrics is the ability to identify and authenticate an individual using one or more of their behavioral or physical characteristics. The Study of Different Biometric Modalities gives a better understanding of Biometric Techniques. We focus our Study on Face Biometrics. This paper emphasizes on better understanding of introduction to Biometrics, Biometric Modalities and Face recognition Techniques.


2021 ◽  
Vol 13 (1) ◽  
pp. 10-17
Author(s):  
Caroline Wiertz ◽  
Christine Kittinger-Rosanelli

Abstract Our relationship to technology is deeply paradoxical. On the one hand, we buy and constantly use more devices and apps, leaving our traces in the digital space. On the other hand, we increasingly fear the dark sides of being dependent on technology and of data abuse. Inadequate knowledge and errors make it difficult to predict unintended consequences, and often problems emerge due to deliberate choices to pursue some interests while ignoring others. Hot topics include data privacy, potentially biased or discriminating algorithms, the tension between free choice and manipulation, and the optimization of questionable outputs while ignoring broader effects. Fighting unintended consequences should get to the roots of the problems. As for personal data, users should get more control over what they share. Further, more transparency can help avoid dystopian outcomes. It concerns the use of data, in particular, by algorithms. The high concentration of power of a few global players should also be watched closely, and societies need to be critical towards their actions and objectives. Even seemingly noble motives come at a price, and this price needs to be negotiable.


2021 ◽  
Vol 16 (3) ◽  
pp. 59-66
Author(s):  
Deepnshu Singh ◽  
Jyotinder Kaur Chaddah

Technology has always emerged to embolden the existing working process. On the one hand, it encourages transparency, accessibility and robustness in the system and on the other hand, it begets mitigation of the risks and allows us to detect, evaluate and eliminate vulnerability in the system. The most prominent technologies in todays’ world like Artificial Intelligence, Virtual/Augmented Reality, Automation, Cloud Computing are thriving to solve society’s problems and ensure the expedition in the process from its previous generation. Blockchain technology is no exception in providing the solution to eliminate the counterfeit markets across the globe and building trust among parties to do business without the fear of indulging or facing any unscrupulous business. Blockchain technology can ensure data privacy while improving supply chain transparency and reducing fraud. It can provide all stakeholders within a certain supply chain with access to the same information, potentially reducing errors. A decentralised application can pave the way to promulgate online pharmaceutical business where health information and each stakeholders’ data is not compromised. Against this backdrop the research conducted throws light on the challenges in the online medical drug and devices’ distribution and proposes a solution, an architectural design for blockchain technology in an online pharmaceutical platform to mitigate the counterfeit market while bringing efficiency to the ecosystem.


Sign in / Sign up

Export Citation Format

Share Document