Four-way handshake protocol for authenticating in multiple mix-zones

Authentication is the process of verifying that the users who they claim to be or not, it is based on identity and credentials. Most of the attacks can be reduced using authentication process. Authentication is important because as the amount of online data sharing has increased, threats and fraud in a large amount are also increased, a changing of the guard which provides security to mobile devices is needed for which authentication is necessary. Privacy of user’s location is important in mobile networks, there are several strategies to protect the personal information (i.e., their location). In previous work it is introduced that the mix zone model which will change the old pseudonyms to new pseudonyms and anonymizes user’s identity by restricting the position where users can be located. Later work, even in the multiple mix-zones model, attackers can attack by using side information (like footprints, navigation etc.). So, we need an authentication protocol while two mix-zones or user-services are communicating. We came across different authentication protocols like PAP, CHAP, and EAP. In this paper, a four-way handshake protocol is implemented for providing authentication while multiple mix-zones are communicating. A four-way handshake authentication protocol i.e., WPA-PSK protocol for verification. WPA-PSK is applied in such a way that both STA(supplicant) and AP(authenticator) can check that they are re-agreeing on a non-forged RSN and IE, therefore they are using the most secure available protocols.

Download Full-text

Remote Quantum-Safe Authentication of Entities with Physical Unclonable Functions

Photonics ◽

10.3390/photonics8070289 ◽

2021 ◽

Vol 8 (7) ◽

pp. 289

Author(s):

Georgios M. Nikolopoulos

Keyword(s):

Authentication Protocol ◽

Authentication Protocols ◽

Photonic Networks ◽

Physical Unclonable Functions ◽

Quantum Protocols ◽

Open Question ◽

Standard Techniques

Physical unclonable functions have been shown to be a useful resource of randomness for implementing various cryptographic tasks including entity authentication. All the related entity authentication protocols that have been discussed in the literature so far, either they are vulnerable to an emulation attack, or they are limited to short distances. Hence, quantum-safe remote entity authentication over large distances remains an open question. In the first part of this work, we discuss the requirements that an entity authentication protocol has to offer, to be useful for remote entity authentication in practice. Subsequently, we propose a protocol, which can operate over large distances, and offers security against both classical and quantum adversaries. The proposed protocol relies on standard techniques, it is fully compatible with the infrastructure of existing and future photonic networks, and it can operate in parallel with other quantum protocols, including QKD protocols.

Download Full-text

Next Generation of SDN in Cloud-Fog for 5G and Beyond-Enabled Applications: Opportunities and Challenges

Network ◽

10.3390/network1010004 ◽

2021 ◽

Vol 1 (1) ◽

pp. 28-49

Author(s):

Ehsan Ahvar ◽

Shohreh Ahvar ◽

Syed Mohsan Raza ◽

Jose Manuel Sanchez Vilchez ◽

Gyu Myoung Lee

Keyword(s):

Internet Of Things ◽

Data Sharing ◽

Mobile Networks ◽

The Other ◽

The Internet ◽

Hybrid Cloud ◽

Next Generation ◽

Delay Constraints ◽

Mission Critical ◽

Iot Devices

In recent years, the number of objects connected to the internet have significantly increased. Increasing the number of connected devices to the internet is transforming today’s Internet of Things (IoT) into massive IoT of the future. It is predicted that, in a few years, a high communication and computation capacity will be required to meet the demands of massive IoT devices and applications requiring data sharing and processing. 5G and beyond mobile networks are expected to fulfill a part of these requirements by providing a data rate of up to terabits per second. It will be a key enabler to support massive IoT and emerging mission critical applications with strict delay constraints. On the other hand, the next generation of software-defined networking (SDN) with emerging cloudrelated technologies (e.g., fog and edge computing) can play an important role in supporting and implementing the above-mentioned applications. This paper sets out the potential opportunities and important challenges that must be addressed in considering options for using SDN in hybrid cloud-fog systems to support 5G and beyond-enabled applications.

Download Full-text

Cryptanalysis of a hybrid authentication protocol for large mobile networks

Journal of Systems and Software ◽

10.1016/j.jss.2005.04.022 ◽

2006 ◽

Vol 79 (4) ◽

pp. 496-501 ◽

Cited By ~ 8

Author(s):

Qiang Tang ◽

Chris J. Mitchell

Keyword(s):

Mobile Networks ◽

Authentication Protocol ◽

Hybrid Authentication

Download Full-text

Context-Aware Community Construction in Proximity-Based Mobile Networks

Mobile Information Systems ◽

10.1155/2015/402705 ◽

2015 ◽

Vol 2015 ◽

pp. 1-18 ◽

Cited By ~ 2

Author(s):

Na Yu ◽

Qi Han

Keyword(s):

Social Networking ◽

Mobile Devices ◽

Mobile Networks ◽

Context Aware ◽

Two Phase ◽

Space And Time ◽

Shared Information ◽

Influence Graph ◽

Social Applications ◽

Share Information

Sensor-equipped mobile devices have allowed users to participate in various social networking services. We focus on proximity-based mobile social networking environments where users can share information obtained from different places via their mobile devices when they are in proximity. Since people are more likely to share information if they can benefit from the sharing or if they think the information is of interest to others, there might exist community structures where users who share information more often are grouped together. Communities in proximity-based mobile networks represent social groups where connections are built when people are in proximity. We consider information influence (i.e., specify who shares information with whom) as the connection and the space and time related to the shared information as the contexts. To model the potential information influences, we construct an influence graph by integrating the space and time contexts into the proximity-based contacts of mobile users. Further, we propose a two-phase strategy to detect and track context-aware communities based on the influence graph and show how the context-aware community structure improves the performance of two types of mobile social applications.

Download Full-text

Internet privacy in Canada: a public interest perspective

10.32920/ryerson.14656095 ◽

2021 ◽

Author(s):

Julie Gustavel

Keyword(s):

Personal Information ◽

Online Environment ◽

Informational Privacy ◽

Online Data ◽

Policy Makers ◽

Privacy Concerns ◽

Record Keeping ◽

Internet Privacy ◽

Legislative Action ◽

Individual Privacy

Issues about informational privacy have emerged in tandem with the escalating increase in nformation stored in electronic formats. Data protection is a pressing issue not only because files of personal information are being kept in greater detail and for longer periods of time, but also because the data can be retrieved and compared or matched without delay, regardless of geography. While defenders of information technology cite efficiency and safety among the countervailing benefits, concerns from an increasingly tech-savvy public have introduced a sense of urgency to demand tough legislation. Although many studies have provided evidence of online privacy concerns, few have explored the nature of the concern in detail, especially in terms of government policy for our new online environment. Bill C-6, Canada's recent legislative action, has provided a practical basis from which to appraise governments' role in privacy protection. With this in mind, the paper will be divided into two parts. Part one will be undertaken to: (A) evaluate the arguments of critics as well as defenders of contemporary record-keeping practices and the philosophical conceptions of privacy, which underlie them; and, using these themes (B) provide a comprehensive assessment of the effectiveness of Bill C- 6, examining the ways in which policy makers have begun to treat privacy as both a commodity and a secondary adjunct to business activity. Part two of the paper, purposes a series of recommendations or, more specifically, a framework for Bill C-6 that would, more effectively, protect individual privacy from private entities, who collect online data.

Download Full-text

Enabling Efficient Decentralized and Privacy Preserving Data Sharing in Mobile Cloud Computing

Wireless Communications and Mobile Computing ◽

10.1155/2021/8513869 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Jiawei Zhang ◽

Ning Lu ◽

Teng Li ◽

Jianfeng Ma

Keyword(s):

Cloud Computing ◽

Access Control ◽

Mobile Devices ◽

Data Sharing ◽

Mobile Cloud Computing ◽

High Efficiency ◽

Mobile Cloud ◽

User Privacy ◽

Access Policy ◽

Fine Grained

Mobile cloud computing (MCC) is embracing rapid development these days and able to provide data outsourcing and sharing services for cloud users with pervasively smart mobile devices. Although these services bring various conveniences, many security concerns such as illegally access and user privacy leakage are inflicted. Aiming to protect the security of cloud data sharing against unauthorized accesses, many studies have been conducted for fine-grained access control using ciphertext-policy attribute-based encryption (CP-ABE). However, a practical and secure data sharing scheme that simultaneously supports fine-grained access control, large university, key escrow free, and privacy protection in MCC with expressive access policy, high efficiency, verifiability, and exculpability on resource-limited mobile devices has not been fully explored yet. Therefore, we investigate the challenge and propose an Efficient and Multiauthority Large Universe Policy-Hiding Data Sharing (EMA-LUPHDS) scheme. In this scheme, we employ fully hidden policy to preserve the user privacy in access policy. To adapt to large scale and distributed MCC environment, we optimize multiauthority CP-ABE to be compatible with large attribute universe. Meanwhile, for the efficiency purpose, online/offline and verifiable outsourced decryption techniques with exculpability are leveraged in our scheme. In the end, we demonstrate the flexibility and high efficiency of our proposal for data sharing in MCC by extensive performance evaluation.

Download Full-text

YAICD: Yet Another IMSI Catcher Detector in GSM

Security and Communication Networks ◽

10.1155/2021/8847803 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Parimah Ziayi ◽

Seyed Mostafa Farmanbar ◽

Mohsen Rezvani

Keyword(s):

Mobile Devices ◽

Cellular Networks ◽

Mobile Networks ◽

Experimental Results ◽

Lte Networks ◽

Backward Compatibility ◽

Man In The Middle ◽

Base Transceiver Station ◽

Gsm Network

In GSM, the network is not authenticated which allows for man-in-the-middle (MITM) attacks. Attackers can track traffic and trace users of cellular networks by creating a rogue base transceiver station (BTS). Such a defect in addition to the need for backward compatibility of mobile networks makes all GSM, UMTS, and LTE networks susceptible to MITMs. These attacks are conducted using IMSI-Catchers (ICs). Most of the solutions proposed for detecting ICs in the literature are based on using specific mobile devices with root access. Also, they cannot identify ICs to which users are not connected. In this paper, we propose an approach called YAICD for detecting ICs in the GSM network. YAICD consists of a sensor that can be installed on Android mobile devices. It detects ICs by extracting 15 parameters from signals received from BTSs. We also established a lab-scale testbed to evaluate YAICD for various detection parameters and for comparing it against existing solutions in the literature. The experimental results show that YAICD not only successfully detects ICs using the parameters but also identifies ICs to which users are not yet connected to the network.

Download Full-text

Advanced Authentication Protocol for Software-Defined Networks

International Journal of Semantic Computing ◽

10.1142/s1793351x18400160 ◽

2018 ◽

Vol 12 (03) ◽

pp. 361-371

Author(s):

Maha Ali Allouzi ◽

Javed I. Khan

Keyword(s):

Critical Infrastructure ◽

Authentication Protocol ◽

Mutual Trust ◽

First Line ◽

Trust Negotiation ◽

Negotiation Protocol ◽

Fine Grained ◽

Trust Establishment ◽

Alternative Approach ◽

Handshake Protocol

Software-Defined Networking (SDN) is being widely implemented by critical infrastructure networks, however providing security features still a challenge. In this work, we present SafeFlow an Automatic Trust Negotiation Protocol for SDN, a first line of defense and fine-grained authentication protocol, in order to deny the access of OpenFlow switches without valid digital credentials. Traditional security approaches based on identity or capabilities do not solve the problem of establishing trust between strangers. One alternative approach to mutual trust establishment is Trust Negotiation, the bilateral exchange of digital credentials to establish trust gradually. The proposed protocol describes Trust Negotiation in OpenFlow protocol, probable extension to the OpenFlow handshake protocol. In this paper, we describe the implementation of SafeFlow. The proposed protocol ensures the security of the infrastructure itself, as there are also other proposals for developing security application on OpenFlow network infrastructure.

Download Full-text

Practical Authentication Protocols for Protecting and Sharing Sensitive Information on Mobile Devices

Communications in Computer and Information Science - Cryptography and Security Systems ◽

10.1007/978-3-662-44893-9_14 ◽

2014 ◽

pp. 153-165 ◽

Cited By ~ 3

Author(s):

Imed El Fray ◽

Tomasz Hyla ◽

Mirosław Kurkowski ◽

Witold Maćków ◽

Jerzy Pejaś

Keyword(s):

Mobile Devices ◽

Sensitive Information ◽

Authentication Protocols

Download Full-text

mMarketing Opportunities for User Collaborative Environments in Smart Cities

Digital Marketing and Consumer Engagement ◽

10.4018/978-1-5225-5187-4.ch062 ◽

2017 ◽

pp. 1213-1241

Author(s):

Artemis D. Avgerou ◽

Despina A. Karayanni ◽

Yannis C. Stamatiou

Keyword(s):

Wireless Communications ◽

Mobile Devices ◽

Large Scale ◽

Collective Intelligence ◽

Personal Information ◽

Smart Cities ◽

Mobility Patterns ◽

Communications Networks ◽

Pollution Levels ◽

Commercial Activities

Smart City infrastructures connect people with their devices through wireless communications networks while they offer sensor-based information about the city's status and needs. Connecting people carrying mobile devices equipped with sensors through such an infrastructure leads to the “collective intelligence” or “crowdsourcing” paradigm. This paradigm has been deployed in numerous contexts such as performing large-scale experiments (e.g., monitoring the pollution levels or analyzing mobility patterns of people to derive useful information about rush hours in cities) or gathering and sharing user collected experiences in efforts to increase privacy awareness and personal information protection levels. In this chapter, we will focus on employing this paradigm in the mMarketing/mCommerce domain and discuss how crowdsourcing can create new opportunities for commercial activities as well as expansion of existing ones.

Download Full-text