Document Organizing using Multiple Encryptions

In this manuscript, “Pocket Certificates'' - a conventional document organizing with the capability of securely storing those documents is presented. Documents are something that provides information or can be a certification for someone or also can be a legal report. The theft of such important documents/certificates can interfere/hamper an individual or organization from performing their work efficiently and can also lead to loss of possessions. The solution is the use of a Double Encryption system based on an amalgamation of RSA, AES and MD5 standards. Use of enhanced security can be thought of as a compromise in reliability and smooth function of a system but to the process, there are some constraints to be set so that the Encryption/Decryption process does not hamper the usability. This paper takes account of such attributes and keeps a balance between all of them. There is also the use of other Hashing techniques like bycrypt securely storing user login details and use of passport middleware for unique user authentication requirements at each application stage. The paper consists of an overall web application for the secure archive to documents or important data.

Download Full-text

Real-Time Multimodal Biometric User Authentication for Web Application Access in Wireless LAN

Journal of Computer Science ◽

10.3844/jcssp.2017.680.693 ◽

2017 ◽

Vol 13 (12) ◽

pp. 680-693 ◽

Cited By ~ 1

Author(s):

Sanjay Kumar ◽

Surjit Paul ◽

Dilip Kumar Shaw

Keyword(s):

Real Time ◽

Wireless Lan ◽

Web Application ◽

User Authentication ◽

Application Access

Download Full-text

Client side data encryption/decryption for web application

IFAC-PapersOnLine ◽

10.1016/j.ifacol.2016.12.041 ◽

2016 ◽

Vol 49 (25) ◽

pp. 241-246

Author(s):

Václav Kaczmarczyk ◽

Zdeněk Bradáč ◽

Petr Fiedler ◽

Jakub Arm

Keyword(s):

Web Application ◽

Data Encryption ◽

Encryption Decryption ◽

Client Side

Download Full-text

Penerapan Knowledge Sistem Informasi Penjaminan Mutu Fakultas Berbasis Web Di FTI-UKSW

Journal of Information Systems and Informatics ◽

10.33557/journalisi.v3i1.86 ◽

2021 ◽

Vol 3 (1) ◽

pp. 31-44

Author(s):

William Christopher ◽

Indrastanti Ratna Widiasari

Keyword(s):

Information Technology ◽

Knowledge Management ◽

Management System ◽

Web Application ◽

Rapid Development ◽

Knowledge Management System ◽

Data Archiving ◽

Christian University ◽

System Life ◽

Or Organization

Information technology is one of the assets of a company or organization that is important for its development, with the rapid development of technology today, technology must always be updated. One of the roles of information technology is the application of knowledge management. Knowledge Management is a system that is able to improve and manage knowledge information in companies or agencies that apply knowledge management. In this study, it focuses on implementing a knowledge management system in the Quality Assurance of the Faculties at Satya Wacana Christian University. This research is based on the fact that PMF institutions still use manual methods in data archiving, the purpose of this study is to design a web application that is useful for archiving PMF data to make it more effective and efficient. In this study, the KMS (Knowledge Management System) is applied, and uses the Knowledge Management System Life Cycle method which consists of several process stages consisting of infrastructure evaluation, KMS design analysis and development, and evaluation at the final stage. The result of this research is a useful data archiving web application for PMF. It is hoped that PMF will be more efficient in data archiving.

Download Full-text

Web application authentication using ZKP and novel 6D chaotic system

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v20.i3.pp1522-1529 ◽

2020 ◽

Vol 20 (3) ◽

pp. 1522

Author(s):

Shatha J. Mohammed ◽

Sadiq A. Mehdi

Keyword(s):

Chaotic System ◽

Web Application ◽

Web Applications ◽

Random Number ◽

User Authentication ◽

Internet Services ◽

Bottom Line ◽

Zero Knowledge ◽

Frequent Use ◽

Significant Process

Text password has long been a dominant approach to user authentication used by a huge quantity of Internet services. Web applications are now widely used for the implementation of a range of significant services. The securing of such applications has thus become a significant process. Currently the frequent use of passwords and the need for them make them more vulnerable to theft or guesswork. In the proposed research, the researcher designed an algorithm that has the ability to perform registration or to access web applications safely. The researcher designed an algorithm in the proposed research, which has the ability to securely perform registration or access web applications. The proposed idea based on the notion of Zero-knowledge proof. A complex generation of random number initiated by proposed novel 6D-Hyper chaotic system. The bottom line is that both parties (web application, user), have a secret number. These two numbers used to do the process of registration without requiring a password. Results from the research showed the importance of the proposed method by which the keys were managed and distributed in a safe and effective way.

Download Full-text

Let’s Take it Offline: Boosting Brute-Force Attacks on iPhone’s User Authentication through SCA

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i3.496-519 ◽

2021 ◽

pp. 496-519

Author(s):

Oleksiy Lisovets ◽

David Knichel ◽

Thorben Moos ◽

Amir Moradi

Keyword(s):

Graphics Processing Unit ◽

User Authentication ◽

Realistic Model ◽

Data Encryption ◽

Processing Unit ◽

Brute Force ◽

Sensitive Data ◽

User Data ◽

Encryption Decryption ◽

Brute Force Attack

In recent years, smartphones have become an increasingly important storage facility for personal sensitive data ranging from photos and credentials up to financial and medical records like credit cards and person’s diseases. Trivially, it is critical to secure this information and only provide access to the genuine and authenticated user. Smartphone vendors have already taken exceptional care to protect user data by the means of various software and hardware security features like code signing, authenticated boot chain, dedicated co-processor and integrated cryptographic engines with hardware fused keys. Despite these obstacles, adversaries have successfully broken through various software protections in the past, leaving only the hardware as the last standing barrier between the attacker and user data. In this work, we build upon existing software vulnerabilities and break through the final barrier by performing the first publicly reported physical Side-Channel Analysis (SCA) attack on an iPhone in order to extract the hardware-fused devicespecific User Identifier (UID) key. This key – once at hand – allows the adversary to perform an offline brute-force attack on the user passcode employing an optimized and scalable implementation of the Key Derivation Function (KDF) on a Graphics Processing Unit (GPU) cluster. Once the passcode is revealed, the adversary has full access to all user data stored on the device and possibly in the cloud.As the software exploit enables acquisition and processing of hundreds of millions oftraces, this work further shows that an attacker being able to query arbitrary many chosen-data encryption/decryption requests is a realistic model, even for compact systems with advanced software protections, and emphasizes the need for assessing resilience against SCA for a very high number of traces.

Download Full-text

Category-Based Graphical User Authentication (CGUA) Scheme for Web Application

Pattern Analysis, Intelligent Security and the Internet of Things - Advances in Intelligent Systems and Computing ◽

10.1007/978-3-319-17398-6_29 ◽

2015 ◽

pp. 315-326

Author(s):

Mohd Zamri Osman ◽

Norafida Ithnin

Keyword(s):

Web Application ◽

User Authentication

Download Full-text

Two factor authentication framework based on ethereum blockchain with dApp as token generation system instead of third-party on web application

10.26594/register.v6i2.1932 ◽

2020 ◽

Vol 6 (2) ◽

pp. 74

Author(s):

Marsha Chikita Intania Putri ◽

Parman Sukarno ◽

Aulia Arif Wardana

Keyword(s):

Web Application ◽

User Authentication ◽

Third Parties ◽

Third Party ◽

Generation System ◽

Additional Information ◽

Authentication System ◽

Mitm Attack

Authentication is a method for securing an account by verifying the user identity by inputting email with a password. Two factor authentications is an authentication system that combines the first-factor authentication with the second factor. General two factor authentication by entering an email or username with a password are similar. However, two factor authentication requires additional information that must be inputted by the user. Additional information can be in the form of tokens or one-time passwords (OTP). Two factor authentications generally still uses third-party services to generate token or OTP still have vulnerable because can attacked from tokens steal through MITM and found that the generated tokens with the same value. Therefore, we propose a two-factor authentication framework based on ethereum blockchain with dApp as token generation system. Firstly, outcome from the analysis of the system, next succeeded in creating a two-factor authentication system without using third-parties. Second, token system generate up to 3164 different tokens in one second and has been collisions tested. Third, security method to protect token from MITM attack. The attacker unable to get access caused all the checking are done by dApp user authentication.

Download Full-text

Teknik Uji Penetrasi Web Server Menggunakan SQL Injection dengan SQLmap di Kalilinux

STRING (Satuan Tulisan Riset dan Inovasi Teknologi) ◽

10.30998/string.v6i2.11477 ◽

2021 ◽

Vol 6 (2) ◽

pp. 210

Author(s):

Rudi Hermawan

Keyword(s):

Web Application ◽

User Authentication ◽

Web Server ◽

Cyber Attacks ◽

Injection Technique ◽

Sql Injection ◽

User Access ◽

Will Force ◽

Application Developers ◽

Sql Query

In recent years cases of cyber attacks that lead to website security have increased. The most widely used website hacking threat is sql injection. By using the sqlmap tool that runs on the Kalilinux operating system, attackers can easily take over very important user authentication data with their passwords. Attackers only use a special SQL query script using the python programming language will force the web server to output database information, tables, columns and data contents. This sql injection technique is not difficult, knowing how sql injection works is expected to be useful for web admins and web application developers to be able to secure user access from attackers. This attack simulation uses a virtual machine, by creating two virtual computers that are scripted as the attacker and the target server. By testing through this simulation, we can find out how the attack process and the consequences of attacks carried out by attackers.

Download Full-text

HeartBioPortal2.0: new developments and updates for genetic ancestry and cardiometabolic quantitative traits in diverse human populations

Database ◽

10.1093/database/baaa115 ◽

2020 ◽

Vol 2020 ◽

Author(s):

Bohdan B Khomtchouk ◽

Christopher S Nelson ◽

Kasra A Vand ◽

Salvator Palmisano ◽

Robert L Grossman

Keyword(s):

Data Storage ◽

Web Application ◽

Quantitative Traits ◽

Large Scale ◽

Genome Wide Association Study ◽

User Authentication ◽

Ethnically Diverse ◽

Human Populations ◽

Diverse Populations ◽

Computing Platform

Abstract Cardiovascular disease (CVD) is the leading cause of death worldwide for all genders and across most racial and ethnic groups. However, different races and ethnicities exhibit different rates of CVD and its related cardiorenal and metabolic comorbidities, suggesting differences in genetic predisposition and risk of onset, as well as socioeconomic and lifestyle factors (diet, exercise, etc.) that act upon an individual’s unique underlying genetic background. Here, we present HeartBioPortal2.0, a major update to HeartBioPortal, the world’s largest CVD genetics data precision medicine platform for harmonized CVD-relevant genetic variants, which now enables search and analysis of human genetic information related to heart disease across ethnically diverse populations and cardiovascular/renal/metabolic quantitative traits pertinent to CVD pathophysiology. HeartBioPortal2.0 is structured as a cloud-based computing platform and knowledge portal that consolidates a multitude of CVD-relevant genomic data modalities into a single powerful query and browsing interface between data and user via a user-friendly web application publicly available to the scientific research community. Since its initial release, HeartBioPortal2.0 has added new cardiovascular/renal/metabolic disease–relevant gene expression data as well as genetic association data from numerous large-scale genome-wide association study consortiums such as CARDIoGRAMplusC4D, TOPMed, FinnGen, AFGen, MESA, MEGASTROKE, UK Biobank, CHARGE, Biobank Japan and MyCode, among other studies. In addition, HeartBioPortal2.0 now includes support for quantitative traits and ethnically diverse populations, allowing users to investigate the shared genetic architecture of any gene or its variants across the continuous cardiometabolic spectrum from health (e.g. blood pressure traits) to disease (e.g. hypertension), facilitating the understanding of CVD trait genetics that inform health-to-disease transitions and endophenotypes. Custom visualizations in the new and improved user interface, including performance enhancements and new security features such as user authentication, collectively re-imagine HeartBioPortal’s user experience and provide a data commons that co-locates data, storage and computing infrastructure in the context of studying the genetic basis behind the leading cause of global mortality. Database URL: https://www.heartbioportal.com/

Download Full-text

The Rise of Cyber Warfare

Jurnal Kajian Peradaban Islam ◽

10.47076/jkpis.v3i1.26 ◽

2020 ◽

Vol 3 (1) ◽

pp. 19-21

Author(s):

Andrian Willyan Djaja

Keyword(s):

Large Scale ◽

Cyber Warfare ◽

Defense System ◽

Important Data ◽

Computer Hacking ◽

Personal Benefit ◽

Technological Advantage ◽

The Us ◽

The World ◽

Or Organization

A war in cyber domain has been already started, and its impact is quite devastating. Dangers arisen from the new kind of war ranged from economic disaster such financial accounts shutted or locked, technological problems, for example personal computer hacking and thievery of important data, also includes hacking into a country’s defense system and its use for personal benefit of a country or organization. The recent rise of 5G technology increases the possibility of these dangers to happen in real world. China currently holds the best 5G technology in the world in the hands of its leading company, Huawei. Heated politics between the US and China makes the possibility for China to use its technological advantage against its Western rivals and the whole world becomes very big. The US and its allies will definitely be retaliating against China with their own cyber weaponry, resulting in a large scale cyber warfare.

Download Full-text