MEAP, modified EAP protocol for WLAN authentication

10.32920/ryerson.14664813 ◽

2021 ◽

Author(s):

Xiaoying Guo

Keyword(s):

User Authentication ◽

Mutual Authentication ◽

Access Point ◽

Local Area ◽

Transport Layer ◽

Security Measures ◽

Data Packets ◽

Security Guards ◽

Security Issues ◽

Authentication Mechanism

Wireless networking is becoming increasingly popular. However, the use of Wireless Local Area Networks (WLAN) also creates many security issues that do not exist in a wired world. WLAN connection no longer requires cable. Instead, data packets are sent on the air and are available to anyone with the ability to intercept and decode them. Traditional physical security measures like firewalls and security guards are less efficient in this new domain. The IEEE has organized the 802.11i Task Group to address 802.11 security. To solve the user authentication problem, it adopted 802.1x standard. The standard relies on Extensible Authentication Protocol (EAP) to provide the authentication function. However, after the basic EAP authentication process, the Access Point (AP) still needs to be authenticated by the client. In order to implement mutual authentication, Protected EAP (PEAP), EAP-Transport Layer Security (TLS), EAP-Tunneled TLS (TTLS) or other variants of EAP are developed. But some [are] still weak in the authentication procedure. In this thesis, a new authentication mechanism called Modified EAP (MEAP) is proposed. MEAP is based on PEAP. MEAP adds a TLS layer on top of EAP, and then uses the resulting TLS session as a tunnel to protect the later Simple Password-authenticated Exponential Key Exchange (SPEKE), which is a strong password method. MEAP can provide mutual authentication to satisfy strong authentication requirements in WLAN.

Download Full-text

Design and implementation of a security layer for RFID systems

Journal of Applied Research and Technology ◽

10.22201/icat.16656423.2008.6.02.506 ◽

2008 ◽

Vol 6 (02) ◽

Cited By ~ 6

Author(s):

V. Alarcon-Aquino ◽

M. Dominguez-Jimenez ◽

C. Ohms

Keyword(s):

Radio Frequency Identification ◽

Mutual Authentication ◽

Rfid Tag ◽

Security Issues ◽

Rfid Systems ◽

Rf Transceivers ◽

Authentication Mechanism ◽

Frequency Identification ◽

Symmetric Key ◽

Proposed Modification

RFID (Radio Frequency Identification) is a technology whose employment will certainly grow in the following years. It is therefore necessary to consider the security issues that come out from the implementation of that type of systems. In this paper we present an approach to solve the security problems in RFID systems by designing a naive security layer based on authentication and encryption algorithms. The authentication mechanism is the mutual authentication based on a three-way handshaking model, which authenticates both the reader and the tag in the communication protocol. The cipher algorithm based on a symmetric-key cryptosystem is RC4 implemented in a proposed modification to the existing WEP protocol to make it more secure in terms of message privacy. The proposed approach is implemented using VHDL in FPGAs communicated through RF transceivers. The results show that the security layer is simple enough to be implemented in a low-price RFID tag.

Download Full-text

MULTIOBJECTIVE DECISION SUPPORT IN IT-RISK MANAGEMENT

International Journal of Information Technology & Decision Making ◽

10.1142/s0219622002000154 ◽

2002 ◽

Vol 01 (02) ◽

pp. 251-268 ◽

Cited By ~ 18

Author(s):

CHRISTINE STRAUSS ◽

CHRISTIAN STUMMER

Keyword(s):

Local Area Network ◽

Local Area ◽

Area Network ◽

Security Measures ◽

Real World Data ◽

Security Issues ◽

Step Procedure ◽

It Managers ◽

It Risk ◽

Modelling Approach

Security issues in information management are increasingly moving towards the centre of corporate interests. This paper presents a multiobjective modelling approach that interactively assists IT managers in their attempts to reduce a given risk by evaluating and selecting portfolios (i.e. bundles) of security measures. The proposed multi-step procedure identifies attractive portfolio candidates and finally establishes the "best" one with respect to the decision-maker's preferences. Our model and its possible application are demonstrated by means of a numerical example based on real-world data that evaluates the risk of hacking faced by a Local Area Network in an academic environment.

Download Full-text

Wireless access point protection from un-authorized user in an office environment

ACMIT Proceedings ◽

10.33555/acmit.v1i1.11 ◽

2019 ◽

Vol 1 (1) ◽

pp. 90-98

Author(s):

Ignasius Irawan Budi P

Keyword(s):

Wireless Local Area Network ◽

Local Area Network ◽

Access Point ◽

Local Area ◽

Transport Layer ◽

Area Network ◽

Authorized User ◽

Live Environment ◽

Client Device ◽

Extensible Authentication Protocol

Extensible Authentication Protocol (EAP) is authentication method to protect wireless local area network from un-authorized user which there was interaction between radius servers, access point and client device. When EAP was used as authentication method, the authentication can be strengthened by using TLS (Transport Layer Security) certificate where client device and server will use certificate to verify the identity of each other. The certificate must meet requirement on the server and client for the successful authentication. For this time, the authentication method provides highest level for security in wireless local area network because this method can protect man-in-middle vulnerability.The proposed framework is evaluated by using scenario in testing and live environment to ensure that the authentication has been securely for mutual device authentication.

Download Full-text

Implement an International Interoperable PHR by FHIR—A Taiwan Innovative Application

Sustainability ◽

10.3390/su13010198 ◽

2020 ◽

Vol 13 (1) ◽

pp. 198

Author(s):

Yen-Liang Lee ◽

Hsiu-An Lee ◽

Chien-Yeh Hsu ◽

Hsin-Hua Kung ◽

Hung-Wen Chiu

Keyword(s):

User Authentication ◽

Personal Health Records ◽

Personal Health Information ◽

Transport Layer ◽

Personal Health ◽

Specific Information ◽

Health Records ◽

Authentication Mechanism ◽

Network Time ◽

Network Time Protocol

Personal health records (PHRs) have lots of benefits for things such as health surveillance, epidemiological surveillance, self-control, links to various services, public health and health management, and international surveillance. The implementation of an international standard for interoperability is essential to accessing personal health records. In Taiwan, the nationwide exchange platform for electronic medical records (EMRs) has been in use for many years. The Health Level Seven International (HL7) Clinical Document Architecture (CDA) was used as the standard of the EMRs. However, the complication of implementing CDA became a barrier for many hospitals to realize the standard EMRs. In this study, we implemented a Fast Healthcare Interoperability Resources (FHIR)-based PHR transformation process including a user interface module to review the contents of PHRs. We used “My Health Bank, MHB”, a PHR data book developed and issued to all people by the Taiwan National Health Insurance, as the PHRs contents in this study. Network Time Protocol (NTP)/Simple Network Time Protocol (SNTP) was used in the security and user authentication mechanism when processing and applying personal health information. Transport Layer Security (TLS) 1.2 (such as HyperText Transfer Protocol Secure (HTTPS) was used for protection in data communication. User authentication is important in the platform. OAuth (OAuth 2.0) was used as a user authentication mechanism to confirm legitimate user access to ensure data security. The contents of MHB were analyzed and mapped to the FHIR, and then converted to FHIR format according to the mapping logic template. The function of format conversion was carried out by using ASP.NET. XPath and JSPath technologies filtered out specific information tags. The converted data structure was verified through an HL7 Application Programming Interface (HAPI) server, and a new JSON file was finally created. This platform can not only capture any PHR based on the FHIR format but also publish FHIR-based MHB records to any other platform to bridge the interoperability gap between different PHR systems. Therefore, our implementation/application with the automatic transformation from MHB to FHIR format provides an innovative method for people to access their own PHRs (MHB). No one has published a similar application like us using a nationwide PHR standard, MHB, in Taiwan. The application we developed will be very useful for a single person to use or for other system developers to implement their own standard PHR software.

Download Full-text

Lightweight Coap Based Authentication Scheme by Applying Two-Way Encryption for Secure Transmission

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.e3017.049620 ◽

2020 ◽

Vol 9 (6) ◽

pp. 404``-412

Keyword(s):

User Authentication ◽

Mutual Authentication ◽

Data Communication ◽

Data Encryption ◽

Security Threat ◽

Authentication Mechanism ◽

Iot Devices ◽

Lightweight Authentication ◽

Secure Authentication ◽

Secure Transmission

With the widespread popularity of the Internet of Things (IoT), different sectors-based applications are increasingly developed. One of the most popular application layer protocols is the Constrained Application Protocol (CoAP), and the necessity of ensuring data security in this layer is crucial. Moreover, attackers target the vulnerabilities of IoT to gain access to the system, which leads to a security threat and violate privacy. Typically, user authentication and data encryption are applied for securing data communication over a public channel between two or more participants. However, most of the existing solutions use cryptography for achieving security, with the exception of high computation cost. Hence, these solutions fail to satisfy the resource-constrained characteristics of IoT devices. Therefore, a lightweight security mechanism is required for achieving both secure transmission and better performance. This paper proposes a Lightweight Authentication with Two-way Encryption for Secure Transmission in CoAP Protocol (LATEST) that provides a secure transmission between the server and IoT devices. This mutual authentication mechanism uses ROT 18 Cipher with XoR operation and 128-bit AES based encryption for securing the data transmission. The ROT18 Cipher is a monoalphabetic substitution cipher, which is a combination of ROT13 and ROT5. The proposed scheme employs symmetric encryption in both client and server for ensuring secure authentication and mutually confirm each other identity. In addition, the proposed LATEST scheme ensures confidentiality and integrity by being resistant to replay attacks, impersonation attacks, and modification attacks. The experimental evaluation demonstrates that the proposed LATEST scheme is lightweight and provides better security compared to the existing scheme.

Download Full-text

Firewall Technologies

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2018.01.04 ◽

2018 ◽

Vol 7 (1) ◽

pp. 37-44

Author(s):

Cristinel Marius VASILE

Keyword(s):

Local Area Network ◽

Local Area ◽

The Internet ◽

Area Network ◽

Security Measures ◽

Security Risks ◽

Security Issues ◽

Security Measure ◽

Confidential Data ◽

Internal Network

Today, most businesses are based on a computer system, more or less developed. For daily activities the organization needs to be able to connect to the Internet, possibly from a local area network (LAN). But, once with the benefits of the Internet, there are also security risks that the organization must minimize by measures and appropriate controls. Among security issues arising from using the Internet include hacker attacks, computers infection with viruses, malware and spyware. In theory, hackers can enter inside the organization network and steal confidential data, damaging computers or the entire organization's local area network. In this sense, firewall implementation is a security measure needed to any organization. This paper presents firewall types and technologies, attacks on firewalls and some security measures on the internal network.

Download Full-text

Implementation of Event-Based Dynamic Authentication on MQTT Protocol

Jurnal Rekayasa Elektrika ◽

10.17529/jre.v15i2.13963 ◽

2019 ◽

Vol 15 (2) ◽

Author(s):

Rizka Reza Pahlevi ◽

Parman Sukarno ◽

Bayu Erfianto

Keyword(s):

Mutual Authentication ◽

Transport Layer ◽

Authentication Mechanism ◽

Security Attack ◽

Transport Layer Security ◽

Data Memory ◽

Authentication Security ◽

Event Based ◽

Registration Phase ◽

Dynamic Authentication

This paper proposes an authentication mechanism on the MQ Telemetry Transport (MQTT) protocol. The exchange of data in the IoT system became an important activity. The MQTT protocol is a fast and lightweight communication protocol for IoT. One of the problems with the MQTT protocol is that there is no security mechanism in the initial setup. One security attack may occur during the client registration phase. The client registration phase has a vulnerability to accept false clients due to the absence of an authentication mechanism. An authentication mechanism has been previously made using Transport Layer Security (TLS). However, the TLS mechanism consumes more than 100 KB of data memory and is not suitable for devices that have limitations. Therefore, a suitable authentication mechanism for constraint devices is required. This paper proposes a protocol for authentication mechanisms using dynamic and event-based authentication for the MQTT protocol. The eventbased is used to reduce the computing burden of constraint devices. Dynamic usage is intended to provide different authentication properties for each session so that it can improve authentication security. As results, the applied of the event-based dynamic authentication protocol was successful in the constraint devices of microcontrollers and broker. The microcontroller, as a client, is able to process the proposed protocol. The client uses 52% of the memory for the proposed protocol and only consumes 2% higher than the protocol without security. The broker can find authentic clients and constraint devices capable of computing to carry out mutual authentication processes to clients. The broker uses a maximum of 4.3 MB of real memory and a maximum CPU usage of 3.7%.

Download Full-text

Security Issues and Protective Measures of the Internet of Things Architecture

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.765-767.1007 ◽

2013 ◽

Vol 765-767 ◽

pp. 1007-1010

Author(s):

Yun Chang Sang ◽

Xin Gao

Keyword(s):

Internet Of Things ◽

Transport Layer ◽

The Internet ◽

Security Measures ◽

Security Threat ◽

Protective Measures ◽

Healthy Development ◽

Security Issues ◽

The Government ◽

The Internet Of Things

With the development of technology and applications of the Internet of Things, Things technology and industry being the attention from the government to enterprises and research institutions at different levels. The guarantee of Things safety is an important prerequisite to promote the healthy development of the Internet of Things. Articles oriented networking current mainstream architecture research from the three levels of perception layer, transport layer and application layer, the security threat of the Internet of Things, and appropriate security measures, provided for the establishment of the security architecture of the Internet of Things theoretical reference.

Download Full-text

A study on user authentication method using speaker authentication mechanism in login process

Korean Institute of Smart Media ◽

10.30693/smj.2019.8.3.23 ◽

2019 ◽

Vol 8 (3) ◽

pp. 23-30

Author(s):

Nam-Ho Kim ◽

Ji-Young Choi

Keyword(s):

User Authentication ◽

Authentication Mechanism ◽

Speaker Authentication

Download Full-text