Time Synchronism of Dynamic Password Status Authentication

2011 ◽  
Vol 179-180 ◽  
pp. 156-161
Author(s):  
Wei Jian Huang ◽  
Lin Feng Guo
Keyword(s):  
Time Synchronization ◽  
Difficult Problem ◽  
Internet Protocols ◽  
Problem Of Time ◽  
Security Issues ◽  
Transaction Process ◽  
Network Time ◽  
Network Time Protocol ◽  
Concrete Realization ◽  
Authentication Security

The e-commerce transaction process customers are most worried about is the security issues. Targeted e-commerce transaction authentication security that prevail in question time synchronization based on a dynamic password authentication technology, and gives a concrete realization of identity authentication process. The main advantage of this technology is a dynamic one-time passwords, and simple operation, transmission using RSA encryption algorithm. Network Time Protocol NTP for time synchronization of standard internet protocols, to solve the difficult problem of time synchronization.

scholarly journals Overview of Time Synchronization for IoT Deployments: Clock Discipline Algorithms and Protocols

Sensors ◽  
2020 ◽  
Vol 20 (20) ◽  
pp. 5928
Author(s):  
Hüseyin Yiğitler ◽  
Behnam Badihi ◽  
Riku Jäntti
Keyword(s):  
Time Synchronization ◽  
Clock Synchronization ◽  
Constrained Systems ◽  
Clock Model ◽  
Network Time ◽  
Expected Performance ◽  
The Everyday ◽  
Network Time Protocol ◽  
Synchronization Problems ◽  
Constrained Devices

Internet of Things (IoT) is expected to change the everyday life of its users by enabling data exchanges among pervasive things through the Internet. Such a broad aim, however, puts prohibitive constraints on applications demanding time-synchronized operation for the chronological ordering of information or synchronous execution of some tasks, since in general the networks are formed by entities of widely varying resources. On one hand, the existing contemporary solutions for time synchronization, such as Network Time Protocol, do not easily tailor to resource-constrained devices, and on the other, the available solutions for constrained systems do not extend well to heterogeneous deployments. In this article, the time synchronization problems for IoT deployments for applications requiring a coherent notion of time are studied. Detailed derivations of the clock model and various clock relation models are provided. The clock synchronization methods are also presented for different models, and their expected performance are derived and illustrated. A survey of time synchronization protocols is provided to aid the IoT practitioners to select appropriate components for a deployment. The clock discipline algorithms are presented in a tutorial format, while the time synchronization methods are summarized as a survey. Therefore, this paper is a holistic overview of the available time synchronization methods for IoT deployments.

scholarly journals Implementasi Sinkronisasi Waktu dengan Network Time Protocol untuk Pemantauan Keamanan Aktivitas Jaringan Telekomunikasi

2017 ◽  
Vol 5 (2) ◽  
pp. 175
Author(s):  
Ahmad Budi Setiawan
Keyword(s):  
Time Synchronization ◽  
Time Frame ◽  
Security Monitoring ◽  
Time Alignment ◽  
Electronic Transactions ◽  
Network Time ◽  
Alignment System ◽  
Telecommunications Network ◽  
Network Time Protocol ◽  
Time Standard

<p><strong>Abstrak</strong></p><p>          Penyelenggara Jaringan adalah menyediakan dan atau memberikan pelayanan jaringan yang memungkinkan terselenggaranya transaksi elektronik. Setiap penyelenggara jaringan diwajibkan untuk menyelaraskan waktu dalam transaksi elektronik. Tujuan dilakukannya penyelarasan waktu adalah untuk menyediakan waktu yang standar dan menyediakan acuan waktu untuk segala bentuk transaksi elektronik dengan prinsip keakuratan dan ketertelusuran. Sistem Penyelarasan Waktu Indonesia menggunakan prinsip ketertelusuran dan prinsip keakuratan. Protokol yang digunakan dalam penyelarasan waktu server di Indonesia berbasis Network Time Protocol. Kajian ini membahas mengenai implementasi sinkronisasi waktu dengan network time protocol sebagai salah satu bentuk pemantauan keamanan jaringan telekomunikasi. Metode yang digunakan dalam kajian ini adalah naratif deskriptif mengenai implementasi sinkronisasi waktu.Hasil kajian ini adalah masukan untuk kebijakan dalam keamanan transaksi elektronik melalui sinkronisasi waktu.</p><p> </p><p><em> </em><strong><em>Abstract</em></strong></p><p><em>Network providers are providing services or networks that enable the implementation of electronic transactions. Each network operator is required to align the time in electronic transactions. The purpose is to provide time alignment of the time standard and provide a time frame for all forms of electronic transactions with the principles of accuracy and traceability. Indonesian Time Alignment System uses the principle of traceability and accuracy principles. The protocols used in the alignment of the time server in Indonesia-based Network Time Protocol. This study discusses the implementation of time synchronization with a network time protocol as a form of telecommunications network security monitoring. The method used in this study is a descriptive narrative on the implementation of time synchronization. Results of this study are input to the policy in the security of electronic transactions through time synchronization</em></p>

A security study in Portuguese Public Hospitals - GDPR perspective (Preprint)

2020 ◽  
Author(s):  
Cátia Santos-Pereira
Keyword(s):  
Information Systems ◽  
Identity Management ◽  
Personal Data ◽  
Public Hospitals ◽  
Hospital Environment ◽  
Security Measures ◽  
Eu Member States ◽  
Security Issues ◽  
Management Processes ◽  
Authentication Security

BACKGROUND GDPR was scheduled to be formally adopted in 2016 with EU member states being given two years to implement it (May 2018). Given the sensitive nature of the personal data that healthcare organization process on a 24/7 basis, it is critical that the protection of that data in a hospital environment is given the high priority that data protection legislation (GDPR) requires. OBJECTIVE This study addresses the state of Public Portuguese hospitals regarding GDPR compliance in the moment of GDPR preparation period (2016-2018) before the enforcement in 25 May 2018, and what activities have started since then. The study focuses in three GDPR articles namely 5, 25 and 32, concerning authentication security, identity management processes and audit trail themes. METHODS The study was conducted between 2017 and 2019 in five Portuguese Public Hospitals (each different in complexity). In each hospital, six categories of information systems critical to health institutions were included in the study, trying to cover the main health information systems available and common to hospitals (ADT, EPR, PMS, RIS, LIS and DSS). It was conducted interviews in two phases (before and after GDPR enforcement) with the objective to identify the maturity of information systems of each hospital regarding authentication security, identity management processes and traceability and efforts in progress to avoid security issues. RESULTS A total of 5 hospitals were included in this study and the results of this study highlight the hospitals privacy maturity, in general, the hospitals studied where very far from complying with the security measures selected (before May 2018). Session account lock and password history policy were the poorest issues, and, on the other hand, store encrypted passwords was the best issue. With the enforcement of GDPR these hospitals started a set of initiatives to fill this gap, this is made specifically for means of making the whole process as transparent and trustworthy as possible and trying to avoid the huge fines. CONCLUSIONS We are still very far from having GDPR compliant systems and Institutions efforts are being done. The first step to align an organization with GDPR should be an initial audit of all system. This work collaborates with the initial security audit of the hospitals that belong to this study.

scholarly journals Security Vulnerability Assessment of Google Home Connection with an Internet of Things Device

Proceedings ◽  
2021 ◽  
Vol 74 (1) ◽  
pp. 1
Author(s):  
Hilal Çepik ◽  
Ömer Aydın ◽  
Gökhan Dalkılıç
Keyword(s):  
Internet Of Things ◽  
Vulnerability Assessment ◽  
Smart Home ◽  
Human Life ◽  
Computer Systems ◽  
Security Vulnerability ◽  
Network Time ◽  
Network Time Protocol ◽  
Home Systems

With virtual assistants, both changes and serious conveniences are provided in human life. For this reason, the use of virtual assistants is increasing. The virtual assistant software has started to be produced as separate devices as well as working on phones, tablets, and computer systems. Google Home is one of these devices. Google Home can work integrated with smart home systems and various Internet of Things devices. The security of these systems is an important issue. As a result of attackers taking over these systems, very serious problems may occur. It is very important to take the necessary actions to detect these problems and to take the necessary measures to prevent possible attacks. The purpose of this study is to test whether an attack that attackers can make to these systems via network time protocol will be successful or not. Accordingly, it has been tried to attack the wireless connection established between Google Home and an Internet of Things device over the network time protocol. Attack results have been shared.

NTP DRDoS Attack Vulnerability and Mitigation

2014 ◽  
Vol 644-650 ◽  
pp. 2875-2880
Author(s):  
A. Alfraih Abdulaziz Nasser ◽  
Wen Bo Chen
Keyword(s):  
Amplification Factor ◽  
Denial Of Service ◽  
Personal Computers ◽  
Distributed Network ◽  
Network Time ◽  
Hands On ◽  
Time Zones ◽  
Network Time Protocol ◽  
The Way

The Network Time Protocol (NTP) is used to synchronize clocks of various computer devices such as personal computers, tablets, and phones based their set time zones. The network of devices that use these NTP servers form a huge distributed network that attracted a number of attacks from late 2013 towards early 2014. This paper presents a hands-on test of the Distributed Reflection Denial of Service (DRDoS) attack by the monlist command, provides more vulnerability in the protocol, and offers mitigation to these vulnerabilities. A Kali Linux server was used to test the monlist command on its localhost. The results showed that a request with a size of 234 bytes got a response of 4,680 bytes. A busy NTP server can return up to 600 addresses which were theoretically calculated to return approximately 48 kilobytes in 100 packets. Consequently, this results in an amplification factor of 206×. The knowledge of the way the attack can be propagated was an important step in thwarting the attack and mitigating more such threats in the same protocol.

Sign in / Sign up

Export Citation Format

Share Document