scholarly journals User Authentication Mechanism using Smartphone

2017 ◽  
Vol 21 (2) ◽  
pp. 301-308 ◽  
Author(s):  
Pil-seong Jeong ◽  
Yang-hyun Cho
Keyword(s):  
User Authentication ◽  
Authentication Mechanism

Enhanced authentication and key exchange for end to end security in mobile commerce using wireless public key infrastructure

2019 ◽  
Vol 48 (1) ◽  
pp. 14-22
Author(s):  
Krishna Prakasha ◽  
Balachandra Muniyal ◽  
Vasundhara Acharya
Keyword(s):  
User Authentication ◽  
Research Work ◽  
Public Key Infrastructure ◽  
Internet Security ◽  
Public Key ◽  
Sensitive Information ◽  
Content Type ◽  
Authentication Mechanism ◽  
End To End ◽  
Wireless Public Key Infrastructure

Purpose The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions, users and resources are located at different places, and the sensitive information is to be protected and transferred using the suitable, reliable mechanism. Design/methodology/approach One of the latest approach to handle the requirement is by a Public Key Infrastructure (PKI) or its variant Wireless Public Key Infrastructure (WPKI). Fundamental management techniques are required to be very secure and vital since they are one of the points of attack in public key cryptosystem. Entity authentication and key agreement (AKA) is a critical cryptographic problem in wireless communication, where a mutual entity authentication plays a vital role in the establishment of the secure and authentic connection. This paper proposes an efficient and enhanced AKA scheme (EAKA) with the end-to-end security and verifies the proposed system for protection using automated validation of internet security protocols and applications. An efficient way for the implementation of an enhanced version of the protocol is proposed using a lattice-based cryptographic algorithm. Findings The time consumed for the proposed research work shows that it is practical and acceptable. Originality/value The proposed research work is an efficient and enhanced user authentication mechanism.

scholarly journals Microservice Security Agent Based On API Gateway in Edge Computing

Sensors ◽  
2019 ◽  
Vol 19 (22) ◽  
pp. 4905 ◽  
Author(s):  
Rongxu Xu ◽  
Wenquan Jin ◽  
Dohyeun Kim
Keyword(s):  
Data Storage ◽  
User Authentication ◽  
Edge Computing ◽  
Security And Privacy ◽  
Agent Based ◽  
Computing Platform ◽  
Authentication Mechanism ◽  
Computing Paradigm ◽  
Security Agent ◽  
Secure Authentication

Internet of Things (IoT) devices are embedded with software, electronics, and sensors, and feature connectivity with constrained resources. They require the edge computing paradigm, with modular characteristics relying on microservices, to provide an extensible and lightweight computing framework at the edge of the network. Edge computing can relieve the burden of centralized cloud computing by performing certain operations, such as data storage and task computation, at the edge of the network. Despite the benefits of edge computing, it can lead to many challenges in terms of security and privacy issues. Thus, services that protect privacy and secure data are essential functions in edge computing. For example, the end user’s ownership and privacy information and control are separated, which can easily lead to data leakage, unauthorized data manipulation, and other data security concerns. Thus, the confidentiality and integrity of the data cannot be guaranteed and, so, more secure authentication and access mechanisms are required to ensure that the microservices are exposed only to authorized users. In this paper, we propose a microservice security agent to integrate the edge computing platform with the API gateway technology for presenting a secure authentication mechanism. The aim of this platform is to afford edge computing clients a practical application which provides user authentication and allows JSON Web Token (JWT)-based secure access to the services of edge computing. To integrate the edge computing platform with the API gateway, we implement a microservice security agent based on the open-source Kong in the EdgeX Foundry framework. Also to provide an easy-to-use approach with Kong, we implement REST APIs for generating new consumers, registering services, configuring access controls. Finally, the usability of the proposed approach is demonstrated by evaluating the round trip time (RTT). The results demonstrate the efficiency of the system and its suitability for real-world applications.

scholarly journals IoT and Blockchain Paradigms for EV Charging System

Energies ◽  
2019 ◽  
Vol 12 (15) ◽  
pp. 2987 ◽  
Author(s):  
Jose P. Martins ◽  
Joao C. Ferreira ◽  
Vitor Monteiro ◽  
Jose A. Afonso ◽  
Joao L. Afonso
Keyword(s):  
User Authentication ◽  
Research Work ◽  
Data Communication ◽  
Mobile App ◽  
Charging Infrastructure ◽  
Charging System ◽  
Shared Spaces ◽  
Authentication Mechanism ◽  
Shared Infrastructure ◽  
Ev Charging

In this research work, we apply the Internet of Things (IoT) paradigm with a decentralized blockchain approach to handle the electric vehicle (EV) charging process in shared spaces, such as condominiums. A mobile app handles the user authentication mechanism to initiate the EV charging process, where a set of sensors are used for measuring energy consumption, and based on a microcontroller, establish data communication with the mobile app. A blockchain handles financial transitions, and this approach can be replicated to other EV charging scenarios, such as public charging systems in a city, where the mobile device provides an authentication mechanism. A user interface was developed to visualize transactions, gather users’ preferences, and handle power charging limitations due to the usage of a shared infrastructure. The developed approach was tested in a shared space with three EVs using a charging infrastructure for a period of 3.5 months.

A Security Compliance Based Mobile User Authentication Scheme

2014 ◽  
Vol 989-994 ◽  
pp. 4514-4518
Author(s):  
Yi Fei Yuan ◽  
Lian Zhong Liu ◽  
Chun Yan Han
Keyword(s):  
User Authentication ◽  
Mobile User ◽  
Authentication Scheme ◽  
Bring Your Own Device ◽  
Fine Grained ◽  
Authentication Mechanism ◽  
Security Challenge ◽  
User Authentication Scheme ◽  
Security Compliance ◽  
Compliance Strategy

The BYOD (Bring Your Own Device) scenario puts traditional two-factor authentication into great security challenge. To strengthen the authentication in BYOD scenario, we propose a security compliance based mobile user authentication scheme, which includes a novel calculation method for device identifier, and a fine-grained compliance strategy and its management. The scheme provides a secure authentication mechanism for BYOD scenario and satisfies the requirements of device authentication in mobile user authentication.

scholarly journals MEAP, modified EAP protocol for WLAN authentication

2021 ◽  
Author(s):  
Xiaoying Guo
Keyword(s):  
User Authentication ◽  
Mutual Authentication ◽  
Access Point ◽  
Local Area ◽  
Transport Layer ◽  
Security Measures ◽  
Data Packets ◽  
Security Guards ◽  
Security Issues ◽  
Authentication Mechanism

Wireless networking is becoming increasingly popular. However, the use of Wireless Local Area Networks (WLAN) also creates many security issues that do not exist in a wired world. WLAN connection no longer requires cable. Instead, data packets are sent on the air and are available to anyone with the ability to intercept and decode them. Traditional physical security measures like firewalls and security guards are less efficient in this new domain. The IEEE has organized the 802.11i Task Group to address 802.11 security. To solve the user authentication problem, it adopted 802.1x standard. The standard relies on Extensible Authentication Protocol (EAP) to provide the authentication function. However, after the basic EAP authentication process, the Access Point (AP) still needs to be authenticated by the client. In order to implement mutual authentication, Protected EAP (PEAP), EAP-Transport Layer Security (TLS), EAP-Tunneled TLS (TTLS) or other variants of EAP are developed. But some [are] still weak in the authentication procedure. In this thesis, a new authentication mechanism called Modified EAP (MEAP) is proposed. MEAP is based on PEAP. MEAP adds a TLS layer on top of EAP, and then uses the resulting TLS session as a tunnel to protect the later Simple Password-authenticated Exponential Key Exchange (SPEKE), which is a strong password method. MEAP can provide mutual authentication to satisfy strong authentication requirements in WLAN.

Sign in / Sign up

Export Citation Format

Share Document