Browsing by Subject "authentication"
Now showing 1 - 7 of 7
Results Per Page
Sort Options
Item Effect of Low Literacy on Password Formation Strategy as Impediment to Participation in Modern Life: Evaluation and Intervention Tutorial(2019) Livingston, Walter; Summers, Kathryn; Blodgett, Bridget; Division of Science, Information Arts and Technologies; Interaction Design and Information ArchitectureDespite widespread acknowledgement that they are an imperfect compromise, text passwords remain the most common method of authenticating user access to digital resources. Responsible stewardship of those resources, both for the protection of the user/accountholder, and for the protection of the agencies charged with the resources’ guardianship, has dictated that secure passwords evolve to near or beyond the practical limit for humans to compose and remember them. This thesis examines the degree to which low literacy interacts with these password requirements to create a barrier to participation in commerce and government safety net services. A tutorial video intervention was evaluated for effectiveness in creating more secure, more memorable passwords.Item Efficient Distributed Authentication for Intelligent Transportation Systems Using Mobile Devices(IEEE, 2024-03-27) Alshaeri, Abdulaziz; Younis, MohamedIntelligent Transportation Systems (ITS) opt to improve safety and efficiency by internetworking vehicles, road infrastructure, pedestrians, etc. Given the ad-hoc connectivity and dynamic topology of such a network, robust authentication of member nodes is essential. The authentication process should also suit the resource constrained ITS nodes. This paper proposes an efficient approach for Distributed Authentication for ITS (DAITS). DAITS employs drivers’ mobile devices to act as verifiers, and hence message authentication is provided in an as-a-service basis for the ITS nodes. Moreover, DAITS is a certificateless system, which deploys private smart contracts in a permissioned blockchain, for certifying nodes. Furthermore, the smart contracts store authentication tokens for the ITS nodes which ensure authentication between the ITS nodes and road infrastructure. DAITS relies on lightweight security primitives such as hash function, bitwise XOR, and Hash-based Message Authentication Code (HMAC). Extensive security analysis shows that DAITS can resist various security attacks. The simulation results demonstrate that DAITS is both resource-efficient and scalable, and outperforms competing schemes in terms of computation and communication overhead, and verification delay.Item Efficient Distributed Admission and Revocation using Blockchain for Cooperative ITS(IEEE, 2018) Lasla, Noureddine; Younis, Mohamed; Znaidi, Wassim; Arbia, Dhafer BenCooperative Intelligent Transportation System (C-ITS) enables inter-networking of vehicles for alerts exchanging in order to improve road safety. While this technology is about to enter the market in the upcoming years, critical questions related to the communication security continue to be challenging research concerns. Current solutions to secure inter-vehicle com-munication depend mainly on the use of digital certificates for authentication. However, such an approach imposes significant overhead on vehicles since it is computationally demanding and requires validation of the certificate within a limited period. In addition, relying on a central node for deciding on issuing and revoking certificates introduces a single point of failure and could even risk the safety of motorists. In this paper, we propose the use of Blockchain to keep track of the certificate of each vehicle (valid or revoked) in distributed and immutable records. In essence we replace certificate verification with a lightweight blockchain-based authentication approach. In addition, we pro-pose a fully distributed vehicle admission/revocation scheme. We show that our scheme could alleviate the computation overhead and enhance the response time while improving the overall system security.Item A Framework for Multi-mode Authentication: Overview and Implementation Guide(2003-08-01) Jansen, Wayne; Korolev, Vladimir; Gavrila, Serban I.; Heute, T.; Seveillac, ClementThe use of mobile handheld devices within the workplace is expanding rapidly. These devices are no longer viewed as coveted gadgets for early technology adopters, but have instead become indispensable tools that offer competitive business advantages for the mobile workforce. While these devices provide productivity benefits, they also pose new risks to an organization's security. Enabling adequate user authentication is the first line of defense against unauthorized use of a lost or stolen handheld device. Multiple modes of authentication increase the work factor needed to attack a device, however, few devices support more than one mode, usually password-based authentication. This report describes a general Multi-mode Authentication Framework (MAF) for applying organizational security policies, organized into distinct policy contexts known as echelons, among which a user may transition. The approach is aimed at helping users easily comply with their organization's security policy, yet be able to exercise a significant amount of flexibility and discretion. The design of the framework allows various types of authentication technologies to be incorporated readily and provides a simple interface for supporting different types policy enforcement mechanisms. Details of the implementation of the framework are provided, as well as two example authentications mechanisms.Item Personal Security Agent: KQML-based PKI(ACM, 1998-05-09) He, Qi; Sycara, Katia P.; Finin, Timothy W.Certificate management infrastructure, a.k.a. PKI (Public Key Infrastructure), which issues and provides access to public key certificates to preserve the integrity of a public key, is fundamental for electronic commerce and business across the Internet. To satisfy the requirements of various applications, PKI should demonstrate customization to user needs, interoperability and flexibility in its implementations so it can satisfy the needs of various applications. Particularly, due to the popularity of software agent-based applications over the Internet, security will be urgently needed by the “agent society”. We propose to implement the authority of authentication verification service systems as personal autonomous software agents, called security agents. In this paper, we present two aspects of KQML-based PKI: 1. the security agent concept and its functional modules; 2. an extension of KQML, which is needed for public key management and secure communications among security agents and application agents.Item Picture Password: A Visual Login Technique for Mobile Devices(2003-07-01) Jansen, Wayne; Gavrila, Serban I.; Korolev, Vladimir; Ayers, Richard P.; Swanstrom, RyanAdequate user authentication is a persistent problem, particularly with handheld devices, which tend to be highly personal and at the fringes of an organization's influence. Yet, these devices are being used increasingly in corporate settings where they pose a security risk, not only by containing sensitive information, but also by providing the means to access such information over wireless network interfaces. User authentication is the first line of defense against a lost or stolen PDA. However, motivating users to enable simple PIN or password mechanisms and periodically update their authentication information is a constant struggle. This paper describes a means to authenticate a user to a PDA using a visual login technique called Picture Password. The underlying rationale is that a method for login based on visual image selection is an easy and natural way for users to authenticate, removing the most serious barriers to users' compliance with corporate policy. While the technique was designed specifically for handheld devices, it is also suitable for notebooks, workstations, and other computational devices.Item RISK ANALYSIS OF THE DISCOVERABILITY OF PERSONAL DATA USED FOR PRIMARY AND SECONDARY AUTHENTICATION(2017-01-01) Richards, Kirsten E.; Norcio, Anthony F; Information Systems; Information SystemsPersonal data are frequently leveraged to create passwords for password based authentication systems. Personal data are also used in secondary authentication systems, particularly those based around a question and answer format. The use of personal data in authenticators is believed to be driven, to some degree, by usability. The antinomic proposition of usable system authentication, an easily remembered and usable scheme for the proper user which is simultaneously unknown and unusable to any other entity, historically proves to be an elusive goal. While alternative propositions for authentication protocols are numerous, lacking in literature is foundational work directly relating potential authenticators with the discoverability of personal data online. This dissertations investigates the discoverability of personal data, particularly whether another human is able to purposefully find particular personal data commonly used in authentication protocols. Between fifty and sixty participants provide search results for specific personal data regarding four additional participants. The four participants acted as a source for the personal data, consented to the web search and validated the accuracy of data supplied by the data seeking participants. Analyses of the results reveals consistent patterns in the personal data discovered. The results lay a foundation for the improvement of current authentication systems and provide a significant step in both methodology and recommendations to guide the development of alternatives with a goal towards the creation of usable, secure authentication systems. Furthermore, the results provide insight into the nature of privacy, user control of data and the availability of personal data on Web sources.