Science.gov

Sample records for authentication scheme based

  1. Revisiting Quantum Authentication Scheme Based on Entanglement Swapping

    NASA Astrophysics Data System (ADS)

    Naseri, Mosayeb

    2016-05-01

    The crucial issue of quantum communication protocol is its security. In this paper, the security of the Quantum Authentication Scheme Based on Entanglement Swapping proposed by Penghao et al. (Int J Theor Phys., doi: 10.1007/s10773-015-2662-7) is reanalyzed. It is shown that the original does not complete the task of quantum authentication and communication securely. Furthermore a simple improvement on the protocol is proposed.

  2. Biometrics based authentication scheme for session initiation protocol.

    PubMed

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

  3. Graph State-Based Quantum Group Authentication Scheme

    NASA Astrophysics Data System (ADS)

    Liao, Longxia; Peng, Xiaoqi; Shi, Jinjing; Guo, Ying

    2017-02-01

    Motivated by the elegant structure of the graph state, we design an ingenious quantum group authentication scheme, which is implemented by operating appropriate operations on the graph state and can solve the problem of multi-user authentication. Three entities, the group authentication server (GAS) as a verifier, multiple users as provers and the trusted third party Trent are included. GAS and Trent assist the multiple users in completing the authentication process, i.e., GAS is responsible for registering all the users while Trent prepares graph states. All the users, who request for authentication, encode their authentication keys on to the graph state by performing Pauli operators. It demonstrates that a novel authentication scheme can be achieved with the flexible use of graph state, which can synchronously authenticate a large number of users, meanwhile the provable security can be guaranteed definitely.

  4. A privacy authentication scheme based on cloud for medical environment.

    PubMed

    Chen, Chin-Ling; Yang, Tsai-Tung; Chiang, Mao-Lun; Shih, Tzay-Farn

    2014-11-01

    With the rapid development of the information technology, the health care technologies already became matured. Such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concerning issue. In spite of many literatures discussed about medical systems, these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a privacy authentication scheme based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples to use medical resources on the cloud environment to find medical advice conveniently. The digital signature is used to ensure the security of the medical information that is certified by the medical department in our proposed scheme.

  5. A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

    PubMed

    Lee, Tian-Fu; Liu, Chuan-Ming

    2013-06-01

    A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

  6. A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System.

    PubMed

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi; Wang, Chun-Cheng

    2015-11-01

    To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

  7. A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks.

    PubMed

    Chen, Huifang; Ge, Linlin; Xie, Lei

    2015-07-14

    The feature of non-infrastructure support in a wireless ad hoc network (WANET) makes it suffer from various attacks. Moreover, user authentication is the first safety barrier in a network. A mutual trust is achieved by a protocol which enables communicating parties to authenticate each other at the same time and to exchange session keys. For the resource-constrained WANET, an efficient and lightweight user authentication scheme is necessary. In this paper, we propose a user authentication scheme based on the self-certified public key system and elliptic curves cryptography for a WANET. Using the proposed scheme, an efficient two-way user authentication and secure session key agreement can be achieved. Security analysis shows that our proposed scheme is resilient to common known attacks. In addition, the performance analysis shows that our proposed scheme performs similar or better compared with some existing user authentication schemes.

  8. A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks

    PubMed Central

    Chen, Huifang; Ge, Linlin; Xie, Lei

    2015-01-01

    The feature of non-infrastructure support in a wireless ad hoc network (WANET) makes it suffer from various attacks. Moreover, user authentication is the first safety barrier in a network. A mutual trust is achieved by a protocol which enables communicating parties to authenticate each other at the same time and to exchange session keys. For the resource-constrained WANET, an efficient and lightweight user authentication scheme is necessary. In this paper, we propose a user authentication scheme based on the self-certified public key system and elliptic curves cryptography for a WANET. Using the proposed scheme, an efficient two-way user authentication and secure session key agreement can be achieved. Security analysis shows that our proposed scheme is resilient to common known attacks. In addition, the performance analysis shows that our proposed scheme performs similar or better compared with some existing user authentication schemes. PMID:26184224

  9. Password-based authenticated key exchange scheme using smart card

    NASA Astrophysics Data System (ADS)

    Liu, Hui; Zhong, Shaojun

    2013-03-01

    A protocol that allows any two entities to negotiate a shared session key is commonly called a key exchange protocol. If the protocol provides a function to authenticate each other, we call the protocol authenticated key exchange protocol (AKE). Password authentication key exchange (PAKE) is the AKE protocol in which the two entities share a humanmemorable password. Most of current PAKE relies on the existence of a public key infrastructure, which sometime is impossible for a certain environments such as low computational device due to the computation overhead. In this paper, we propose password-based authenticated key exchange using smart card. Compared to previous PAKE, our protocol is more efficient because our protocol is based on ECC. Thereby, the proposed protocol can be well applied to low computation device.

  10. A secure biometrics-based authentication scheme for telecare medicine information systems.

    PubMed

    Yan, Xiaopeng; Li, Weiheng; Li, Ping; Wang, Jiantao; Hao, Xinhong; Gong, Peng

    2013-10-01

    The telecare medicine information system (TMIS) allows patients and doctors to access medical services or medical information at remote sites. Therefore, it could bring us very big convenient. To safeguard patients' privacy, authentication schemes for the TMIS attracted wide attention. Recently, Tan proposed an efficient biometrics-based authentication scheme for the TMIS and claimed their scheme could withstand various attacks. However, in this paper, we point out that Tan's scheme is vulnerable to the Denial-of-Service attack. To enhance security, we also propose an improved scheme based on Tan's work. Security and performance analysis shows our scheme not only could overcome weakness in Tan's scheme but also has better performance.

  11. A rhythm-based authentication scheme for smart media devices.

    PubMed

    Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk

    2014-01-01

    In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

  12. A Rhythm-Based Authentication Scheme for Smart Media Devices

    PubMed Central

    Lee, Jae Dong; Park, Jong Hyuk

    2014-01-01

    In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience. PMID:25110743

  13. Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme

    PubMed Central

    Wang, Chengqi; Zhang, Xiao; Zheng, Zhiming

    2016-01-01

    With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.’s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks. PMID:26866606

  14. Improved dynamic ID-based authentication scheme for telecare medical information systems.

    PubMed

    Cao, Tianjie; Zhai, Jingxuan

    2013-04-01

    In order to protect users' identity privacy, Chen et al. proposed an efficient dynamic ID-based authentication scheme for telecare medical information systems. However, Chen et al.'s scheme has some weaknesses. In Chen et al.'s scheme, an attacker can track a user by a linkability attack or an off-line identity guessing attack. Chen et al.'s scheme is also vulnerable to an off-line password guessing attack and an undetectable on-line password guessing attack when user's smart card is stolen. In server side, Chen et al.'s scheme needs large computational load to authentication a legal user or reject an illegal user. To remedy the weaknesses in Chen et al.'s scheme, we propose an improved smart card based password authentication scheme. Our analysis shows that the improved scheme can overcome the weaknesses in Chen et al.'s scheme.

  15. Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

    PubMed

    An, Younghwa

    2012-01-01

    Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  16. A dynamic identity based authentication scheme using chaotic maps for telecare medicine information systems.

    PubMed

    Wang, Zhiheng; Huo, Zhanqiang; Shi, Wenbo

    2015-01-01

    With rapid development of computer technology and wide use of mobile devices, the telecare medicine information system has become universal in the field of medical care. To protect patients' privacy and medial data's security, many authentication schemes for the telecare medicine information system have been proposed. Due to its better performance, chaotic maps have been used in the design of authentication schemes for the telecare medicine information system. However, most of them cannot provide user's anonymity. Recently, Lin proposed a dynamic identity based authentication scheme using chaotic maps for the telecare medicine information system and claimed that their scheme was secure against existential active attacks. In this paper, we will demonstrate that their scheme cannot provide user anonymity and is vulnerable to the impersonation attack. Further, we propose an improved scheme to fix security flaws in Lin's scheme and demonstrate the proposed scheme could withstand various attacks.

  17. A chaotic map-based authentication scheme for telecare medicine information systems.

    PubMed

    Hao, Xinhong; Wang, Jiantao; Yang, Qinghai; Yan, Xiaopeng; Li, Ping

    2013-04-01

    With the development of Internet, patients could enjoy health-care delivery services through telecare medicine information systems (TMIS) in their home. To control the access to remote medical servers' resources, many authentication schemes using smart cards have been proposed. However, the performance of these schemes is not satisfactory since modular exponential operations are used in these schemes. In the paper, we propose a chaotic map-based authentication scheme for telecare medicine information systems. The security and performance analysis shows our scheme is more suitable for TMIS.

  18. Enhancing of a Password-Based Authentication Scheme Using Smart Cards

    NASA Astrophysics Data System (ADS)

    Lee, Youngsook; Won, Dongho

    A password based remote user authentication scheme is a two-party protocol whereby an authentication server in a distributed system confirms the identity of a remote individual logging on to the server over an untrusted, open network. This paper discusses the security of Chen et al.'s remote user authentication scheme making use of smart cards. They have recently presented an improved version of Lin, Shen, and Hwang's scheme. But, unlike their claims, in Chen et al.'s scheme, if an attacker gains access to some user's smart card and extracts the information stored in the smart card, he/she can easily find out the user's password. We show this by mounting a dictionary attack on the scheme. In addition, Chen et al.'s scheme does not support its main security goal of authenticating between a remote individual and the server. This is shown via a sever impersonation attack on the scheme. Motivated by these security flaws, we propose a more secure remote user authentication scheme that achieves both two-factor security and mutual authentication.

  19. An improved biometrics-based remote user authentication scheme with user anonymity.

    PubMed

    Khan, Muhammad Khurram; Kumari, Saru

    2013-01-01

    The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An's scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An's scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

  20. An improved biometrics-based authentication scheme for telecare medical information systems.

    PubMed

    Guo, Dianli; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2015-03-01

    Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients' privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.'s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed scheme through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

  1. An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem.

    PubMed

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2015-03-01

    The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

  2. A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth.

    PubMed

    Jiang, Qi; Lian, Xinxin; Yang, Chao; Ma, Jianfeng; Tian, Youliang; Yang, Yuanyuan

    2016-11-01

    Wireless body area networks (WBANs) have become one of the key components of mobile health (mHealth) which provides 24/7 health monitoring service and greatly improves the quality and efficiency of healthcare. However, users' concern about the security and privacy of their health information has become one of the major obstacles that impede the wide adoption of WBANs. Anonymous and unlinkable authentication is critical to protect the security and privacy of sensitive physiological information in transit from the client to the application provider. We first show that the anonymous authentication scheme of Wang and Zhang based on bilinear pairing is prone to client impersonation attack. Then, we propose an enhanced anonymous authentication scheme to remedy the flaw in Wang and Zhang's scheme. We give the security analysis to demonstrate that the enhanced scheme achieves the desired security features and withstands various known attacks.

  3. A provably-secure ECC-based authentication scheme for wireless sensor networks.

    PubMed

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-11-06

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

  4. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    PubMed Central

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

  5. Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.

    PubMed

    Yau, Wei-Chuen; Phan, Raphael C-W

    2013-12-01

    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

  6. Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

    PubMed

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

    2014-05-01

    Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

  7. Robust ECC-based authenticated key agreement scheme with privacy protection for Telecare medicine information systems.

    PubMed

    Zhang, Liping; Zhu, Shaohui

    2015-05-01

    To protect the transmission of the sensitive medical data, a secure and efficient authenticated key agreement scheme should be deployed when the healthcare delivery session is established via Telecare Medicine Information Systems (TMIS) over the unsecure public network. Recently, Islam and Khan proposed an authenticated key agreement scheme using elliptic curve cryptography for TMIS. They claimed that their proposed scheme is provably secure against various attacks in random oracle model and enjoys some good properties such as user anonymity. In this paper, however, we point out that any legal but malicious patient can reveal other user's identity. Consequently, their scheme suffers from server spoofing attack and off-line password guessing attack. Moreover, if the malicious patient performs the same time of the registration as other users, she can further launch the impersonation attack, man-in-the-middle attack, modification attack, replay attack, and strong replay attack successfully. To eliminate these weaknesses, we propose an improved ECC-based authenticated key agreement scheme. Security analysis demonstrates that the proposed scheme can resist various attacks and enables the patient to enjoy the remote healthcare services with privacy protection. Through the performance evaluation, we show that the proposed scheme achieves a desired balance between security and performance in comparisons with other related schemes.

  8. A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks

    PubMed Central

    Zhang, Ruisheng; Liu, Qidong

    2017-01-01

    Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research. PMID:28135288

  9. A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks.

    PubMed

    Liu, Xin; Zhang, Ruisheng; Liu, Qidong

    2017-01-01

    Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research.

  10. On the security flaws in ID-based password authentication schemes for telecare medical information systems.

    PubMed

    Mishra, Dheerendra

    2015-01-01

    Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

  11. Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment.

    PubMed

    Chiou, Shin-Yan; Ying, Zhaoqin; Liu, Junqiang

    2016-04-01

    Medical systems allow patients to receive care at different hospitals. However, this entails considerable inconvenience through the need to transport patients and their medical records between hospitals. The development of Telecare Medicine Information Systems (TMIS) makes it easier for patients to seek medical treatment and to store and access medical records. However, medical data stored in TMIS is not encrypted, leaving patients' private data vulnerable to external leaks. In 2014, scholars proposed a new cloud-based medical information model and authentication scheme which would not only allow patients to remotely access medical services but also protects patient privacy. However, this scheme still fails to provide patient anonymity and message authentication. Furthermore, this scheme only stores patient medical data, without allowing patients to directly access medical advice. Therefore, we propose a new authentication scheme, which provides anonymity, unlinkability, and message authentication, and allows patients to directly and remotely consult with doctors. In addition, our proposed scheme is more efficient in terms of computation cost. The proposed system was implemented in Android system to demonstrate its workability.

  12. Secure biometric image sensor and authentication scheme based on compressed sensing.

    PubMed

    Suzuki, Hiroyuki; Suzuki, Masamichi; Urabe, Takuya; Obi, Takashi; Yamaguchi, Masahiro; Ohyama, Nagaaki

    2013-11-20

    It is important to ensure the security of biometric authentication information, because its leakage causes serious risks, such as replay attacks using the stolen biometric data, and also because it is almost impossible to replace raw biometric information. In this paper, we propose a secure biometric authentication scheme that protects such information by employing an optical data ciphering technique based on compressed sensing. The proposed scheme is based on two-factor authentication, the biometric information being supplemented by secret information that is used as a random seed for a cipher key. In this scheme, a biometric image is optically encrypted at the time of image capture, and a pair of restored biometric images for enrollment and verification are verified in the authentication server. If any of the biometric information is exposed to risk, it can be reenrolled by changing the secret information. Through numerical experiments, we confirm that finger vein images can be restored from the compressed sensing measurement data. We also present results that verify the accuracy of the scheme.

  13. A Selective Group Authentication Scheme for IoT-Based Medical Information System.

    PubMed

    Park, YoHan; Park, YoungHo

    2017-04-01

    The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir's threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

  14. A fingerprint encryption scheme based on irreversible function and secure authentication.

    PubMed

    Yang, Yijun; Yu, Jianping; Zhang, Peng; Wang, Shulan

    2015-01-01

    A fingerprint encryption scheme based on irreversible function has been designed in this paper. Since the fingerprint template includes almost the entire information of users' fingerprints, the personal authentication can be determined only by the fingerprint features. This paper proposes an irreversible transforming function (using the improved SHA1 algorithm) to transform the original minutiae which are extracted from the thinned fingerprint image. Then, Chinese remainder theorem is used to obtain the biokey from the integration of the transformed minutiae and the private key. The result shows that the scheme has better performance on security and efficiency comparing with other irreversible function schemes.

  15. A Fingerprint Encryption Scheme Based on Irreversible Function and Secure Authentication

    PubMed Central

    Yu, Jianping; Zhang, Peng; Wang, Shulan

    2015-01-01

    A fingerprint encryption scheme based on irreversible function has been designed in this paper. Since the fingerprint template includes almost the entire information of users' fingerprints, the personal authentication can be determined only by the fingerprint features. This paper proposes an irreversible transforming function (using the improved SHA1 algorithm) to transform the original minutiae which are extracted from the thinned fingerprint image. Then, Chinese remainder theorem is used to obtain the biokey from the integration of the transformed minutiae and the private key. The result shows that the scheme has better performance on security and efficiency comparing with other irreversible function schemes. PMID:25873989

  16. Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

    PubMed

    Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

    2015-01-01

    Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

  17. Robust Biometrics Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

    PubMed Central

    Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

    2015-01-01

    Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.’s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes. PMID:25978373

  18. Authentication and data hiding using a hybrid ROI-based watermarking scheme for DICOM images.

    PubMed

    Al-Qershi, Osamah M; Khoo, Bee Ee

    2011-02-01

    Authenticating medical images using watermarking techniques has become a very popular area of research, and some works in this area have been reported worldwide recently. Besides authentication, many data-hiding techniques have been proposed to conceal patient's data into medical images aiming to reduce the cost needed to store data and the time needed to transmit data when required. In this paper, we present a new hybrid watermarking scheme for DICOM images. In our scheme, two well-known techniques are combined to gain the advantages of both and fulfill the requirements of authentication and data hiding. The scheme divides the images into two parts, the region of interest (ROI) and the region of non-interest (RONI). Patient's data are embedded into ROI using a reversible technique based on difference expansion, while tamper detection and recovery data are embedded into RONI using a robust technique based on discrete wavelet transform. The experimental results show the ability of hiding patient's data with a very good visual quality, while ROI, the most important area for diagnosis, is retrieved exactly at the receiver side. The scheme also shows some robustness against certain levels of salt and pepper and cropping noise.

  19. Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems.

    PubMed

    Jiang, Qi; Ma, Jianfeng; Lu, Xiang; Tian, Youliang

    2014-02-01

    To ensure only authorized access to medical services, several authentication schemes for telecare medicine information systems (TMIS) have been proposed in the literature. Due to its better performance than traditional cryptography, Hao et al. proposed an authentication scheme for TMIS using chaotic map based cryptography. They claimed that their scheme could resist various attacks, including the smart card stolen attack. However, we identify that their scheme is vulnerable to the stolen smart card attack. The reason causing the stolen smart card attack is that the scheme is designed based on the assumption that the scheme itself achieves user untraceability. Then, we propose a robust authentication and key agreement scheme. Compared with the previous schemes, our scheme not only enjoys more security features, but also has better efficiency. Our analysis indicates that designing a two-factor authentication scheme based on the assumption that privacy protection is achieved in the scheme itself may pose potential security risks. The lesson learned is that, we should avoid this situation in the future design of two-factor authentication schemes.

  20. A QR code based zero-watermarking scheme for authentication of medical images in teleradiology cloud.

    PubMed

    Seenivasagam, V; Velumani, R

    2013-01-01

    Healthcare institutions adapt cloud based archiving of medical images and patient records to share them efficiently. Controlled access to these records and authentication of images must be enforced to mitigate fraudulent activities and medical errors. This paper presents a zero-watermarking scheme implemented in the composite Contourlet Transform (CT)-Singular Value Decomposition (SVD) domain for unambiguous authentication of medical images. Further, a framework is proposed for accessing patient records based on the watermarking scheme. The patient identification details and a link to patient data encoded into a Quick Response (QR) code serves as the watermark. In the proposed scheme, the medical image is not subjected to degradations due to watermarking. Patient authentication and authorized access to patient data are realized on combining a Secret Share with the Master Share constructed from invariant features of the medical image. The Hu's invariant image moments are exploited in creating the Master Share. The proposed system is evaluated with Checkmark software and is found to be robust to both geometric and non geometric attacks.

  1. A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

    PubMed

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

    2016-11-01

    Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

  2. A robust and novel dynamic-ID-based authentication scheme for care team collaboration with smart cards.

    PubMed

    Chang, Ya-Fen; Chen, Chia-Chen; Chang, Pei-Yu

    2013-04-01

    Nowadays, users/patients may gain desired medical services on-line because of the rapid development of computer network technologies. Conventional healthcare services are provided by a single server. However, care team collaboration by integrating services is the key to improve financial and clinical performance. How a user/patient accesses desired medical services provided by multiple servers becomes a challenge to realize care team collaboration. User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In this paper, we first discuss the perceived security drawbacks of pervasive smart-card-based remote user authentication schemes. Then, we propose a novel dynamic-ID-based user authentication scheme based on elliptic curve cryptosystem (ECC) for multi-server environment with smart cards. The proposed scheme ensures user anonymity and computational efficiency and complies with essential requirements of a secure smart-card-based authentication scheme for multi-server environment to enable care team collaboration.

  3. On the security of a dynamic ID-based authentication scheme for telecare medical information systems.

    PubMed

    Lin, Han-Yu

    2013-04-01

    Telecare medical information systems (TMISs) are increasingly popular technologies for healthcare applications. Using TMISs, physicians and caregivers can monitor the vital signs of patients remotely. Since the database of TMISs stores patients' electronic medical records (EMRs), only authorized users should be granted the access to this information for the privacy concern. To keep the user anonymity, recently, Chen et al. proposed a dynamic ID-based authentication scheme for telecare medical information system. They claimed that their scheme is more secure and robust for use in a TMIS. However, we will demonstrate that their scheme fails to satisfy the user anonymity due to the dictionary attacks. It is also possible to derive a user password in case of smart card loss attacks. Additionally, an improved scheme eliminating these weaknesses is also presented.

  4. Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

    PubMed

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Xie, Dong; Yang, Yixian

    2015-06-01

    The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

  5. A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

    PubMed

    Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

    2013-06-01

    The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

  6. Cryptanalysis and improvement of Yan et al.'s biometric-based authentication scheme for telecare medicine information systems.

    PubMed

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Chaturvedi, Ankita; Kumari, Saru; Khan, Muhammad Khurram

    2014-06-01

    Remote user authentication is desirable for a Telecare Medicine Information System (TMIS) for the safety, security and integrity of transmitted data over the public channel. In 2013, Tan presented a biometric based remote user authentication scheme and claimed that his scheme is secure. Recently, Yan et al. demonstrated some drawbacks in Tan's scheme and proposed an improved scheme to erase the drawbacks of Tan's scheme. We analyze Yan et al.'s scheme and identify that their scheme is vulnerable to off-line password guessing attack, and does not protect anonymity. Moreover, in their scheme, login and password change phases are inefficient to identify the correctness of input where inefficiency in password change phase can cause denial of service attack. Further, we design an improved scheme for TMIS with the aim to eliminate the drawbacks of Yan et al.'s scheme.

  7. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

    PubMed

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

  8. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

    PubMed Central

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

  9. An authenticated image encryption scheme based on chaotic maps and memory cellular automata

    NASA Astrophysics Data System (ADS)

    Bakhshandeh, Atieh; Eslami, Ziba

    2013-06-01

    This paper introduces a new image encryption scheme based on chaotic maps, cellular automata and permutation-diffusion architecture. In the permutation phase, a piecewise linear chaotic map is utilized to confuse the plain-image and in the diffusion phase, we employ the Logistic map as well as a reversible memory cellular automata to obtain an efficient and secure cryptosystem. The proposed method admits advantages such as highly secure diffusion mechanism, computational efficiency and ease of implementation. A novel property of the proposed scheme is its authentication ability which can detect whether the image is tampered during the transmission or not. This is particularly important in applications where image data or part of it contains highly sensitive information. Results of various analyses manifest high security of this new method and its capability for practical image encryption.

  10. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

    PubMed Central

    Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

    2016-01-01

    In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes. PMID:27537890

  11. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

    PubMed

    Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

    2016-08-16

    In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

  12. An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems.

    PubMed

    Lee, Tian-Fu

    2013-12-01

    A smartcard-based authentication and key agreement scheme for telecare medicine information systems enables patients, doctors, nurses and health visitors to use smartcards for secure login to medical information systems. Authorized users can then efficiently access remote services provided by the medicine information systems through public networks. Guo and Chang recently improved the efficiency of a smartcard authentication and key agreement scheme by using chaotic maps. Later, Hao et al. reported that the scheme developed by Guo and Chang had two weaknesses: inability to provide anonymity and inefficient double secrets. Therefore, Hao et al. proposed an authentication scheme for telecare medicine information systems that solved these weaknesses and improved performance. However, a limitation in both schemes is their violation of the contributory property of key agreements. This investigation discusses these weaknesses and proposes a new smartcard-based authentication and key agreement scheme that uses chaotic maps for telecare medicine information systems. Compared to conventional schemes, the proposed scheme provides fewer weaknesses, better security, and more efficiency.

  13. Privacy Protection for Telecare Medicine Information Systems Using a Chaotic Map-Based Three-Factor Authenticated Key Agreement Scheme.

    PubMed

    Zhang, Liping; Zhu, Shaohui; Tang, Shanyu

    2017-03-01

    Telecare medicine information systems (TMIS) provide flexible and convenient e-health care. However, the medical records transmitted in TMIS are exposed to unsecured public networks, so TMIS are more vulnerable to various types of security threats and attacks. To provide privacy protection for TMIS, a secure and efficient authenticated key agreement scheme is urgently needed to protect the sensitive medical data. Recently, Mishra et al. proposed a biometrics-based authenticated key agreement scheme for TMIS by using hash function and nonce, they claimed that their scheme could eliminate the security weaknesses of Yan et al.'s scheme and provide dynamic identity protection and user anonymity. In this paper, however, we demonstrate that Mishra et al.'s scheme suffers from replay attacks, man-in-the-middle attacks and fails to provide perfect forward secrecy. To overcome the weaknesses of Mishra et al.'s scheme, we then propose a three-factor authenticated key agreement scheme to enable the patient to enjoy the remote healthcare services via TMIS with privacy protection. The chaotic map-based cryptography is employed in the proposed scheme to achieve a delicate balance of security and performance. Security analysis demonstrates that the proposed scheme resists various attacks and provides several attractive security properties. Performance evaluation shows that the proposed scheme increases efficiency in comparison with other related schemes.

  14. An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

    PubMed Central

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-01-01

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged. PMID:23887085

  15. An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

    PubMed

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-07-24

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

  16. Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

    PubMed

    Li, Xiong; Niu, Jianwei; Karuppiah, Marimuthu; Kumari, Saru; Wu, Fan

    2016-12-01

    Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

  17. An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.

    PubMed

    Moon, Jongho; Choi, Younsung; Kim, Jiye; Won, Dongho

    2016-03-01

    Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.

  18. Strong authentication scheme for telecare medicine information systems.

    PubMed

    Pu, Qiong; Wang, Jian; Zhao, Rongyong

    2012-08-01

    The telecare medicine information system enables or supports health-care delivery services. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. In this paper, we propose a generic construction of smart-card-based password authentication protocol and prove its security. The proposed framework is superior to previous schemes in three following aspects : (1) our scheme is a true two-factor authentication scheme. (2) our scheme can yield a forward secure two-factor authentication scheme with user anonymity when appropriately instantiated. (3) our scheme utilizes each user's unique identity to accomplish the user authentication and does not need to store or verify others's certificates. And yet, our scheme is still reasonably efficient and can yield such a concrete scheme that is even more efficient than previous schemes. Therefore the end result is more practical for the telecare medicine system.

  19. A password-based user authentication scheme for the integrated EPR information system.

    PubMed

    Wu, Zhen-Yu; Chung, Yufang; Lai, Feipei; Chen, Tzer-Shyong

    2012-04-01

    With the rapid development of the Internet, digitization and electronic orientation are required in various applications of our daily life. For e-medicine, establishing Electronic patient records (EPRs) for all the patients has become the top issue during the last decade. Simultaneously, constructing an integrated EPR information system of all the patients is beneficial because it can provide medical institutions and the academia with most of the patients' information in details for them to make correct decisions and clinical decisions, to maintain and analyze patients' health. Also beneficial to doctors and scholars, the EPR system can give them record linkage for researches, payment audits, or other services bound to be developed and integrated into medicine. To tackle the illegal access and to prevent the information from theft during transmission over the insecure Internet, we propose a password-based user authentication scheme suitable for information integration.

  20. A Smartcard-Based User Authentication Scheme to Ensure the PFS in Multi-Server Environments

    NASA Astrophysics Data System (ADS)

    Lee, Yun-Seok; Kim, Eun; Seok, Seung-Joon; Jung, Min-Soo

    Nowadays, a user authentication is very important in network environments. For safe authentication, they came up with six essential conditions in earlier studies. And a variety of mechanisms is presented by research scientists. However, they could not achieve the PFS. Because, though all these schemes are assumed that the communication between a smart card and a host is safe, actually it is not. Therefore, in this paper, we will point out what the communication between a smart card and a host is not safe, and propose a new user authentication mechanism that can reach to the PFS. And also, an encryption algorithm is used about 45% less than earlier studies in our proposed scheme. Thus, we can say that enhance the efficiency.

  1. An improved authentication scheme for telecare medicine information systems.

    PubMed

    Wei, Jianghong; Hu, Xuexian; Liu, Wenfen

    2012-12-01

    The telecare medicine information system enables or supports health-care delivery services. In order to safeguard patients' privacy, such as telephone number, medical record number, health information, etc., a secure authentication scheme will thus be in demand. Recently, Wu et al. proposed a smart card based password authentication scheme for the telecare medicine information system. Later, He et al. pointed out that Wu et al.'s scheme could not resist impersonation attacks and insider attacks, and then presented a new scheme. In this paper, we show that both of them fail to achieve two-factor authentication as smart card based password authentication schemes should achieve. We also propose an improved authentication scheme for the telecare medicine information system, and demonstrate that the improved one satisfies the security requirements of two-factor authentication and is also efficient.

  2. A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

    PubMed

    Das, Ashok Kumar

    2015-03-01

    An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

  3. Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems.

    PubMed

    Lee, Tian-Fu

    2014-12-01

    Telecare medicine information systems provide a communicating platform for accessing remote medical resources through public networks, and help health care workers and medical personnel to rapidly making correct clinical decisions and treatments. An authentication scheme for data exchange in telecare medicine information systems enables legal users in hospitals and medical institutes to establish a secure channel and exchange electronic medical records or electronic health records securely and efficiently. This investigation develops an efficient and secure verified-based three-party authentication scheme by using extended chaotic maps for data exchange in telecare medicine information systems. The proposed scheme does not require server's public keys and avoids time-consuming modular exponential computations and scalar multiplications on elliptic curve used in previous related approaches. Additionally, the proposed scheme is proven secure in the random oracle model, and realizes the lower bounds of messages and rounds in communications. Compared to related verified-based approaches, the proposed scheme not only possesses higher security, but also has lower computational cost and fewer transmissions.

  4. An Enhanced Secure Authentication Scheme with Anonymity for Wireless Environments

    NASA Astrophysics Data System (ADS)

    Jeon, Woongryul; Kim, Jeeyeon; Nam, Junghyun; Lee, Youngsook; Won, Dongho

    As anonymity increasingly becomes a necessary and legitimate aim in many applications, a number of anonymous authentication schemes have been suggested over the years. Among the many schemes is Lee and Kwon's password-based authentication scheme for wireless environments. Compared with previous schemes, Lee and Kwon's scheme not only improves anonymity by employing random temporary IDs but also provides user-friendliness by allowing human-memorable passwords. In this letter, we point out that Lee and Kwon's scheme, despite its many merits, is vulnerable to off-line password guessing attacks and a forgery attack. In addition, we show how to eliminate these vulnerabilities.

  5. A privacy enhanced authentication scheme for telecare medical information systems.

    PubMed

    Jiang, Qi; Ma, Jianfeng; Ma, Zhuo; Li, Guangsong

    2013-02-01

    The telecare medical information system (TMIS) aims to establish telecare services and enable the public to access medical services or medical information at remote sites. Authentication and key agreement is essential to ensure data integrity, confidentiality, and availability for TMIS. Most recently, Chen et al. proposed an efficient and secure dynamic ID-based authentication scheme for TMIS, and claimed that their scheme achieves user anonymity. However, we observe that Chen et al.'s scheme achieves neither anonymity nor untraceability, and is subject to the identity guessing attack and tracking attack. In order to protect user privacy, we propose an enhanced authentication scheme which achieves user anonymity and untraceablity. It is a secure and efficient authentication scheme with user privacy preservation which is practical for TMIS.

  6. A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

    PubMed

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

    2014-09-01

    Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

  7. An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

    PubMed

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

    2015-11-01

    In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

  8. Robust anonymous authentication scheme for telecare medical information systems.

    PubMed

    Xie, Qi; Zhang, Jun; Dong, Na

    2013-04-01

    Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

  9. Efficient asymmetric image authentication schemes based on photon counting-double random phase encoding and RSA algorithms.

    PubMed

    Moon, Inkyu; Yi, Faliu; Han, Mingu; Lee, Jieun

    2016-06-01

    Recently, double random phase encoding (DRPE) has been integrated with the photon counting (PC) imaging technique for the purpose of secure image authentication. In this scheme, the same key should be securely distributed and shared between the sender and receiver, but this is one of the most vexing problems of symmetric cryptosystems. In this study, we propose an efficient asymmetric image authentication scheme by combining the PC-DRPE and RSA algorithms, which solves key management and distribution problems. The retrieved image from the proposed authentication method contains photon-limited encrypted data obtained by means of PC-DRPE. Therefore, the original image can be protected while the retrieved image can be efficiently verified using a statistical nonlinear correlation approach. Experimental results demonstrate the feasibility of our proposed asymmetric image authentication method.

  10. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

    PubMed Central

    Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

  11. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    PubMed

    Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  12. An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

    PubMed

    Das, Ashok Kumar; Bruhadeshwar, Bezawada

    2013-10-01

    Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

  13. An interference-based optical authentication scheme using two phase-only masks with different diffraction distances

    NASA Astrophysics Data System (ADS)

    Lu, Dajiang; He, Wenqi; Liao, Meihua; Peng, Xiang

    2017-02-01

    A new method to eliminate the security risk of the well-known interference-based optical cryptosystem is proposed. In this method, which is suitable for security authentication application, two phase-only masks are separately placed at different distances from the output plane, where a certification image (public image) can be obtained. To further increase the security and flexibility of this authentication system, we employ one more validation image (secret image), which can be observed at another output plane, for confirming the identity of the user. Only if the two correct masks are properly settled at their positions one could obtain two significant images. Besides, even if the legal users exchange their masks (keys), the authentication process will fail and the authentication results will not reveal any information. Numerical simulations are performed to demonstrate the validity and security of the proposed method.

  14. A Survey of Authentication Schemes in Telecare Medicine Information Systems.

    PubMed

    Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

    2017-01-01

    E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

  15. A remote password authentication scheme for multiserver architecture using neural networks.

    PubMed

    Li, L H; Lin, L C; Hwang, M S

    2001-01-01

    Conventional remote password authentication schemes allow a serviceable server to authenticate the legitimacy of a remote login user. However, these schemes are not used for multiserver architecture environments. We present a remote password authentication scheme for multiserver environments. The password authentication system is a pattern classification system based on an artificial neural network. In this scheme, the users only remember user identity and password numbers to log in to various servers. Users can freely choose their password. Furthermore, the system is not required to maintain a verification table and can withstand the replay attack.

  16. dLocAuth: a dynamic multifactor authentication scheme for mCommerce applications using independent location-based obfuscation

    NASA Astrophysics Data System (ADS)

    Kuseler, Torben; Lami, Ihsan A.

    2012-06-01

    This paper proposes a new technique to obfuscate an authentication-challenge program (named LocProg) using randomly generated data together with a client's current location in real-time. LocProg can be used to enable any handsetapplication on mobile-devices (e.g. mCommerce on Smartphones) that requires authentication with a remote authenticator (e.g. bank). The motivation of this novel technique is to a) enhance the security against replay attacks, which is currently based on using real-time nonce(s), and b) add a new security factor, which is location verified by two independent sources, to challenge / response methods for authentication. To assure a secure-live transaction, thus reducing the possibility of replay and other remote attacks, the authors have devised a novel technique to obtain the client's location from two independent sources of GPS on the client's side and the cellular network on authenticator's side. The algorithm of LocProg is based on obfuscating "random elements plus a client's data" with a location-based key, generated on the bank side. LocProg is then sent to the client and is designed so it will automatically integrate into the target application on the client's handset. The client can then de-obfuscate LocProg if s/he is within a certain range around the location calculated by the bank and if the correct personal data is supplied. LocProg also has features to protect against trial/error attacks. Analysis of LocAuth's security (trust, threat and system models) and trials based on a prototype implementation (on Android platform) prove the viability and novelty of LocAuth.

  17. Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

    PubMed

    Mishra, Dheerendra

    2015-03-01

    Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

  18. A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

    PubMed

    Mishra, Raghavendra; Barnwal, Amit Kumar

    2015-05-01

    The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

  19. A Privacy-Protecting Authentication Scheme for Roaming Services with Smart Cards

    NASA Astrophysics Data System (ADS)

    Son, Kyungho; Han, Dong-Guk; Won, Dongho

    In this work we propose a novel smart card based privacy-protecting authentication scheme for roaming services. Our proposal achieves so-called Class 2 privacy protection, i.e., no information identifying a roaming user and also linking the user's behaviors is not revealed in a visited network. It can be used to overcome the inherent structural flaws of smart card based anonymous authentication schemes issued recently. As shown in our analysis, our scheme is computationally efficient for a mobile user.

  20. An authentication scheme for secure access to healthcare services.

    PubMed

    Khan, Muhammad Khurram; Kumari, Saru

    2013-08-01

    Last few decades have witnessed boom in the development of information and communication technologies. Health-sector has also been benefitted with this advancement. To ensure secure access to healthcare services some user authentication mechanisms have been proposed. In 2012, Wei et al. proposed a user authentication scheme for telecare medical information system (TMIS). Recently, Zhu pointed out offline password guessing attack on Wei et al.'s scheme and proposed an improved scheme. In this article, we analyze both of these schemes for their effectiveness in TMIS. We show that Wei et al.'s scheme and its improvement proposed by Zhu fail to achieve some important characteristics necessary for secure user authentication. We find that security problems of Wei et al.'s scheme stick with Zhu's scheme; like undetectable online password guessing attack, inefficacy of password change phase, traceability of user's stolen/lost smart card and denial-of-service threat. We also identify that Wei et al.'s scheme lacks forward secrecy and Zhu's scheme lacks session key between user and healthcare server. We therefore propose an authentication scheme for TMIS with forward secrecy which preserves the confidentiality of air messages even if master secret key of healthcare server is compromised. Our scheme retains advantages of Wei et al.'s scheme and Zhu's scheme, and offers additional security. The security analysis and comparison results show the enhanced suitability of our scheme for TMIS.

  1. An Efficient Remote Authentication Scheme for Wireless Body Area Network.

    PubMed

    Omala, Anyembe Andrew; Kibiwott, Kittur P; Li, Fagen

    2017-02-01

    Wireless body area network (WBAN) provide a mechanism of transmitting a persons physiological data to application providers e.g. hospital. Given the limited range of connectivity associated with WBAN, an intermediate portable device e.g. smartphone, placed within WBAN's connectivity, forwards the data to a remote server. This data, if not protected from an unauthorized access and modification may be lead to poor diagnosis. In order to ensure security and privacy between WBAN and a server at the application provider, several authentication schemes have been proposed. Recently, Wang and Zhang proposed an authentication scheme for WBAN using bilinear pairing. However, in their scheme, an application provider could easily impersonate a client. In order to overcome this weakness, we propose an efficient remote authentication scheme for WBAN. In terms of performance, our scheme can not only provide a malicious insider security, but also reduce running time of WBAN (client) by 51 % as compared to Wang and Zhang scheme.

  2. Study on the security of the authentication scheme with key recycling in QKD

    NASA Astrophysics Data System (ADS)

    Li, Qiong; Zhao, Qiang; Le, Dan; Niu, Xiamu

    2016-09-01

    In quantum key distribution (QKD), the information theoretically secure authentication is necessary to guarantee the integrity and authenticity of the exchanged information over the classical channel. In order to reduce the key consumption, the authentication scheme with key recycling (KR), in which a secret but fixed hash function is used for multiple messages while each tag is encrypted with a one-time pad (OTP), is preferred in QKD. Based on the assumption that the OTP key is perfect, the security of the authentication scheme has be proved. However, the OTP key of authentication in a practical QKD system is not perfect. How the imperfect OTP affects the security of authentication scheme with KR is analyzed thoroughly in this paper. In a practical QKD, the information of the OTP key resulting from QKD is partially leaked to the adversary. Although the information leakage is usually so little to be neglected, it will lead to the increasing degraded security of the authentication scheme as the system runs continuously. Both our theoretical analysis and simulation results demonstrate that the security level of authentication scheme with KR, mainly indicated by its substitution probability, degrades exponentially in the number of rounds and gradually diminishes to zero.

  3. Weaknesses and drawbacks of a password authentication scheme using neural networks for multiserver architecture.

    PubMed

    Ku, Wei-Chi

    2005-07-01

    In 2001, Li et al. proposed a password authentication scheme for the multiserver architecture by using a pattern classification system based on neural networks. Herein, we demonstrate that Li et al's scheme is vulnerable to an offline password guessing attack and a privileged insider's attack, and is not reparable. Additionally, we show that Li et al.'s scheme has several drawbacks in practice.

  4. A Secure User Anonymity and Authentication Scheme Using AVISPA for Telecare Medical Information Systems.

    PubMed

    Mir, Omid; van der Weide, Theo; Lee, Cheng-Chi

    2015-09-01

    Telecare medicine information systems (TMIS) have been known as an effective mechanism to increase quality and security of healthcare services. In other to the protection of patient privacy, several authentication schemes have been proposed in TMIS, however, most of them have a security problems. Recently, Das proposed a secure and robust password-based remote user authentication scheme for the integrated EPR information system. However, in this paper, we show that his scheme have some security flaws. Then, we shall propose a secure authentication scheme to overcome their weaknesses. We prove the proposed scheme with random oracle and also use the BAN logic to prove the correctness of the proposed scheme. Furthermore, we simulate our scheme for the formal security analysis using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool.

  5. An improved anonymous authentication scheme for telecare medical information systems.

    PubMed

    Wen, Fengtong; Guo, Dianli

    2014-05-01

    Telecare medical information system (TMIS) constructs an efficient and convenient connection between patients and the medical server. The patients can enjoy medical services through public networks, and hence the protection of patients' privacy is very significant. Very recently, Wu et al. identified Jiang et al.'s authentication scheme had some security drawbacks and proposed an enhanced authentication scheme for TMIS. However, we analyze Wu et al.'s scheme and show that their scheme suffers from server spoofing attack, off-line password guessing attack, impersonation attack. Moreover, Wu et al.'s scheme fails to preserve the claimed patient anonymity and its password change phase is unfriendly and inefficient. Thereby, we present a novel anonymous authentication scheme for telecare medical information systems to eliminate the aforementioned faults. Besides, We demonstrate the completeness of the proposed scheme through the BAN logic. Furthermore, the security of our proposed scheme is proven through Bellare and Rogaways model. Compared with the related existing schemes, our scheme is more secure.

  6. Efficient and Anonymous Authentication Scheme for Wireless Body Area Networks.

    PubMed

    Wu, Libing; Zhang, Yubo; Li, Li; Shen, Jian

    2016-06-01

    As a significant part of the Internet of Things (IoT), Wireless Body Area Network (WBAN) has attract much attention in this years. In WBANs, sensors placed in or around the human body collect the sensitive data of the body and transmit it through an open wireless channel in which the messages may be intercepted, modified, etc. Recently, Wang et al. presented a new anonymous authentication scheme for WBANs and claimed that their scheme can solve the security problems in the previous schemes. Unfortunately, we demonstrate that their scheme cannot withstand impersonation attack. Either an adversary or a malicious legal client could impersonate another legal client to the application provider. In this paper, we give the detailed weakness analysis of Wang et al.'s scheme at first. Then we present a novel anonymous authentication scheme for WBANs and prove that it's secure under a random oracle model. At last, we demonstrate that our presented anonymous authentication scheme for WBANs is more suitable for practical application than Wang et al.'s scheme due to better security and performance. Compared with Wang et al.'s scheme, the computation cost of our scheme in WBANs has reduced by about 31.58%.

  7. A more secure anonymous user authentication scheme for the integrated EPR information system.

    PubMed

    Wen, Fengtong

    2014-05-01

    Secure and efficient user mutual authentication is an essential task for integrated electronic patient record (EPR) information system. Recently, several authentication schemes have been proposed to meet this requirement. In a recent paper, Lee et al. proposed an efficient and secure password-based authentication scheme used smart cards for the integrated EPR information system. This scheme is believed to have many abilities to resist a range of network attacks. Especially, they claimed that their scheme could resist lost smart card attack. However, we reanalyze the security of Lee et al.'s scheme, and show that it fails to protect off-line password guessing attack if the secret information stored in the smart card is compromised. This also renders that their scheme is insecure against user impersonation attacks. Then, we propose a new user authentication scheme for integrated EPR information systems based on the quadratic residues. The new scheme not only resists a range of network attacks but also provides user anonymity. We show that our proposed scheme can provide stronger security.

  8. An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function.

    PubMed

    Das, Ashok Kumar; Goswami, Adrijit

    2014-06-01

    Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

  9. A user anonymity preserving three-factor authentication scheme for telecare medicine information systems.

    PubMed

    Tan, Zuowen

    2014-03-01

    The telecare medicine information system enables the patients gain health monitoring at home and access medical services over internet or mobile networks. In recent years, the schemes based on cryptography have been proposed to address the security and privacy issues in the telecare medicine information systems. However, many schemes are insecure or they have low efficiency. Recently, Awasthi and Srivastava proposed a three-factor authentication scheme for telecare medicine information systems. In this paper, we show that their scheme is vulnerable to the reflection attacks. Furthermore, it fails to provide three-factor security and the user anonymity. We propose a new three-factor authentication scheme for the telecare medicine information systems. Detailed analysis demonstrates that the proposed scheme provides mutual authentication, server not knowing password and freedom of password, biometric update and three-factor security. Moreover, the new scheme provides the user anonymity. As compared with the previous three-factor authentication schemes, the proposed scheme is more secure and practical.

  10. Cryptanalysis of the Kiyomoto-Fukushima-Tanaka Anonymous Attribute Authentication Scheme

    NASA Astrophysics Data System (ADS)

    Park, Haeryong

    Kiyomoto-Fukushima-Tanaka proposed a perfectly ano-nymous attribute authentication scheme that realizes unidentifiable and untraceable authentication with offline revocation checking. The Kiyomoto-Fukushima-Tanaka scheme uses a self-blindable certificate that a user can change randomly. Thus, the certificate is modified for each authentication and the authentication scheme has the unidentifiable property and the untraceable property. However, in this letter, we show that the Kiyomoto-Fukushima-Tanaka scheme is insecure against the impersonation attack.

  11. On the security of two remote user authentication schemes for telecare medical information systems.

    PubMed

    Kim, Kee-Won; Lee, Jae-Dong

    2014-05-01

    The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

  12. Efficient Anonymous Authentication Protocol Using Key-Insulated Signature Scheme for Secure VANET

    NASA Astrophysics Data System (ADS)

    Park, Youngho; Sur, Chul; Jung, Chae Duk; Rhee, Kyung-Hyune

    In this paper, we propose an efficient authentication protocol with conditional privacy preservation for secure vehicular communications. The proposed protocol follows the system model to issue on-the-fly anonymous public key certificates to vehicles by road-side units. In order to design an efficient message authentication protocol, we consider a key-insulated signature scheme for certifying anonymous public keys of vehicles to such a system model. We demonstrate experimental results to confirm that the proposed protocol has better performance than other protocols based on group signature schemes.

  13. A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    PubMed

    Chang, Ya-Fen; Yu, Shih-Hui; Shiao, Ding-Rui

    2013-04-01

    Connected health care provides new opportunities for improving financial and clinical performance. Many connected health care applications such as telecare medicine information system, personally controlled health records system, and patient monitoring have been proposed. Correct and quality care is the goal of connected heath care, and user authentication can ensure the legality of patients. After reviewing authentication schemes for connected health care applications, we find that many of them cannot protect patient privacy such that others can trace users/patients by the transmitted data. And the verification tokens used by these authentication schemes to authenticate users or servers are only password, smart card and RFID tag. Actually, these verification tokens are not unique and easy to copy. On the other hand, biometric characteristics, such as iris, face, voiceprint, fingerprint and so on, are unique, easy to be verified, and hard to be copied. In this paper, a biometrics-based user authentication scheme will be proposed to ensure uniqueness and anonymity at the same time. With the proposed scheme, only the legal user/patient himself/herself can access the remote server, and no one can trace him/her according to transmitted data.

  14. A reliable RFID mutual authentication scheme for healthcare environments.

    PubMed

    Wu, Zhen-Yu; Chen, Lichin; Wu, Ju-Chuan

    2013-04-01

    Radio frequency identification (RFID) applications have the potential to increase the reliability of healthcare environments. However, there are obvious security and privacy concerns with regard to storing personal and medical data in RFID tags, and the lack of secure authentication systems in healthcare environments remains as a challenge the further use of this technology, one that touches on issues of confidentiality, unforgeability, location privacy, and scalability. This study proposes a novel mutual authentication protocol that considers all of these issues and solves the tradeoff between location privacy and scalability in healthcare environments. A formal proof and analysis is demonstrated to prove the effectiveness of the proposed scheme, and that high reliability has and can be easily deployed and managed. This study also provides a scenario example that applied proposed protocol in the newborn care and management. The result shows that the proposed scheme solves the related tradeoff problem, and is capable of providing both location privacy and scalability. To apply the authentication scheme proposed in this work would be able to increase confidence in future implementations of RFID systems in healthcare environments.

  15. Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol.

    PubMed

    He, Debiao; Kumar, Neeraj; Chilamkurti, Naveen; Lee, Jong-Hyouk

    2014-10-01

    The radio frequency identification (RFID) technology has been widely adopted and being deployed as a dominant identification technology in a health care domain such as medical information authentication, patient tracking, blood transfusion medicine, etc. With more and more stringent security and privacy requirements to RFID based authentication schemes, elliptic curve cryptography (ECC) based RFID authentication schemes have been proposed to meet the requirements. However, many recently published ECC based RFID authentication schemes have serious security weaknesses. In this paper, we propose a new ECC based RFID authentication integrated with an ID verifier transfer protocol that overcomes the weaknesses of the existing schemes. A comprehensive security analysis has been conducted to show strong security properties that are provided from the proposed authentication scheme. Moreover, the performance of the proposed authentication scheme is analyzed in terms of computational cost, communicational cost, and storage requirement.

  16. An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem.

    PubMed

    Zhao, Zhenguo

    2014-02-01

    With the development of wireless networks and medical sensors, wireless body area networks are playing more and more important role in the field of healthcare service. The data transmitted in WBANs is very sensitive since it will be used in clinical diagnoses or measurements. Therefore, security and privacy of communication in WBANs derive increasing attentions from the academia and industry. In this paper, we propose an identity (ID)-based efficient anonymous authentication scheme for WBANs using elliptic curve cryptosystem (ECC). Due to the ID-based concept, there is no certificate is needed in the proposed scheme. Moreover, the proposed scheme not only provides mutual authentication between the client and the application provider but also provides client anonymity. Performance analysis shows that improvements of 50.58% and 3.87% in the client side and the application provider side separately. Then the proposed scheme is more suitable for WBANs.

  17. Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care.

    PubMed

    Xie, Qi; Liu, Wenhao; Wang, Shengbao; Han, Lidong; Hu, Bin; Wu, Ting

    2014-09-01

    Patient's privacy-preserving, security and mutual authentication between patient and the medical server are the important mechanism in connected health care applications, such as telecare medical information systems and personally controlled health records systems. In 2013, Wen showed that Das et al.'s scheme is vulnerable to the replay attack, user impersonation attacks and off-line guessing attacks, and then proposed an improved scheme using biometrics, password and smart card to overcome these weaknesses. However, we show that Wen's scheme is still vulnerable to off-line password guessing attacks, does not provide user's anonymity and perfect forward secrecy. Further, we propose an improved scheme to fix these weaknesses, and use the applied pi calculus based formal verification tool ProVerif to prove the security and authentication.

  18. Anonymous three-party password-authenticated key exchange scheme for Telecare Medical Information Systems.

    PubMed

    Xie, Qi; Hu, Bin; Dong, Na; Wong, Duncan S

    2014-01-01

    Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.

  19. Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

    PubMed Central

    Xie, Qi; Hu, Bin; Dong, Na; Wong, Duncan S.

    2014-01-01

    Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS. PMID:25047235

  20. An authentication scheme to healthcare security under wireless sensor networks.

    PubMed

    Hsiao, Tsung-Chih; Liao, Yu-Ting; Huang, Jen-Yan; Chen, Tzer-Shyong; Horng, Gwo-Boa

    2012-12-01

    In recent years, Taiwan has been seeing an extension of the average life expectancy and a drop in overall fertility rate, initiating our country into an aged society. Due to this phenomenon, how to provide the elderly and patients with chronic diseases a suitable healthcare environment has become a critical issue presently. Therefore, we propose a new scheme that integrates healthcare services with wireless sensor technology in which sensor nodes are employed to measure patients' vital signs. Data collected from these sensor nodes are then transmitted to mobile devices of the medical staff and system administrator, promptly enabling them to understand the patients' condition in real time, which will significantly improve patients' healthcare quality. As per the personal data protection act, patients' vital signs can only be accessed by authorized medical staff. In order to protect patients', the system administrator will verify the medical staff's identity through the mobile device using a smart card and password mechanism. Accordingly, only the verified medical staff can obtain patients' vital signs data such as their blood pressure, pulsation, and body temperature, etc.. Besides, the scheme includes a time-bounded characteristic that allows the verified staff access to data without having to have to re-authenticate and re-login into the system within a set period of time. Consequently, the time-bounded property also increases the work efficiency of the system administrator and user.

  1. Security Improvement on a Remote User Authentication Scheme Using Smart Cards

    NASA Astrophysics Data System (ADS)

    Chen, Tien-Ho; Hsiang, Han-Cheng; Shih, Wei-Kuan

    Authentication is a very important ingredient service for the network system to verify whether a remote user is legal through any insecure channel. Recently, Hsiang and Shih proposed a remote user authentication scheme as an improved scheme over Yoon-Ryu-Yoo's, and asserted that their scheme could escape from masquerade attack, parallel session attack, etc. In this paper, we show that Hsiang and Shih's scheme still suffers from parallel session attack. To mend the problem, we offer a procedure to improve Hsiang and Shih's scheme. Consequently, our scheme is suitable for applications with higher secure requirement.

  2. Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

    PubMed Central

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme. PMID:25276847

  3. Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

    PubMed

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

  4. On securing wireless sensor network--novel authentication scheme against DOS attacks.

    PubMed

    Raja, K Nirmal; Beno, M Marsaline

    2014-10-01

    Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

  5. An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks.

    PubMed

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2016-06-08

    WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas's currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

  6. An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

    PubMed Central

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2016-01-01

    WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs. PMID:27338382

  7. Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

    PubMed Central

    Lee, Youngsook; Paik, Juryon

    2014-01-01

    An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme. PMID:25302330

  8. Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.

    PubMed

    Arshad, Hamed; Nikooghadam, Morteza

    2014-12-01

    Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

  9. Security analysis and improvement of an anonymous authentication scheme for roaming services.

    PubMed

    Lee, Youngsook; Paik, Juryon

    2014-01-01

    An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme.

  10. An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks

    PubMed Central

    Chung, Youngseok; Choi, Seokjin; Lee, Youngsook; Park, Namje; Won, Dongho

    2016-01-01

    More security concerns and complicated requirements arise in wireless sensor networks than in wired networks, due to the vulnerability caused by their openness. To address this vulnerability, anonymous authentication is an essential security mechanism for preserving privacy and providing security. Over recent years, various anonymous authentication schemes have been proposed. Most of them reveal both strengths and weaknesses in terms of security and efficiency. Recently, Farash et al. proposed a lightweight anonymous authentication scheme in ubiquitous networks, which remedies the security faults of previous schemes. However, their scheme still suffers from certain weaknesses. In this paper, we prove that Farash et al.’s scheme fails to provide anonymity, authentication, or password replacement. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Considering the limited capability of sensor nodes, we utilize only low-cost functions, such as one-way hash functions and bit-wise exclusive-OR operations. The security and lightness of the proposed scheme mean that it can be applied to roaming service in localized domains of wireless sensor networks, to provide anonymous authentication of sensor nodes. PMID:27739417

  11. An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks.

    PubMed

    Chung, Youngseok; Choi, Seokjin; Lee, Youngsook; Park, Namje; Won, Dongho

    2016-10-07

    More security concerns and complicated requirements arise in wireless sensor networks than in wired networks, due to the vulnerability caused by their openness. To address this vulnerability, anonymous authentication is an essential security mechanism for preserving privacy and providing security. Over recent years, various anonymous authentication schemes have been proposed. Most of them reveal both strengths and weaknesses in terms of security and efficiency. Recently, Farash et al. proposed a lightweight anonymous authentication scheme in ubiquitous networks, which remedies the security faults of previous schemes. However, their scheme still suffers from certain weaknesses. In this paper, we prove that Farash et al.'s scheme fails to provide anonymity, authentication, or password replacement. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Considering the limited capability of sensor nodes, we utilize only low-cost functions, such as one-way hash functions and bit-wise exclusive-OR operations. The security and lightness of the proposed scheme mean that it can be applied to roaming service in localized domains of wireless sensor networks, to provide anonymous authentication of sensor nodes.

  12. An Gen2 Based Security Authentication Protocol for RFID System

    NASA Astrophysics Data System (ADS)

    Yi, Xiaoluo; Wang, Liangmin; Mao, Dongmei; Zhan, Yongzhao

    EPC Class-1 Generation-2 specification(Gen2 in brief) has been accepted as the standard for RFID tags under grant number ISO18000-6C. However, Gen2 does not pay due attention to security. For this reason, a Gen2 based security authentication protocol is developed in this paper. In details, we study the security requirements presented in the current Gen2 based RFID authentication protocols[7-13]. Then we point out the security flaws of Chien's mutual authentication protocol[7], and improve the protocol based on a 11 security requirements. Our improved protocol merely uses CRC and PRNG operations supported by Gen2 and meets the 11 security requirements. In contrast to the similar work [14,15] on Chien's protocol or other Gen2 based schemes, our protocol is more secure and our security analysis is much more comprehensive and qualitative.

  13. A user authentication scheme using physiological and behavioral biometrics for multitouch devices.

    PubMed

    Koong, Chorng-Shiuh; Yang, Tzu-I; Tseng, Chien-Chao

    2014-01-01

    With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage.

  14. A User Authentication Scheme Using Physiological and Behavioral Biometrics for Multitouch Devices

    PubMed Central

    Koong, Chorng-Shiuh; Tseng, Chien-Chao

    2014-01-01

    With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage. PMID:25147864

  15. A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.

    PubMed

    Chaudhry, Shehzad Ashraf; Khan, Muhammad Tawab; Khan, Muhammad Khurram; Shon, Taeshik

    2016-11-01

    Recently several authentication schemes are proposed for telecare medicine information system (TMIS). Many of such schemes are proved to have weaknesses against known attacks. Furthermore, numerous such schemes cannot be used in real time scenarios. Because they assume a single server for authentication across the globe. Very recently, Amin et al. (J. Med. Syst. 39(11):180, 2015) designed an authentication scheme for secure communication between a patient and a medical practitioner using a trusted central medical server. They claimed their scheme to extend all security requirements and emphasized the efficiency of their scheme. However, the analysis in this article proves that the scheme designed by Amin et al. is vulnerable to stolen smart card and stolen verifier attacks. Furthermore, their scheme is having scalability issues along with inefficient password change and password recovery phases. Then we propose an improved scheme. The proposed scheme is more practical, secure and lightweight than Amin et al.'s scheme. The security of proposed scheme is proved using the popular automated tool ProVerif.

  16. A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    PubMed

    Wen, Fengtong

    2013-12-01

    User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

  17. Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

    PubMed Central

    Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

    2015-01-01

    Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

  18. Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

    PubMed

    Islam, S K Hafizul; Khan, Muhammad Khurram; Li, Xiong

    2015-01-01

    Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

  19. Efficient and Secure Temporal Credential-Based Authenticated Key Agreement Using Extended Chaotic Maps for Wireless Sensor Networks

    PubMed Central

    Lee, Tian-Fu

    2015-01-01

    A secure temporal credential-based authenticated key agreement scheme for Wireless Sensor Networks (WSNs) enables a user, a sensor node and a gateway node to realize mutual authentication using temporal credentials. The user and the sensor node then negotiate a common secret key with the help of the gateway node, and establish a secure and authenticated channel using this common secret key. To increase efficiency, recent temporal credential-based authenticated key agreement schemes for WSNs have been designed to involve few computational operations, such as hash and exclusive-or operations. However, these schemes cannot protect the privacy of users and withstand possible attacks. This work develops a novel temporal credential-based authenticated key agreement scheme for WSNs using extended chaotic maps, in which operations are more efficient than modular exponential computations and scalar multiplications on an elliptic curve. The proposed scheme not only provides higher security and efficiency than related schemes, but also resolves their weaknesses. PMID:26121612

  20. Efficient and Secure Temporal Credential-Based Authenticated Key Agreement Using Extended Chaotic Maps for Wireless Sensor Networks.

    PubMed

    Lee, Tian-Fu

    2015-06-25

    A secure temporal credential-based authenticated key agreement scheme for Wireless Sensor Networks (WSNs) enables a user, a sensor node and a gateway node to realize mutual authentication using temporal credentials. The user and the sensor node then negotiate a common secret key with the help of the gateway node, and establish a secure and authenticated channel using this common secret key. To increase efficiency, recent temporal credential-based authenticated key agreement schemes for WSNs have been designed to involve few computational operations, such as hash and exclusive-or operations. However, these schemes cannot protect the privacy of users and withstand possible attacks. This work develops a novel temporal credential-based authenticated key agreement scheme for WSNs using extended chaotic maps, in which operations are more efficient than modular exponential computations and scalar multiplications on an elliptic curve. The proposed scheme not only provides higher security and efficiency than related schemes, but also resolves their weaknesses.

  1. A Novel Physical Layer Assisted Authentication Scheme for Mobile Wireless Sensor Networks

    PubMed Central

    Wang, Qiuhua

    2017-01-01

    Physical-layer authentication can address physical layer vulnerabilities and security threats in wireless sensor networks, and has been considered as an effective complementary enhancement to existing upper-layer authentication mechanisms. In this paper, to advance the existing research and improve the authentication performance, we propose a novel physical layer assisted authentication scheme for mobile wireless sensor networks. In our proposed scheme, we explore the reciprocity and spatial uncorrelation of the wireless channel to verify the identities of involved transmitting users and decide whether all data frames are from the same sender. In our proposed scheme, a new method is developed for the legitimate users to compare their received signal strength (RSS) records, which avoids the information from being disclosed to the adversary. Our proposed scheme can detect the spoofing attack even in a high dynamic environment. We evaluate our scheme through experiments under indoor and outdoor environments. Experiment results show that our proposed scheme is more efficient and achieves a higher detection rate as well as keeping a lower false alarm rate. PMID:28165423

  2. A Novel Physical Layer Assisted Authentication Scheme for Mobile Wireless Sensor Networks.

    PubMed

    Wang, Qiuhua

    2017-02-04

    Physical-layer authentication can address physical layer vulnerabilities and security threats in wireless sensor networks, and has been considered as an effective complementary enhancement to existing upper-layer authentication mechanisms. In this paper, to advance the existing research and improve the authentication performance, we propose a novel physical layer assisted authentication scheme for mobile wireless sensor networks. In our proposed scheme, we explore the reciprocity and spatial uncorrelation of the wireless channel to verify the identities of involved transmitting users and decide whether all data frames are from the same sender. In our proposed scheme, a new method is developed for the legitimate users to compare their received signal strength (RSS) records, which avoids the information from being disclosed to the adversary. Our proposed scheme can detect the spoofing attack even in a high dynamic environment. We evaluate our scheme through experiments under indoor and outdoor environments. Experiment results show that our proposed scheme is more efficient and achieves a higher detection rate as well as keeping a lower false alarm rate.

  3. A Secure ECC-based RFID Mutual Authentication Protocol to Enhance Patient Medication Safety.

    PubMed

    Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Li, Fagen

    2016-01-01

    Patient medication safety is an important issue in patient medication systems. In order to prevent medication errors, integrating Radio Frequency Identification (RFID) technology into automated patient medication systems is required in hospitals. Based on RFID technology, such systems can provide medical evidence for patients' prescriptions and medicine doses, etc. Due to the mutual authentication between the medication server and the tag, RFID authentication scheme is the best choice for automated patient medication systems. In this paper, we present a RFID mutual authentication scheme based on elliptic curve cryptography (ECC) to enhance patient medication safety. Our scheme can achieve security requirements and overcome various attacks existing in other schemes. In addition, our scheme has better performance in terms of computational cost and communication overhead. Therefore, the proposed scheme is well suitable for patient medication systems.

  4. A robust and effective smart-card-based remote user authentication mechanism using hash function.

    PubMed

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

  5. On Constructing Dynamic and Forward Secure Authenticated Group Key Agreement Scheme from Multikey Encapsulation Mechanism

    PubMed Central

    Fathirad, Iraj; Devlin, John

    2015-01-01

    The approach of instantiating authenticated group key exchange (GAKE) protocol from the multikey encapsulation mechanism (mKEM) has an important advantage of achieving classical requirement of GAKE security in one communication round. In spite of the limitations of this approach, for example, lack of forward secrecy, it is very useful in group environments when maximum communication efficiency is desirable. To enrich this mKEM-based GAKE construction, we suggest an efficient solution to convert this static GAKE framework into a partially dynamic scheme. Furthermore, to address the associated lack of forward-secrecy, we propose two variants of this generic construction which can also provide a means of forward secrecy at the cost of extra communication round. In addition, concerning associated implementation cost of deploying this generic GAKE construction in elliptic curve cryptosystem, we compare the possible instantiations of this model from existing mKEM algorithms in terms of the number of elliptic curve scalar multiplications. PMID:26451388

  6. On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

    PubMed

    Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

    2015-08-01

    Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

  7. An Anonymous User Authentication with Key Agreement Scheme without Pairings for Multiserver Architecture Using SCPKs

    PubMed Central

    Wen, Qiaoyan; Li, Wenmin; Jin, Zhengping; Zhang, Hua

    2013-01-01

    With advancement of computer community and widespread dissemination of network applications, users generally need multiple servers to provide different services. Accordingly, the multiserver architecture has been prevalent, and designing a secure and efficient remote user authentication under multiserver architecture becomes a nontrivial challenge. In last decade, various remote user authentication protocols have been put forward to correspond to the multi-server scenario requirements. However, these schemes suffered from certain security problems or their cost consumption exceeded users' own constrained ability. In this paper, we present an anonymous remote user authentication with key agreement scheme for multi-server architecture employing self-certified public keys without pairings. The proposed scheme can not only retain previous schemes' advantages but also achieve user privacy concern. Moreover, our proposal can gain higher efficiency by removing the pairings operation compared with the related schemes. Through analysis and comparison with the related schemes, we can say that our proposal is in accordance with the scenario requirements and feasible to the multi-server architecture. PMID:23844397

  8. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

    PubMed

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-03-21

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

  9. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

    PubMed Central

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-01-01

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al’s method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration. PMID:28335572

  10. Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

    PubMed

    Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2014-11-01

    Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

  11. Color image authentication scheme via multispectral photon-counting double random phase encoding

    NASA Astrophysics Data System (ADS)

    Moon, Inkyu

    2015-05-01

    In this paper, we present an overview of a color image authentication scheme via multispectral photon-counting (MPCI) double random phase encoding (DRPE). The MPCI makes image sparse distributed and DRPE lets image be stationary white noise which make intruder attacks difficult. In this method, the original RGB image is down-sampled into Bayer image and then be encrypted with DRPE. The encrypted image is photon-counted and transmitted on internet channel. For image authentication, the decrypted Bayer image is interpolated into RBC image with demosaicing algorithm. Experimental results show that the decrypted image is not visually recognized under low light level but can be verified with nonlinear correlation algorithm.

  12. Facelock: familiarity-based graphical authentication.

    PubMed

    Jenkins, Rob; McLachlan, Jane L; Renaud, Karen

    2014-01-01

    Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised 'facelock', in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (<1% success rate). Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems.

  13. Facelock: familiarity-based graphical authentication

    PubMed Central

    McLachlan, Jane L.; Renaud, Karen

    2014-01-01

    Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised ‘facelock’, in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (<1% success rate). Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems. PMID:25024913

  14. Security analysis and improvement of a privacy authentication scheme for telecare medical information systems.

    PubMed

    Wu, Fan; Xu, Lili

    2013-08-01

    Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.'s. However, we have showed that Jiang et al.'s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user's smart card. Also, it can't resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients' past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.'s scheme and is practical for TMIS.

  15. A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

    PubMed

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2015-09-01

    The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

  16. Toward Developing Authentic Leadership: Team-Based Simulations

    ERIC Educational Resources Information Center

    Shapira-Lishchinsky, Orly

    2014-01-01

    Although there is a consensus that authentic leadership should be an essential component in educational leadership, no study to date has ever tried to find whether team-based simulations may promote authentic leadership. The purpose of this study was to identify whether principal trainees can develop authentic leadership through ethical decision…

  17. Multi-watermarking scheme for copyright protection and content authentication of DubaiSat-1 satellite imagery

    NASA Astrophysics Data System (ADS)

    Al-Mansoori, Saeed; Kunhu, Alavi

    2013-09-01

    A non-secure transmission channel is considered as a major challenge in remote sensing. The commercial value of satellite imagery and the sensitive information it contains led engineers to look for different means to secure the ownership of satellite imagery and preventing the illegal use of these resources. Therefore, a blind multi-watermarking scheme for copyright protection and image authentication is proposed. The multi-watermarking scheme is based on designing two back-to-back encoders. The first encoder embeds a robust ownership watermark in a frequency domain of satellite imagery using Discrete Cosine Transform (DCT) approach. Whereas, the second encoder embeds a fragile authentication information into a spatial domain of a watermarked image using Message Digest Encryption Key algorithm. This study was conducted on DubaiSat-1 satellite imagery owned by Emirates Institution for Advanced Science and Technology (EIAST). The simulation results demonstrate that the proposed scheme is robust against many intentional and unintentional attacks. Moreover, it shows a very high ability for tamper detection.

  18. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

    PubMed

    Arshad, Hamed; Rasoolzadegan, Abbas

    2016-11-01

    Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

  19. A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

    PubMed

    Das, Ashok Kumar

    2015-03-01

    Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

  20. Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle.

    PubMed

    Park, Namje; Kang, Namhi

    2015-12-24

    The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, "things" are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

  1. Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle

    PubMed Central

    Park, Namje; Kang, Namhi

    2015-01-01

    The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, “things” are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks. PMID:26712759

  2. Image authentication based on double-image encryption and partial phase decryption in nonseparable fractional Fourier domain

    NASA Astrophysics Data System (ADS)

    Yuan, Lin; Ran, Qiwen; Zhao, Tieyu

    2017-02-01

    In this paper an image authentication scheme is proposed based on double-image encryption and partial phase decryption in nonseparable Fractional Fourier transform domain. Two original images are combined and transformed into the nonseparable fractional Fourier domain. Only part of the phase information of the encrypted result is kept for decryption while the rest part of phase and all the amplitude information are discarded. The two recovered images are hardly recognized by visual inspection but can be authenticated by the nonlinear correlation algorithm. The numerical simulations demonstrate the viability and validity of the proposed image authentication scheme.

  3. Continuous-variable quantum identity authentication based on quantum teleportation

    NASA Astrophysics Data System (ADS)

    Ma, Hongxin; Huang, Peng; Bao, Wansu; Zeng, Guihua

    2016-06-01

    A continuous-variable quantum identity authentication protocol, which is based on quantum teleportation, is presented by employing two-mode squeezed vacuum state and coherent state. The proposed protocol can verify user's identity efficiently with a new defined fidelity parameter. Update of authentication key can also be implemented in our protocol. Moreover, the analysis shows its feasibility and security under the general Gaussian-cloner attack on authentication key, which is guaranteed by quantum entanglement, insertion of decoy state and random displacement.

  4. Identity-Based Authenticated Key Agreement Protocols without Bilinear Pairings

    NASA Astrophysics Data System (ADS)

    Cao, Xuefei; Kou, Weidong; Yu, Yong; Sun, Rong

    This letter proposes an identity-based authenticated key agreement protocol. Different from available comparable ones, the new protocol realizes implicit authentication without bilinear pairings which makes it more efficient. The security of proposed protocol can be reduced to the standard Computational Diffie-Hellman problem. Two variants of the protocol are also given, with one achieving the security-efficiency trade-off and the other providing authenticated key agreement between users of different domains.

  5. Optical hierarchical authentication based on interference and hash function.

    PubMed

    He, Wenqi; Peng, Xiang; Meng, Xiangfeng; Liu, Xiaoli

    2012-11-10

    We propose a method to achieve the purpose of hierarchical authentication on the basis of two beams' interference and the one-way hash function. For this security protection system, only if the "phase key" and the password-controlled "phase lock" of a user are verified simultaneously can one obtain a permission to visit the confidential resources of the system. Moreover, this scheme can not only check the legality of the users but also verify their identity levels so as to grant them corresponding hierarchical access permissions. The authentication process is straightforward; the phase key and the password-controlled phase lock of one user are loading on two spatial light modulators in advance, by which two coherent beams are modulated and then interfere with each other at the output plane leading to an output image. By comparing the output image with all the standard certification images in the database, the system can thus verify the user's identity. However, the system designing process involves an iterative modified phase retrieval algorithm. For an authorized user, a phase lock is first created based on a "digital fingerprint," which is the result of a hash function on a preselected user password. The corresponding phase key can then be determined by use of the phase lock and a designated standard certification image. Theoretical analysis and computer simulations both validate the effectiveness of our method.

  6. Improved chaotic maps-based password-authenticated key agreement using smart cards

    NASA Astrophysics Data System (ADS)

    Lin, Han-Yu

    2015-02-01

    Elaborating on the security of password-based authenticated key agreement, in this paper, the author cryptanalyzes a chaotic maps-based password-authenticated key agreement proposed by Guo and Chang recently. Specifically, their protocol could not achieve strong user anonymity due to a fixed parameter and a malicious adversary is able to derive the shared session key by manipulating the property of Chebyshev chaotic maps. Additionally, the author also presents an improved scheme to eliminate the above weaknesses and still maintain the efficiency.

  7. Gyrator transform based double random phase encoding with sparse representation for information authentication

    NASA Astrophysics Data System (ADS)

    Chen, Jun-xin; Zhu, Zhi-liang; Fu, Chong; Yu, Hai; Zhang, Li-bo

    2015-07-01

    Optical information security systems have drawn long-term concerns. In this paper, an optical information authentication approach using gyrator transform based double random phase encoding with sparse representation is proposed. Different from traditional optical encryption schemes, only sparse version of the ciphertext is preserved, and hence the decrypted result is completely unrecognizable and shows no similarity to the plaintext. However, we demonstrate that the noise-like decipher result can be effectively authenticated by means of optical correlation approach. Simulations prove that the proposed method is feasible and effective, and can provide additional protection for optical security systems.

  8. Hologram authentication based on a secure watermarking algorithm using cellular automata.

    PubMed

    Hwang, Wen-Jyi; Chan, Hao-Tang; Cheng, Chau-Jern

    2014-09-20

    A secure watermarking algorithm for hologram authentication is presented in this paper. The algorithm exploits the noise-like feature of holograms to randomly embed a watermark in the domain of the discrete cosine transform with marginal degradation in transparency. The pseudo random number (PRN) generators based on a cellular automata algorithm with asymmetrical and nonlocal connections are used for the random hiding. Each client has its own unique PRN generators for enhancing the watermark security. In the proposed algorithm, watermarks are also randomly generated to eliminate the requirements of prestoring watermarks in the clients and servers. An authentication scheme is then proposed for the algorithm with random watermark generation and hiding.

  9. Robust EPR-pairs-based quantum secure communication with authentication resisting collective noise

    NASA Astrophysics Data System (ADS)

    Chang, Yan; Zhang, ShiBin; Li, Jian; Yan, LiLi

    2014-10-01

    This work presents two robust quantum secure communication schemes with authentication based on Einstein-Podolsky-Rosen (EPR) pairs, which can withstand collective noises. Two users previously share an identity string representing their identities. The identity string is encoded as decoherence-free states (termed logical qubits), respectively, over the two collective noisy channels, which are used as decoy photons. By using the decoy photons, both the authentication of two users and the detection of eavesdropping were implemented. The use of logical qubits not only guaranteed the high fidelity of exchanged secret message, but also prevented the eavesdroppers to eavesdrop beneath a mask of noise.

  10. Authentication Based on Non-Interactive Zero-Knowledge Proofs for the Internet of Things

    PubMed Central

    Martín-Fernández, Francisco; Caballero-Gil, Pino; Caballero-Gil, Cándido

    2016-01-01

    This paper describes the design and analysis of a new scheme for the authenticated exchange of confidential information in insecure environments within the Internet of Things, which allows a receiver of a message to authenticate the sender and compute a secret key shared with it. The proposal is based on the concept of a non-interactive zero-knowledge proof, so that in a single communication, relevant data may be inferred to verify the legitimacy of the sender. Besides, the new scheme uses the idea under the Diffie–Hellman protocol for the establishment of a shared secret key. The proposal has been fully developed for platforms built on the Android Open Source Project, so it can be used in any device or sensor with this operating system. This work provides a performance study of the implementation and a comparison between its promising results and others obtained with similar schemes. PMID:26751454

  11. Authentication Based on Non-Interactive Zero-Knowledge Proofs for the Internet of Things.

    PubMed

    Martín-Fernández, Francisco; Caballero-Gil, Pino; Caballero-Gil, Cándido

    2016-01-07

    This paper describes the design and analysis of a new scheme for the authenticated exchange of confidential information in insecure environments within the Internet of Things, which allows a receiver of a message to authenticate the sender and compute a secret key shared with it. The proposal is based on the concept of a non-interactive zero-knowledge proof, so that in a single communication, relevant data may be inferred to verify the legitimacy of the sender. Besides, the new scheme uses the idea under the Diffie-Hellman protocol for the establishment of a shared secret key. The proposal has been fully developed for platforms built on the Android Open Source Project, so it can be used in any device or sensor with this operating system. This work provides a performance study of the implementation and a comparison between its promising results and others obtained with similar schemes.

  12. Secure password-based authenticated key exchange for web services

    SciTech Connect

    Liang, Fang; Meder, Samuel; Chevassut, Olivier; Siebenlist, Frank

    2004-11-22

    This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options in the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.

  13. Digital holographic-based cancellable biometric for personal authentication

    NASA Astrophysics Data System (ADS)

    Verma, Gaurav; Sinha, Aloka

    2016-05-01

    In this paper, we propose a new digital holographic-based cancellable biometric scheme for personal authentication and verification. The realization of cancellable biometric is presented by using an optoelectronic experimental approach, in which an optically recorded hologram of the fingerprint of a person is numerically reconstructed. Each reconstructed feature has its own perspective, which is utilized to generate user-specific fingerprint features by using a feature-extraction process. New representations of the user-specific fingerprint features can be obtained from the same hologram, by changing the reconstruction distance (d) by an amount Δd between the recording plane and the reconstruction plane. This parameter is the key to make the cancellable user-specific fingerprint features using a digital holographic technique, which allows us to choose different reconstruction distances when reissuing the user-specific fingerprint features in the event of compromise. We have shown theoretically that each user-specific fingerprint feature has a unique identity with a high discrimination ability, and the chances of a match between them are minimal. In this aspect, a recognition system has also been demonstrated using the fingerprint biometric of the enrolled person at a particular reconstruction distance. For the performance evaluation of a fingerprint recognition system—the false acceptance ratio, the false rejection ratio and the equal error rate are calculated using correlation. The obtained results show good discrimination ability between the genuine and the impostor populations with the highest recognition rate of 98.23%.

  14. Quantum cloning attacks against PUF-based quantum authentication systems

    NASA Astrophysics Data System (ADS)

    Yao, Yao; Gao, Ming; Li, Mo; Zhang, Jian

    2016-08-01

    With the advent of physical unclonable functions (PUFs), PUF-based quantum authentication systems have been proposed for security purposes, and recently, proof-of-principle experiment has been demonstrated. As a further step toward completing the security analysis, we investigate quantum cloning attacks against PUF-based quantum authentication systems and prove that quantum cloning attacks outperform the so-called challenge-estimation attacks. We present the analytical expression of the false-accept probability by use of the corresponding optimal quantum cloning machines and extend the previous results in the literature. In light of these findings, an explicit comparison is made between PUF-based quantum authentication systems and quantum key distribution protocols in the context of cloning attacks. Moreover, from an experimental perspective, a trade-off between the average photon number and the detection efficiency is discussed in detail.

  15. Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

    PubMed

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

    2015-11-01

    The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

  16. Efficient model checking of network authentication protocol based on SPIN

    NASA Astrophysics Data System (ADS)

    Tan, Zhi-hua; Zhang, Da-fang; Miao, Li; Zhao, Dan

    2013-03-01

    Model checking is a very useful technique for verifying the network authentication protocols. In order to improve the efficiency of modeling and verification on the protocols with the model checking technology, this paper first proposes a universal formalization description method of the protocol. Combined with the model checker SPIN, the method can expediently verify the properties of the protocol. By some modeling simplified strategies, this paper can model several protocols efficiently, and reduce the states space of the model. Compared with the previous literature, this paper achieves higher degree of automation, and better efficiency of verification. Finally based on the method described in the paper, we model and verify the Privacy and Key Management (PKM) authentication protocol. The experimental results show that the method of model checking is effective, which is useful for the other authentication protocols.

  17. An efficient and adaptive mutual authentication framework for heterogeneous wireless sensor network-based applications.

    PubMed

    Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

    2014-02-11

    Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications.

  18. An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications

    PubMed Central

    Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

    2014-01-01

    Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications. PMID:24521942

  19. An efficient and secure attribute based signcryption scheme with LSSS access structure.

    PubMed

    Hong, Hanshu; Sun, Zhixin

    2016-01-01

    Attribute based encryption (ABE) and attribute based signature (ABS) provide flexible access control with authentication for data sharing between users, but realizing both functions will bring about too much computation burden. In this paper, we combine the advantages of CP-ABE with ABS and propose a ciphertext policy attribute based signcryption scheme. In our scheme, only legal receivers can decrypt the ciphertext and verify the signature signed by data owner. Furthermore, we use linear secret sharing scheme instead of tree structure to avoid the frequent calls of recursive algorithm. By security and performance analysis, we prove that our scheme is secure as well as gains higher efficiency.

  20. An efficient and robust RSA-based remote user authentication for telecare medical information systems.

    PubMed

    Giri, Debasis; Maitra, Tanmoy; Amin, Ruhul; Srivastava, P D

    2015-01-01

    It is not always possible for a patient to go to a doctor in critical or urgent period. Telecare Medical Information Systems (TMIS) provides a facility by which a patient can communicate to a doctor through a medical server via internet from home. To hide the secret information of both parties (a server and a patient), an authentication mechanism is needed in TMIS. In 2013, Khan and Kumari proposed the authentication schemes for TMIS. In this paper, we have shown that Khan and Kumari's scheme is insecure against off-line password guessing attack. We have also shown that Khan and Kumari's scheme does not provide any security if the password of a patient is compromised. To improve the security and efficiency, a new authentication scheme for TMIS has been proposed in this paper. Further, the proposed scheme can resist all possible attacks and has better performance than the related schemes published earlier.

  1. A Secure Mobile-Based Authentication System for e-Banking

    NASA Astrophysics Data System (ADS)

    Rifà-Pous, Helena

    Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable. We propose a challenge-response based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.

  2. Server-Controlled Identity-Based Authenticated Key Exchange

    NASA Astrophysics Data System (ADS)

    Guo, Hua; Mu, Yi; Zhang, Xiyong; Li, Zhoujun

    We present a threshold identity-based authenticated key exchange protocol that can be applied to an authenticated server-controlled gateway-user key exchange. The objective is to allow a user and a gateway to establish a shared session key with the permission of the back-end servers, while the back-end servers cannot obtain any information about the established session key. Our protocol has potential applications in strong access control of confidential resources. In particular, our protocol possesses the semantic security and demonstrates several highly-desirable security properties such as key privacy and transparency. We prove the security of the protocol based on the Bilinear Diffie-Hellman assumption in the random oracle model.

  3. Provably Secure Password-based Authentication in TLS

    SciTech Connect

    Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier; Moeller,Bodo; Pointcheval, David

    2005-12-20

    In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.

  4. CENTERA: A Centralized Trust-Based Efficient Routing Protocol with Authentication for Wireless Sensor Networks †

    PubMed Central

    Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

    2015-01-01

    In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of “bad” nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics—maliciousness, cooperation, and compatibility—and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates “bad”, “misbehaving” or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated “bad” behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to “good” nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations. PMID:25648712

  5. CENTERA: a centralized trust-based efficient routing protocol with authentication for wireless sensor networks.

    PubMed

    Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

    2015-02-02

    In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of "bad" nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics-maliciousness, cooperation, and compatibility-and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates "bad", "misbehaving" or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated "bad" behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to "good" nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations.

  6. Marketing Education Assessment Guide. Performance-Based Activities with Authentic Assessments Instruments.

    ERIC Educational Resources Information Center

    Everett, Donna R.

    This guide presents performance-based authentic assessment ideas, samples, and suggestions to help marketing teachers and students respond to changes and pressures from outside the classroom. It contains 21 activities, each accompanied by a method of authentic assessment. In most cases, the authentic assessment method is a scoring device. The…

  7. An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity.

    PubMed

    Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

    2016-01-01

    User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.'s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.'s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance.

  8. An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity

    PubMed Central

    Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

    2016-01-01

    User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.’s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.’s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance. PMID:27101305

  9. BossPro: a biometrics-based obfuscation scheme for software protection

    NASA Astrophysics Data System (ADS)

    Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

    2013-05-01

    This paper proposes to integrate biometric-based key generation into an obfuscated interpretation algorithm to protect authentication application software from illegitimate use or reverse-engineering. This is especially necessary for mCommerce because application programmes on mobile devices, such as Smartphones and Tablet-PCs are typically open for misuse by hackers. Therefore, the scheme proposed in this paper ensures that a correct interpretation / execution of the obfuscated program code of the authentication application requires a valid biometric generated key of the actual person to be authenticated, in real-time. Without this key, the real semantics of the program cannot be understood by an attacker even if he/she gains access to this application code. Furthermore, the security provided by this scheme can be a vital aspect in protecting any application running on mobile devices that are increasingly used to perform business/financial or other security related applications, but are easily lost or stolen. The scheme starts by creating a personalised copy of any application based on the biometric key generated during an enrolment process with the authenticator as well as a nuance created at the time of communication between the client and the authenticator. The obfuscated code is then shipped to the client's mobile devise and integrated with real-time biometric extracted data of the client to form the unlocking key during execution. The novelty of this scheme is achieved by the close binding of this application program to the biometric key of the client, thus making this application unusable for others. Trials and experimental results on biometric key generation, based on client's faces, and an implemented scheme prototype, based on the Android emulator, prove the concept and novelty of this proposed scheme.

  10. Digital imaging based classification and authentication of granular food products

    NASA Astrophysics Data System (ADS)

    Carter, R. M.; Yan, Y.; Tomlins, K.

    2006-02-01

    In the food industry there are many types of product that are in the form of particles, granules or grains. Consistent material size and quality within any given sample is an important requirement that is well known in industry. In addition it is possible that samples of material may be of unknown type or have been subject to adulteration, thus making material authentication a real requirement. The present work implements an advanced, but cost-effective, digital imaging and image processing technique to characterize granular foodstuffs either in real time process control or in an off-line, sample-based, manner. The imaging approach not only provides cost-effective and rugged hardware when compared with other approaches but also allows precise characterization of individual grains of material. In this paper the imaging system is briefly described and the parameters it measures are discussed. Both cluster and discriminant analyses are performed to establish the suitability of the measured parameters for authenticity study and a simple fuzzy logic is implemented based on the findings. Tests are performed, using rice as an example, to evaluate the performance of the system for authenticity testing, and encouraging results are achieved.

  11. Smartphone-based secure authenticated session sharing in Internet of Personal Things

    NASA Astrophysics Data System (ADS)

    Krishnan, Ram; Ninglekhu, Jiwan

    2015-03-01

    In the context of password-based authentication, a user can only memorize limited number of usernames and passwords. They are generally referred to as user-credentials. Longer character length of passwords further adds complication in mastering them. The expansion of the Internet and our growing dependency on it, has made it almost impossible for us to handle the big pool of user-credentials. Using simple, same or similar passwords is considered a poor practice, as it can easily be compromised by password cracking tools and social engineering attacks. Therefore, a robust and painless technique to manage personal credentials for websites is desirable. In this paper, a novel technique for user-credentials management via a smart mobile device such as a smartphone in a local network is proposed. We present a secure user-credential management scheme in which user's account login (username) and password associated with websites domain name is saved into the mobile device's database using a mobile application. We develop a custom browser extension application for client and use it to import user's credentials linked with the corresponding website from the mobile device via the local Wi-Fi network connection. The browser extension imports and identifies the authentication credentials and pushes them into the target TextBox locations in the webpage, ready for the user to execute. This scheme is suitably demonstrated between two personal devices in a local network.

  12. GEOSS authentication/authorization services: a Broker-based approach

    NASA Astrophysics Data System (ADS)

    Santoro, M.; Nativi, S.

    2014-12-01

    The vision of the Global Earth Observation System of Systems (GEOSS) is the achievement of societal benefits through voluntary contribution and sharing of resources to better understand the relationships between the society and the environment where we live. The GEOSS Common Infrastructure (GCI) allows users to search, access, and use the resources contributed by the GEOSS members. The GEO DAB (Discovery and Access Broker) is the GCI component in charge of interconnecting the heterogeneous data systems contributing to GEOSS. Client applications (i.e. the portals and apps) can connect to GEO DAB as a unique entry point to discover and access resources available through GCI, with no need to implement the many service protocols and models applied by the GEOSS data providers. The GEO DAB implements the brokering approach (Nativi et al., 2013) to build a flexible and scalable System of Systems. User authentication/authorization functionality is becoming more and more important for GEOSS data providers and users. The Providers ask for information about who accessed their resources and, in some cases, want to limit the data download. The Users ask for a profiled interaction with the system based on their needs and expertise level. Besides, authentication and authorization is necessary for GEOSS to provide moderated social services - e.g. feedback messages, data "fit for use" comments, etc. In keeping with the GEOSS principles of building on existing systems and lowering entry-barriers for users, an objective of the authentication/authorization development was to support existing and well-used users' credentials (e.g. Google, Twitter, etc.). Due to the heterogeneity of technologies used by the different providers and applications, a broker-based approach for the authentication/authorization was introduced as a new functionality of GEO DAB. This new capability will be demonstrated at the next GEO XI Plenary (November 2014). This work will be presented and discussed

  13. Authentication Based on Pole-zero Models of Signature Velocity

    PubMed Central

    Rashidi, Saeid; Fallah, Ali; Towhidkhah, Farzad

    2013-01-01

    With the increase of communication and financial transaction through internet, on-line signature verification is an accepted biometric technology for access control and plays a significant role in authenticity and authorization in modernized society. Therefore, fast and precise algorithms for the signature verification are very attractive. The goal of this paper is modeling of velocity signal that pattern and properties is stable for persons. With using pole-zero models based on discrete cosine transform, precise method is proposed for modeling and then features is founded from strokes. With using linear, parzen window and support vector machine classifiers, the signature verification technique was tested with a large number of authentic and forgery signatures and has demonstrated the good potential of this technique. The signatures are collected from three different database include a proprietary database, the SVC2004 and the Sabanci University signature database benchmark databases. Experimental results based on Persian, SVC2004 and SUSIG databases show that our method achieves an equal error rate of 5.91%, 5.62% and 3.91% in the skilled forgeries, respectively. PMID:24696797

  14. Multiple-image encryption scheme based on cascaded fractional Fourier transform.

    PubMed

    Kong, Dezhao; Shen, Xueju; Xu, Qinzu; Xin, Wang; Guo, Haiqiong

    2013-04-20

    A multiple-image encryption scheme based on cascaded fractional Fourier transform is proposed. In the scheme, images are successively coded into the amplitude and phase of the input by cascading stages, which ends up with an encrypted image and a series of keys. The scheme takes full advantage of multikeys and the cascaded relationships of all stages, and it not only realizes image encryption but also achieves higher safety and more diverse applications. So multiuser authentication and hierarchical encryption are achieved. Numerical simulation verifies the feasibility of the method and demonstrates the security of the scheme and decryption characteristics. Finally, flexibility and variability of the scheme in application are discussed, and the simple photoelectric mixed devices to realize the scheme are proposed.

  15. Quantization-based semi-fragile public-key watermarking for secure image authentication

    NASA Astrophysics Data System (ADS)

    Schlauweg, Mathias; Proefrock, Dima; Palfner, Torsten; Mueller, Erika

    2005-09-01

    Authentication watermarking approaches can be classified into two kinds: fragile and semi-fragile. In contrast to the latter one, fragile watermarking does not tolerate modifications of any single bit of the watermarked data. Since the transmission of digital data often requires lossy compression, an authentication system should accept non-malicious modifications such as JPEG compression. Semi-fragile techniques aim to discriminate malicious manipulations from admissible manipulations. In our approach, we extract image content dependent information, which is hashed afterwards and encrypted using secure methods known from the classical cryptography. The image data is partitioned into nonoverlapping 4x4 pixel blocks in the spatial domain. The mean values of these blocks form n-dimensional vectors, which are quantized to the nearest lattice point neighbours. Based on the changed vector values, a hash is calculated and asymmetrically encrypted, resulting in a digital signature. Traditional dual subspace approaches divide the signal space into a region for signature generation and a region for signature embedding. To ensure the security of the whole image, we join the two subspaces. The vectors, where to embed the bits using quantization-based data hiding techniques, are predistorted and also used for the signature generation. Our scheme applies error correction coding to gain the robustness of the embedded signature to non-malicious distortions. A second quantization run finally embeds the signature.

  16. Smart environment as a service: three factor cloud based user authentication for telecare medical information system.

    PubMed

    Siddiqui, Zeeshan; Abdullah, Abdul Hanan; Khan, Muhammad Khurram; Alghamdi, Abdullah S

    2014-01-01

    The Telecare Medical Information System (TMIS) provides a set of different medical services to the patient and medical practitioner. The patients and medical practitioners can easily connect to the services remotely from their own premises. There are several studies carried out to enhance and authenticate smartcard-based remote user authentication protocols for TMIS system. In this article, we propose a set of enhanced and authentic Three Factor (3FA) remote user authentication protocols utilizing a smartphone capability over a dynamic Cloud Computing (CC) environment. A user can access the TMIS services presented in the form of CC services using his smart device e.g. smartphone. Our framework transforms a smartphone to act as a unique and only identity required to access the TMIS system remotely. Methods, Protocols and Authentication techniques are proposed followed by security analysis and a performance analysis with the two recent authentication protocols proposed for the healthcare TMIS system.

  17. Authenticated quantum secret sharing with quantum dialogue based on Bell states

    NASA Astrophysics Data System (ADS)

    Abulkasim, Hussein; Hamad, Safwat; El Bahnasy, Khalid; Rida, Saad Z.

    2016-08-01

    This work proposes a scheme that combines the advantages of a quantum secret sharing procedure and quantum dialogue. The proposed scheme enables the participants to simultaneously make mutual identity authentications, in a simulated scenario where the boss, Alice, shares a secret with her two agents Bob and Charlie. The secret is protected by checking photons to keep untrustworthy agents and outer attacks from getting useful information. Before the two agents cooperate to recover Alice’s secret, they must authenticate their identity using parts of a pre-shared key. In addition, the whole pre-shared key is reused as part of recovering the secret data to avoid any leaks of information. In comparison with previous schemes, the proposed method can efficiently detect eavesdropping and it is free from information leaks. Furthermore, the proposed scheme proved to be secure against man-in-the-middle attacks, impersonation attacks, entangled-and-measure attacks, participant attacks, modification attacks and Trojan-horse attacks.

  18. An Improved RSA Based User Authentication and Session Key Agreement Protocol Usable in TMIS.

    PubMed

    Amin, Ruhul; Biswas, G P

    2015-08-01

    Recently, Giri et al.'s proposed a RSA cryptosystem based remote user authentication scheme for telecare medical information system and claimed that the protocol is secure against all the relevant security attacks. However, we have scrutinized the Giri et al.'s protocol and pointed out that the protocol is not secure against off-line password guessing attack, privileged insider attack and also suffers from anonymity problem. Moreover, the extension of password guessing attack leads to more security weaknesses. Therefore, this protocol needs improvement in terms of security before implementing in real-life application. To fix the mentioned security pitfalls, this paper proposes an improved scheme over Giri et al.'s scheme, which preserves user anonymity property. We have then simulated the proposed protocol using widely-accepted AVISPA tool which ensures that the protocol is SAFE under OFMC and CL-AtSe models, that means the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The informal cryptanalysis has been also presented, which confirmed that the proposed protocol provides well security protection on the relevant security attacks. The performance analysis section compares the proposed protocol with other existing protocols in terms of security and it has been observed that the protocol provides more security and achieves additional functionalities such as user anonymity and session key verification.

  19. Cognitive Effects of an Authentic Computer-Supported, Problem-Based Learning Environment.

    ERIC Educational Resources Information Center

    Arts, Jos A. R.; Gijselaers, Wim H.; Segers, Mien S. R.

    2002-01-01

    Examines the redesign of a problem-based learning (PBL) course and its effects on students' cognitive learning outcomes in a college business course in the Netherlands. Compares the regular PBL course with the new authentic learning environment that included greater authenticity of case studies, more learner control, and social collaboration that…

  20. Praxis and the Language of Improvement: Inquiry-Based Approaches to Authentic Improvement in Australasian Schools

    ERIC Educational Resources Information Center

    Groundwater-Smith, Susan; Mitchell, Jane; Mockler, Nicole

    2016-01-01

    In this paper, we explore the notion of school improvement through the lens of praxis as it relates to equity, inclusion, and transformation, with a particular focus on inquiry-based school and teacher development. We argue that authentic improvement is a consequence of praxis, and highlight, through examples, key ways that authentic school…

  1. A Public-Key Based Authentication and Key Establishment Protocol Coupled with a Client Puzzle.

    ERIC Educational Resources Information Center

    Lee, M. C.; Fung, Chun-Kan

    2003-01-01

    Discusses network denial-of-service attacks which have become a security threat to the Internet community and suggests the need for reliable authentication protocols in client-server applications. Presents a public-key based authentication and key establishment protocol coupled with a client puzzle protocol and validates it through formal logic…

  2. Breaking and Fixing of an Identity Based Multi-Signcryption Scheme

    NASA Astrophysics Data System (ADS)

    Selvi, S. Sharmila Deva; Vivek, S. Sree; Rangan, C. Pandu

    Signcryption is a cryptographic primitive that provides authentication and confidentiality simultaneously in a single logical step. It is often required that multiple senders have to signcrypt a single message to a certain receiver. Obviously, it is inefficient to signcrypt the messages separately. An efficient alternative is to go for multi-signcryption. The concept of multi-signcryption is similar to that of multi-signatures with the added property - confidentiality. Recently, Jianhong et al. proposed an identity based multi-signcryption scheme. They claimed that their scheme is secure against adaptive chosen ciphertext attack and it is existentially unforgeable. In this paper, we show that their scheme is not secure against chosen plaintext attack and is existentially forgeable, we also provide a fix for the scheme and prove formally that the improved scheme is secure against both adaptive chosen ciphertext attack and existential forgery.

  3. Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments.

    PubMed

    Lee, Jaeseung; Sung, Yunsick; Park, Jong Hyuk

    2016-12-01

    The Internet of Things (IoT) is the intelligent technologies and services that mutually communicate information between humans and devices or between Internet-based devices. In IoT environments, various device information is collected from the user for intelligent technologies and services that control the devices. Recently, wireless sensor networks based on IoT environments are being used in sectors as diverse as medicine, the military, and commerce. Specifically, sensor techniques that collect relevant area data via mini-sensors after distributing smart dust in inaccessible areas like forests or military zones have been embraced as the future of information technology. IoT environments that utilize smart dust are composed of the sensor nodes that detect data using wireless sensors and transmit the detected data to middle nodes. Currently, since the sensors used in these environments are composed of mini-hardware, they have limited memory, processing power, and energy, and a variety of research that aims to make the best use of these limited resources is progressing. This paper proposes a method to utilize these resources while considering energy efficiency, and suggests lightweight mutual verification and key exchange methods based on a hash function that has no restrictions on operation quantity, velocity, and storage space. This study verifies the security and energy efficiency of this method through security analysis and function evaluation, comparing with existing approaches. The proposed method has great value in its applicability as a lightweight security technology for IoT environments.

  4. Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments

    PubMed Central

    Lee, Jaeseung; Sung, Yunsick; Park, Jong Hyuk

    2016-01-01

    The Internet of Things (IoT) is the intelligent technologies and services that mutually communicate information between humans and devices or between Internet-based devices. In IoT environments, various device information is collected from the user for intelligent technologies and services that control the devices. Recently, wireless sensor networks based on IoT environments are being used in sectors as diverse as medicine, the military, and commerce. Specifically, sensor techniques that collect relevant area data via mini-sensors after distributing smart dust in inaccessible areas like forests or military zones have been embraced as the future of information technology. IoT environments that utilize smart dust are composed of the sensor nodes that detect data using wireless sensors and transmit the detected data to middle nodes. Currently, since the sensors used in these environments are composed of mini-hardware, they have limited memory, processing power, and energy, and a variety of research that aims to make the best use of these limited resources is progressing. This paper proposes a method to utilize these resources while considering energy efficiency, and suggests lightweight mutual verification and key exchange methods based on a hash function that has no restrictions on operation quantity, velocity, and storage space. This study verifies the security and energy efficiency of this method through security analysis and function evaluation, comparing with existing approaches. The proposed method has great value in its applicability as a lightweight security technology for IoT environments. PMID:27916962

  5. Probabilistic authenticated quantum dialogue

    NASA Astrophysics Data System (ADS)

    Hwang, Tzonelih; Luo, Yi-Ping

    2015-12-01

    This work proposes a probabilistic authenticated quantum dialogue (PAQD) based on Bell states with the following notable features. (1) In our proposed scheme, the dialogue is encoded in a probabilistic way, i.e., the same messages can be encoded into different quantum states, whereas in the state-of-the-art authenticated quantum dialogue (AQD), the dialogue is encoded in a deterministic way; (2) the pre-shared secret key between two communicants can be reused without any security loophole; (3) each dialogue in the proposed PAQD can be exchanged within only one-step quantum communication and one-step classical communication. However, in the state-of-the-art AQD protocols, both communicants have to run a QKD protocol for each dialogue and each dialogue requires multiple quantum as well as classical communicational steps; (4) nevertheless, the proposed scheme can resist the man-in-the-middle attack, the modification attack, and even other well-known attacks.

  6. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

    PubMed

    Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

    2015-11-30

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

  7. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks

    PubMed Central

    Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

    2015-01-01

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost. PMID:26633396

  8. Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

    NASA Astrophysics Data System (ADS)

    Xie, Qi; Hu, Bin; Chen, Ke-Fei; Liu, Wen-Hao; Tan, Xiao

    2015-11-01

    In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. Project supported by the Natural Science Foundation of Zhejiang Province, China (Grant No. LZ12F02005), the Major State Basic Research Development Program of China (Grant No. 2013CB834205), and the National Natural Science Foundation of China (Grant No. 61070153).

  9. A Question of Authenticity: The Document-Based Question as an Assessment of Students' Knowledge of History

    ERIC Educational Resources Information Center

    Grant, S. G.; Gradwell, Jill M.; Cimbricz, Sandra K.

    2004-01-01

    In this article we consider the extent to which the Document-Based Question (DBQ) on the New York State Global History and Geography exam represents an authentic task. The DBQ seems like a significant step toward authenticity, especially when compared with traditional forced-choice assessments. Drawing on the characteristics of authentic tasks as…

  10. Hierarchical multilevel authentication system for multiple-image based on phase retrieval and basic vector operations

    NASA Astrophysics Data System (ADS)

    Li, Xianye; Meng, Xiangfeng; Yin, Yongkai; Yang, Xiulun; Wang, Yurong; Peng, Xiang; He, Wenqi; Pan, Xuemei; Dong, Guoyan; Chen, Hongyi

    2017-02-01

    A hierarchical multilevel authentication system for multiple-image based on phase retrieval and basic vector operations in the Fresnel domain is proposed, by which more certification images are iteratively encoded into multiple cascaded phase masks according to different hierarchical levels. Based on the secret sharing algorithm by basic vector decomposition and composition operations, the iterated phase distributions are split into n pairs of shadow images keys (SIKs), and then distributed to n different participants (the authenticators). During each level in the high authentication process, any 2 or more participants can be gathered to reconstruct the original meaningful certification images. While in the case of each level in the low authentication process, only one authenticator who possesses a correct pair of SIKs, will gain no significant information of certification image; however, it can result in a remarkable peak output in the nonlinear correlation coefficient of the recovered image and the standard certification image, which can successfully provide an additional authentication layer for the high-level authentication. Theoretical analysis and numerical simulations both verify the feasibility of the proposed method.

  11. Protection of Health Imagery by Region Based Lossless Reversible Watermarking Scheme

    PubMed Central

    Priya, R. Lakshmi; Sadasivam, V.

    2015-01-01

    Providing authentication and integrity in medical images is a problem and this work proposes a new blind fragile region based lossless reversible watermarking technique to improve trustworthiness of medical images. The proposed technique embeds the watermark using a reversible least significant bit embedding scheme. The scheme combines hashing, compression, and digital signature techniques to create a content dependent watermark making use of compressed region of interest (ROI) for recovery of ROI as reported in literature. The experiments were carried out to prove the performance of the scheme and its assessment reveals that ROI is extracted in an intact manner and PSNR values obtained lead to realization that the presented scheme offers greater protection for health imageries. PMID:26649328

  12. Framework Design of Unified Cross-Authentication Based on the Fourth Platform Integrated Payment

    NASA Astrophysics Data System (ADS)

    Yong, Xu; Yujin, He

    The essay advances a unified authentication based on the fourth integrated payment platform. The research aims at improving the compatibility of the authentication in electronic business and providing a reference for the establishment of credit system by seeking a way to carry out a standard unified authentication on a integrated payment platform. The essay introduces the concept of the forth integrated payment platform and finally put forward the whole structure and different components. The main issue of the essay is about the design of the credit system of the fourth integrated payment platform and the PKI/CA structure design.

  13. Location-assured, multifactor authentication on smartphones via LTE communication

    NASA Astrophysics Data System (ADS)

    Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

    2013-05-01

    With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client's current location, thus defines the important aspects of "who", "when", and "where" of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client's location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client's Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE's Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client's claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication.

  14. Optical multiple-image authentication based on cascaded phase filtering structure

    NASA Astrophysics Data System (ADS)

    Wang, Q.; Alfalou, A.; Brosseau, C.

    2016-10-01

    In this study, we report on the recent developments of optical image authentication algorithms. Compared with conventional optical encryption, optical image authentication achieves more security strength because such methods do not need to recover information of plaintext totally during the decryption period. Several recently proposed authentication systems are briefly introduced. We also propose a novel multiple-image authentication system, where multiple original images are encoded into a photon-limited encoded image by using a triple-plane based phase retrieval algorithm and photon counting imaging (PCI) technique. One can only recover a noise-like image using correct keys. To check authority of multiple images, a nonlinear fractional correlation is employed to recognize the original information hidden in the decrypted results. The proposal can be implemented optically using a cascaded phase filtering configuration. Computer simulation results are presented to evaluate the performance of this proposal and its effectiveness.

  15. Android Based Behavioral Biometric Authentication via Multi-Modal Fusion

    DTIC Science & Technology

    2014-06-12

    social media, email, and communication are all driven through a single device. However, the convenience of an all-in-one, completely integrated device...authorizations (unlocking the device) for the average user, mobile device authentication must be secure while also being convenient [6]. This is...requests has driven mobile phone developers to develop simple and convenient authorization mechanisms on modern devices. 4 2.2 Static vs Active

  16. A secret-sharing-based method for authentication of grayscale document images via the use of the PNG image with a data repair capability.

    PubMed

    Lee, Che-Wei; Tsai, Wen-Hsiang

    2012-01-01

    A new blind authentication method based on the secret sharing technique with a data repair capability for grayscale document images via the use of the Portable Network Graphics (PNG) image is proposed. An authentication signal is generated for each block of a grayscale document image, which, together with the binarized block content, is transformed into several shares using the Shamir secret sharing scheme. The involved parameters are carefully chosen so that as many shares as possible are generated and embedded into an alpha channel plane. The alpha channel plane is then combined with the original grayscale image to form a PNG image. During the embedding process, the computed share values are mapped into a range of alpha channel values near their maximum value of 255 to yield a transparent stego-image with a disguise effect. In the process of image authentication, an image block is marked as tampered if the authentication signal computed from the current block content does not match that extracted from the shares embedded in the alpha channel plane. Data repairing is then applied to each tampered block by a reverse Shamir scheme after collecting two shares from unmarked blocks. Measures for protecting the security of the data hidden in the alpha channel are also proposed. Good experimental results prove the effectiveness of the proposed method for real applications.

  17. An Authentication Protocol for Mobile IPTV Users Based on an RFID-USB Convergence Technique

    NASA Astrophysics Data System (ADS)

    Jeong, Yoon-Su; Kim, Yong-Tae

    With the growing trend towards convergence in broadcast and communications media, Internet Protocol television (IPTV) that delivers real-time multimedia content over diverse types of communications networks (e.g., broadband Internet, cable TV, and satellite TV) has become a mainstream technology. Authenticating mobile IPTV subscribers who are continuously on the move is a challenge. A complex authentication process often impairs conditional access security or service quality as increasing illegal users and delaying service. This paper proposes an RFID-USB authentication protocol, for mobile IPTV users, combined with USIM-based personalized authentication and lightweight authentication that utilizes the RFID-USB technology with an implanted agent module (called an "agent tag") which temporarily enhanced user status information. The proposed authentication protocol adopts a plug-and-play security agent module that is placed in both an RFID tag and an RFID-USB. The implanted security agents cooperate in such a way that multiple RFID tags are connected seamlessly to an RFID-USB.

  18. A Secure and Efficient Handover Authentication Based on Light-Weight Diffie-Hellman on Mobile Node in FMIPv6

    NASA Astrophysics Data System (ADS)

    Choi, Jaeduck; Jung, Souhwan

    This letter proposes a secure and efficient handover authentication scheme that requires a light-weight Diffie-Hellman operation at mobile nodes. Our scheme provides more enhanced securities like the PFS, PBS, and so on than the existing security-context-transfer schemes. Also, the mobile node delegates the exponent operation for the DH to the access router to reduce computational cost on it.

  19. Chaotic maps-based password-authenticated key agreement using smart cards

    NASA Astrophysics Data System (ADS)

    Guo, Cheng; Chang, Chin-Chen

    2013-06-01

    Password-based authenticated key agreement using smart cards has been widely and intensively researched. Inspired by the semi-group property of Chebyshev maps and key agreement protocols based on chaotic maps, we proposed a novel chaotic maps-based password-authenticated key agreement protocol with smart cards. In our protocol, we avoid modular exponential computing or scalar multiplication on elliptic curve used in traditional authenticated key agreement protocols using smart cards. Our analysis shows that our protocol has comprehensive characteristics and can withstand attacks, including the insider attack, replay attack, and others, satisfying essential security requirements. Performance analysis shows that our protocol can refrain from consuming modular exponential computing and scalar multiplication on an elliptic curve. The computational cost of our protocol compared with related protocols is acceptable.

  20. A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs.

    PubMed

    Wang, Lingling; Liu, Guozhu; Sun, Lijun

    2017-03-24

    Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme.

  1. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks

    PubMed Central

    Peter, Steffen; Pratap Reddy, Bhanu; Momtaz, Farshad; Givargis, Tony

    2016-01-01

    Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system. PMID:27110785

  2. Design of Secure ECG-Based Biometric Authentication in Body Area Sensor Networks.

    PubMed

    Peter, Steffen; Reddy, Bhanu Pratap; Momtaz, Farshad; Givargis, Tony

    2016-04-22

    Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometric authentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

  3. An Efficient Identity-Based Key Management Scheme for Wireless Sensor Networks Using the Bloom Filter

    PubMed Central

    Qin, Zhongyuan; Zhang, Xinshuai; Feng, Kerong; Zhang, Qunfang; Huang, Jie

    2014-01-01

    With the rapid development and widespread adoption of wireless sensor networks (WSNs), security has become an increasingly prominent problem. How to establish a session key in node communication is a challenging task for WSNs. Considering the limitations in WSNs, such as low computing capacity, small memory, power supply limitations and price, we propose an efficient identity-based key management (IBKM) scheme, which exploits the Bloom filter to authenticate the communication sensor node with storage efficiency. The security analysis shows that IBKM can prevent several attacks effectively with acceptable computation and communication overhead. PMID:25264955

  4. Multilevel image authentication using shared secret threshold and phase retrieval

    NASA Astrophysics Data System (ADS)

    Pan, Xuemei; Meng, Xiangfeng; Wang, Yurong; Yang, Xiulun; Peng, Xiang; He, Wenqi; Dong, Guoyan; Chen, Hongyi

    2014-10-01

    A new kind of multilevel authentication system based on the (t, n) threshold secret sharing scheme and the iterative phase retrieval algorithm in Fresnel domain is proposed, in which, the first phase distribution iteratively generated is divided into n parts and delivered to n different participants, during high-level authentication, any t (t ≤ n) or more of them can be collected to reconstruct the original meaningful certification image; While in the case of low-level authentication, any t - 1 or fewer will gain no significant information of certification image, however, it can result in a remarkable peak output in the nonlinear correlation coefficient of the recovered image and the standard certification image, which can successfully provide an additional authentication layer for the high-level authentication. Theoretical analysis and numerical simulations both validate the feasibility of our proposed scheme.

  5. High-throughput SNP-based authentication of human cell lines

    PubMed Central

    Castro, Felipe; Dirks, Wilhelm G.; Fähnrich, Silke; Hotz-Wagenblatt, Agnes; Pawlita, Michael; Schmitt, Markus

    2012-01-01

    Use of false cell lines remains a major problem in biological research. Short tandem repeat (STR) profiling represents the gold standard technique for cell line authentication. However, mismatch repair (MMR) deficient cell lines are characterized by microsatellite instability, which could force allelic drifts in combination with a selective outgrowth of otherwise persisting side lines, and thus, are likely to be misclassified by STR-profiling. Based on the high-throughput Luminex platform, we developed a 24-plex SNP-profiling assay, called Multiplex Cell Authentication (MCA), for determining authentication of human cell lines. MCA was evaluated by analysing a collection of 436 human cell lines from the DSMZ, previously characterised by eight loci STR profiling. Both assays showed a very high degree of concordance and similar average matching probabilities (~1 × 10−8 for STR-profiling and ~1 × 10−9 for MCA). MCA enabled the detection of less than 3% contaminating human cells. Analysing MMR deficient cell lines, evidence was obtained for a higher robustness of the MCA compared to STR profiling. In conclusion, MCA could complement routine cell line authentication and replace the standard authentication STR technique in case of MSI cell lines. PMID:22700458

  6. A study on the integrity and authentication of weather observation data using Identity Based Encryption.

    PubMed

    Seo, Jung Woo; Lee, Sang Jin

    2016-01-01

    Weather information provides a safe working environment by contributing to the economic activity of the nation, and plays role of the prevention of natural disasters, which can cause large scaled casualties and damage of property. Especially during times of war, weather information plays a more important role than strategy, tactics and information about trends of the enemy. Also, it plays an essential role for the taking off and landing of fighter jet and the sailing of warships. If weather information, which plays a major role in national security and economy, gets misused for cyber terrorism resulting false weather information, it could be a huge threat for national security and the economy. We propose a plan to safely transmit the measured value from meteorological sensors through a meteorological telecommunication network in order to guarantee the confidentiality and integrity of the data despite cyber-attacks. Also, such a plan allows one to produce reliable weather forecasts by performing mutual authentication through authentication devices. To make sure of this, one can apply an Identity Based Signature to ensure the integrity of measured data, and transmit the encrypted weather information with mutual authentication about the authentication devices. There are merits of this research: It is not necessary to manage authentication certificates unlike the Public Key Infrastructure methodology, and it provides a powerful security measure with the capability to be realized in a small scale computing environment, such as the meteorological observation system due to the low burden on managing keys.

  7. Passive digital image authentication algorithm based on Tchebichef moment invariants

    NASA Astrophysics Data System (ADS)

    Li, Mei; Gu, Zongyun; Kan, Junling

    2010-12-01

    This paper presents a new passive image authenticate algorithm to check and measure the forged pictures and images in the regional copies and sticks. After reducing the image dimension by DWT (Discrete Wavelet Transform), the Tchebichef moment invariants is applied to the fixed sized overlapping blocks of a low-frequency image in the wavelet sub-band, and the eigenvectors are lexicographically sorted. Then, similar eigenvectors are matched by a certain threshold. Finally, the forgery part is identified by the threshold analysis. The experimental results show that proposed method can not only localize the copy forgery regions accurately, but also undergone some attacks like random noise contamination, lossy JPEG(Joint Photographic Experts Group) compression, rotation transformation etc. and reduce the amount of computation and improve the detection efficiency.

  8. Passive digital image authentication algorithm based on Tchebichef moment invariants

    NASA Astrophysics Data System (ADS)

    Li, Mei; Gu, Zongyun; Kan, Junling

    2011-05-01

    This paper presents a new passive image authenticate algorithm to check and measure the forged pictures and images in the regional copies and sticks. After reducing the image dimension by DWT (Discrete Wavelet Transform), the Tchebichef moment invariants is applied to the fixed sized overlapping blocks of a low-frequency image in the wavelet sub-band, and the eigenvectors are lexicographically sorted. Then, similar eigenvectors are matched by a certain threshold. Finally, the forgery part is identified by the threshold analysis. The experimental results show that proposed method can not only localize the copy forgery regions accurately, but also undergone some attacks like random noise contamination, lossy JPEG(Joint Photographic Experts Group) compression, rotation transformation etc. and reduce the amount of computation and improve the detection efficiency.

  9. Authentication of medicinal plants by SNP-based multiplex PCR.

    PubMed

    Lee, Ok Ran; Kim, Min-Kyeoung; Yang, Deok-Chun

    2012-01-01

    Highly variable intergenic spacer and intron regions from nuclear and cytoplasmic DNA have been used for species identification. Noncoding internal transcribed spacers (ITSs) located in 18S-5.8S-26S, and 5S ribosomal RNA genes (rDNAs) represent suitable region for medicinal plant authentication. Noncoding regions from two cytoplasmic DNA, chloroplast DNA (trnT-F intergenic spacer region), and mitochondrial DNA (fourth intron region of nad7 gene) are also successfully applied for the proper identification of medicinal plants. Single-nucleotide polymorphism (SNP) sites obtained from the amplification of intergenic spacer and intron regions are properly utilized for the verification of medicinal plants in species level using multiplex PCR. Multiplex PCR as a variant of PCR technique used to amplify more than two loci simultaneously.

  10. k-Times Anonymous Authentication

    NASA Astrophysics Data System (ADS)

    Teranishi, Isamu; Furukawa, Jun; Sako, Kazue

    We propose an authentication scheme in which users can be authenticated anonymously so long as times that they are authenticated is within an allowable number. The proposed scheme has two features: 1) no one, not even an authority, can identify users who have been authenticated within the allowable number, 2) anyone can trace, without help from the authority, dishonest users who have been authenticated beyond the allowable number by using the records of these authentications. Our scheme can be applied to e-voting, e-cash, electronic coupons, and trial browsing of content. In these applications, our scheme, unlike the previous one, conceals users' participation from protocols and guarantees that they will remain anonymous to everyone.

  11. Review: Authentication and traceability of foods from animal origin by polymerase chain reaction-based capillary electrophoresis.

    PubMed

    Rodríguez-Ramírez, Roberto; González-Córdova, Aarón F; Vallejo-Cordoba, Belinda

    2011-01-31

    This work presents an overview of the applicability of PCR-based capillary electrophoresis (CE) in food authentication and traceability of foods from animal origin. Analytical approaches for authenticating and tracing meat and meat products and fish and seafood products are discussed. Particular emphasis will be given to the usefulness of genotyping in food tracing by using CE-based genetic analyzers.

  12. Image authentication via sparsity-based phase-shifting digital holography

    NASA Astrophysics Data System (ADS)

    Chen, Wen; Chen, Xudong

    2015-03-01

    Digital holography has been widely studied in recent years, and a number of applications have been demonstrated. In this paper, we demonstrate that sparsity-based phase-shifting digital holography can be applied for image authentication. In phase-shifting digital holography, the holograms are sequentially recorded. Only small parts of each hologram are available for numerical reconstruction. It is found that nonlinear correlation algorithm can be applied to simply authenticate the reconstructed object. The results illustrate that the recovered image can be correctly verified. In the developed system, the recorded holograms are highly compressed which can facilitate data storage or transmission, and one simple authentication strategy has been established instead of applying relatively complex algorithms (such as compressive sensing) to recover the object.

  13. Password Authenticated Key Exchange Based on RSA in the Three-Party Settings

    NASA Astrophysics Data System (ADS)

    Dongna, E.; Cheng, Qingfeng; Ma, Chuangui

    A great deal of password authenticated key exchange (PAKE) protocols have been proposed in recent years. Most of them were based on Diffie-Hellman key exchange. While the approach of designing PAKE protocols with RSA is far from maturity and perfection. In fact, the existing PAKE protocols using RSA or other public-key cryptographic techniques provide an authenticated key exchange only between a client and a server. This paper presents a new efficient PAKE protocol using RSA in the three-party settings (3PAKE-RSA). The novel protocol can be resistant to e-residue attack and provably secure under the RSA assumption in the random oracle model.

  14. A RFID authentication protocol based on infinite dimension pseudo random number generator for image recognition system

    NASA Astrophysics Data System (ADS)

    Tong, Qiaoling; Zou, Xuecheng; Tong, Hengqing

    2009-10-01

    Radio Frequency Identification (RFID) technology has been widely used in the image recognition system. However, the feature of the RFID system may bring out security threatens. In this paper, we analyze the existing RFID authentication protocols and state an infinite dimension pseudo random number generator to strengthen the protocol security. Then an authentication protocol based on infinite dimension pseudo random number generator is proposed. Compared to the traditional protocols, our method could resist various attack approaches, and protect the tag information and the location privacy of the tag holder efficiently.

  15. TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones

    NASA Astrophysics Data System (ADS)

    Nauman, Mohammad; Ali, Tamleek

    Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services.

  16. PBL: An Evaluation of the Effectiveness of Authentic Problem-Based Learning (aPBL)

    ERIC Educational Resources Information Center

    Woods, Donald R.

    2012-01-01

    Many different versions of Problem-based Learning (PBL) are used today. To be consistent in evaluating the effectiveness of PBL, the focus in this paper is on what Howard Barrows called authentic PBL (aPBL). In aPBL students are empowered with the learning process; key distinguishing features are that the students teach each other the new…

  17. "Chemistry Is in the News": Taxonomy of Authentic News Media-Based Learning Activities. Research Report

    ERIC Educational Resources Information Center

    Glaser, Rainer E.; Carson, Kathleen M.

    2005-01-01

    A brief history is given of approaches that aim at achieving a connectedness of the content of organic chemistry courses to real world issues. Recently, such approaches have relied more and more on online media resources, the tools of the Internet and the World Wide Web. We propose a six-level taxonomy of 'authentic news media-based learning…

  18. A network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption

    NASA Astrophysics Data System (ADS)

    Zhu, Lijuan; Liu, Jingao

    2013-07-01

    This paper describes a network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption. This protocol can provide every bank user a safe and effective way to manage his own bank account, and also can effectively prevent the hacker attacks and bank clerk crime, so that it is absolute to guarantee the legitimate rights and interests of bank users.

  19. Physiological signal based entity authentication for body area sensor networks and mobile healthcare systems.

    PubMed

    Bao, Shu-Di; Zhang, Yuan-Ting; Shen, Lian-Feng

    2005-01-01

    With the evolution of m-Health, an increasing number of biomedical sensors will be worn on or implanted in an individual in the future for the monitoring, diagnosis, and treatment of diseases. For the optimization of resources, it is therefore necessary to investigate how to interconnect these sensors in a wireless body area network, wherein security of private data transmission is always a major concern. This paper proposes a novel solution to tackle the problem of entity authentication in body area sensor network (BASN) for m-Health. Physiological signals detected by biomedical sensors have dual functions: (1) for a specific medical application, and (2) for sensors in the same BASN to recognize each other by biometrics. A feasibility study of proposed entity authentication scheme was carried out on 12 healthy individuals, each with 2 channels of photoplethysmogram (PPG) captured simultaneously at different parts of the body. The beat-to-beat heartbeat interval is used as a biometric characteristic to generate identity of the individual. The results of statistical analysis suggest that it is a possible biometric feature for the entity authentication of BASN.

  20. Fast and secure handover of intra-ASN IEEE802.16 network by proposed certificate based pre-authentication

    NASA Astrophysics Data System (ADS)

    Sridevi, B.; Supriya, T. S.; Rajaram, S.

    2013-01-01

    The current generation of wireless networks has been designed predominantly to support voice and more recently data traffic. WiMAX is currently one of the hottest technologies in wireless. The main motive of the mobile technologies is to provide seamless cost effective mobility. But this is affected by Authentication cost and handover delay since on each handoff the Mobile Station (MS) has to undergo all steps of authentication. Pre-Authentication is used to reduce the handover delay and increase the speed of the Intra-ASN Handover. Proposed Pre-Authentication method is intended to reduce the authentication delay by getting pre authenticated by central authority called Pre Authentication Authority (PAA). MS requests PAA for Pre Authentication Certificate (PAC) before performing handoff. PAA verifies the identity of MS and provides PAC to MS and also to the neighboring target Base Stations (tBSs). MS having time bound PAC can skip the authentication process when recognized by target BS during handoff. It also prevents the DOS (Denial Of Service) attack and Replay attack. It has no wastage of unnecessary key exchange of the resources. The proposed work is simulated by NS2 model and by MATLAB.

  1. Educational Statistics Authentic Learning CAPSULES: Community Action Projects for Students Utilizing Leadership and E-Based Statistics

    ERIC Educational Resources Information Center

    Thompson, Carla J.

    2009-01-01

    Since educational statistics is a core or general requirement of all students enrolled in graduate education programs, the need for high quality student engagement and appropriate authentic learning experiences is critical for promoting student interest and student success in the course. Based in authentic learning theory and engagement theory…

  2. Assessment of Web-Based Authentication Methods in the U.S.: Comparing E-Learning Systems to Internet Healthcare Information Systems

    ERIC Educational Resources Information Center

    Mattord, Herbert J.

    2012-01-01

    Organizations continue to rely on password-based authentication methods to control access to many Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in Web-based information systems (IS). It developed an Authentication Method System Index (AMSI) to analyze collected data from…

  3. Multiview image compression based on LDV scheme

    NASA Astrophysics Data System (ADS)

    Battin, Benjamin; Niquin, Cédric; Vautrot, Philippe; Debons, Didier; Lucas, Laurent

    2011-03-01

    In recent years, we have seen several different approaches dealing with multiview compression. First, we can find the H264/MVC extension which generates quite heavy bitstreams when used on n-views autostereoscopic medias and does not allow inter-view reconstruction. Another solution relies on the MVD (MultiView+Depth) scheme which keeps p views (n > p > 1) and their associated depth-maps. This method is not suitable for multiview compression since it does not exploit the redundancy between the p views, moreover occlusion areas cannot be accurately filled. In this paper, we present our method based on the LDV (Layered Depth Video) approach which keeps one reference view with its associated depth-map and the n-1 residual ones required to fill occluded areas. We first perform a global per-pixel matching step (providing a good consistency between each view) in order to generate one unified-color RGB texture (where a unique color is devoted to all pixels corresponding to the same 3D-point, thus avoiding illumination artifacts) and a signed integer disparity texture. Next, we extract the non-redundant information and store it into two textures (a unified-color one and a disparity one) containing the reference and the n-1 residual views. The RGB texture is compressed with a conventional DCT or DWT-based algorithm and the disparity texture with a lossless dictionary algorithm. Then, we will discuss about the signal deformations generated by our approach.

  4. Low crosstalk optical hierarchical authentication with a fixed random phase lock based on two beams interference

    NASA Astrophysics Data System (ADS)

    Lu, Dajiang; He, Wenqi; Peng, Xiang

    2015-09-01

    We propose a novel method to achieve the purpose of hierarchical authentication based on two beams interference. In this method, different target images indicating different authentication levels are analytically encoded into corresponding phase-only masks (phase keys) and amplitude-only masks (amplitude keys) with the help of a random phase mask, which is created in advance and acts as the fixed lock of this authentication system. For the authentication process, a legal user can obtain a specified target image at the output plane if his/her phase key, and amplitude key, which should be settled close against the fixed internal phase lock, are respectively illuminated by two coherent beams. By comparing the target image with all the standard certification images in the database, the system can thus verify the user's identity. In simple terms, this system can not only confirm the legality of a user but also distinguish his/her identity level. Moreover, in despite of the internal phase lock of this system being fixed, the crosstalk between different pairs of keys hold by different users is low. Theoretical analysis and numerical simulation are both provided to demonstrate the validity of this method.

  5. Multi-factor authentication

    DOEpatents

    Hamlet, Jason R; Pierson, Lyndon G

    2014-10-21

    Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.

  6. A study of the particularities of an authentication system with a method of an asymmetric holographic encryption based on the DRPE to protect the passwords of the technical devices

    NASA Astrophysics Data System (ADS)

    Nalegaev, S. S.; Krasnov, V. V.

    2016-08-01

    The present work is devoted to research the peculiarities of an authentication system of the technical devices with the use of an optical asymmetric holographic encryption on the basis of the Double Random Phase Encoding (DRPE). The series of the numerical experiments was performed to implement the encryption and the decryption of the initial image. The angular spectrum approach was used as a tool for the simulation of the propagation of the light in the free space forward and backward along the whole optical scheme of the DRPE. In the present work the particularities of the authentication system based on an asymmetric approach of the holographic encryption method DRPE were studied.

  7. Quantum deniable authentication protocol

    NASA Astrophysics Data System (ADS)

    Shi, Wei-Min; Zhou, Yi-Hua; Yang, Yu-Guang

    2014-07-01

    The proposed quantum identity authentication schemes only involved authentication between two communicators, but communications with deniability capability are often desired in electronic applications such as online negotiation and electronic voting. In this paper, we proposed a quantum deniable authentication protocol. According to the property of unitary transformation and quantum one-way function, this protocol can provide that only the specified receiver can identify the true source of a given message and the specified receiver cannot prove the source of the message to a third party by a transcript simulation algorithm. Moreover, the quantum key distribution and quantum encryption algorithm guarantee the unconditional security of this scheme. Security analysis results show that this protocol satisfies the basic security requirements of deniable authentication protocol such as completeness and deniability and can withstand the forgery attack, impersonation attack, inter-resend attack.

  8. Quantum group signature scheme based on controlled quantum teleportation

    NASA Astrophysics Data System (ADS)

    Chen, F. L.; Han, Z. F.

    2016-11-01

    Group signature scheme is a method of allowing a member of a group to sign a message anonymously on behalf of the group. The group administrator is in charge of adding group members and has the ability to reveal the original signer in the event of disputes. Based on controlled quantum teleportation with three-particle entangled W states, we propose a new quantum group signature scheme with designated receiver. Security analysis proves that the proposed scheme possesses the characteristics of group signature and resists the usual attacks. Compared with previous proposed schemes, this scheme follows security definition of group signature fully and meets its basic requirements.

  9. Source Authentication for Code Dissemination Supporting Dynamic Packet Size in Wireless Sensor Networks †

    PubMed Central

    Kim, Daehee; Kim, Dongwan; An, Sunshin

    2016-01-01

    Code dissemination in wireless sensor networks (WSNs) is a procedure for distributing a new code image over the air in order to update programs. Due to the fact that WSNs are mostly deployed in unattended and hostile environments, secure code dissemination ensuring authenticity and integrity is essential. Recent works on dynamic packet size control in WSNs allow enhancing the energy efficiency of code dissemination by dynamically changing the packet size on the basis of link quality. However, the authentication tokens attached by the base station become useless in the next hop where the packet size can vary according to the link quality of the next hop. In this paper, we propose three source authentication schemes for code dissemination supporting dynamic packet size. Compared to traditional source authentication schemes such as μTESLA and digital signatures, our schemes provide secure source authentication under the environment, where the packet size changes in each hop, with smaller energy consumption. PMID:27409616

  10. Spatial dimming scheme for optical OFDM based visible light communication.

    PubMed

    Yang, Yang; Zeng, Zhimin; Cheng, Julian; Guo, Caili

    2016-12-26

    A new dimming control scheme termed spatial dimming orthogonal frequency division multiplexing (SD-OFDM) is proposed for multiple-input and multiple output OFDM based visible light communication. The basic idea of SD-OFDM is that the illumination can be represented by the number of glared light emitting diodes (LEDs) in an LED lamp. As the biasing level of LEDs does not adjust to represent the required illumination level, the proposed scheme can significantly mitigate the clipping noise compared to analogue dimming schemes. Furthermore, unlike digital dimming schemes that control illumination levels by setting different duty cycles of pulse width modulation, the proposed scheme is always in the "on-state" for varied illumination levels. Both analytical and simulation results indicate that the proposed scheme is an efficient and feasible dimmable scheme.

  11. Quantum scheme for secret sharing based on local distinguishability

    NASA Astrophysics Data System (ADS)

    Rahaman, Ramij; Parker, Matthew G.

    2015-02-01

    In this paper, we analyze the (im)possibility of the exact distinguishability of orthogonal multipartite entangled states under restricted local operation and classical communication. Based on this local distinguishability analysis, we propose a quantum secret sharing scheme (which we call LOCC-QSS). Our LOCC-QSS scheme is quite general and cost efficient compared to other schemes. In our scheme, no joint quantum operation is needed to reconstruct the secret. We also present an interesting (2 ,n ) -threshold LOCC-QSS scheme, where any two cooperating players, one from each of two disjoint groups of players, can always reconstruct the secret. This LOCC-QSS scheme is quite uncommon, as most (k ,n ) -threshold quantum secret sharing schemes have the restriction k ≥⌈n/2 ⌉ .

  12. A chaos secure communication scheme based on multiplication modulation

    NASA Astrophysics Data System (ADS)

    Fallahi, Kia; Leung, Henry

    2010-02-01

    A secure spread spectrum communication scheme using multiplication modulation is proposed. The proposed system multiplies the message by chaotic signal. The scheme does not need to know the initial condition of the chaotic signals and the receiver is based on an extended Kalman filter (EKF). This signal encryption scheme lends itself to cheap implementation and can therefore be used effectively for ensuring security and privacy in commercial consumer electronics products. To illustrate the effectiveness of the proposed scheme, a numerical example based on Genesio-Tesi system and also Chen dynamical system is presented and the results are compared.

  13. CUE: counterfeit-resistant usable eye movement-based authentication via oculomotor plant characteristics and complex eye movement patterns

    NASA Astrophysics Data System (ADS)

    Komogortsev, Oleg V.; Karpov, Alexey; Holland, Corey D.

    2012-06-01

    The widespread use of computers throughout modern society introduces the necessity for usable and counterfeit-resistant authentication methods to ensure secure access to personal resources such as bank accounts, e-mail, and social media. Current authentication methods require tedious memorization of lengthy pass phrases, are often prone to shouldersurfing, and may be easily replicated (either by counterfeiting parts of the human body or by guessing an authentication token based on readily available information). This paper describes preliminary work toward a counterfeit-resistant usable eye movement-based (CUE) authentication method. CUE does not require any passwords (improving the memorability aspect of the authentication system), and aims to provide high resistance to spoofing and shoulder-surfing by employing the combined biometric capabilities of two behavioral biometric traits: 1) oculomotor plant characteristics (OPC) which represent the internal, non-visible, anatomical structure of the eye; 2) complex eye movement patterns (CEM) which represent the strategies employed by the brain to guide visual attention. Both OPC and CEM are extracted from the eye movement signal provided by an eye tracking system. Preliminary results indicate that the fusion of OPC and CEM traits is capable of providing a 30% reduction in authentication error when compared to the authentication accuracy of individual traits.

  14. Efficient Unrestricted Identity-Based Aggregate Signature Scheme

    PubMed Central

    Yuan, Yumin; Zhan, Qian; Huang, Hua

    2014-01-01

    An aggregate signature scheme allows anyone to compress multiple individual signatures from various users into a single compact signature. The main objective of such a scheme is to reduce the costs on storage, communication and computation. However, among existing aggregate signature schemes in the identity-based setting, some of them fail to achieve constant-length aggregate signature or require a large amount of pairing operations which grows linearly with the number of signers, while others have some limitations on the aggregated signatures. The main challenge in building efficient aggregate signature scheme is to compress signatures into a compact, constant-length signature without any restriction. To address the above drawbacks, by using the bilinear pairings, we propose an efficient unrestricted identity-based aggregate signature. Our scheme achieves both full aggregation and constant pairing computation. We prove that our scheme has existential unforgeability under the computational Diffie-Hellman assumption. PMID:25329777

  15. Efficient unrestricted identity-based aggregate signature scheme.

    PubMed

    Yuan, Yumin; Zhan, Qian; Huang, Hua

    2014-01-01

    An aggregate signature scheme allows anyone to compress multiple individual signatures from various users into a single compact signature. The main objective of such a scheme is to reduce the costs on storage, communication and computation. However, among existing aggregate signature schemes in the identity-based setting, some of them fail to achieve constant-length aggregate signature or require a large amount of pairing operations which grows linearly with the number of signers, while others have some limitations on the aggregated signatures. The main challenge in building efficient aggregate signature scheme is to compress signatures into a compact, constant-length signature without any restriction. To address the above drawbacks, by using the bilinear pairings, we propose an efficient unrestricted identity-based aggregate signature. Our scheme achieves both full aggregation and constant pairing computation. We prove that our scheme has existential unforgeability under the computational Diffie-Hellman assumption.

  16. Chemistry Is in the News: Taxonomy of authentic news media-based learning activities1

    NASA Astrophysics Data System (ADS)

    Glaser, Rainer E.; Carson, Kathleen M.

    2005-09-01

    A brief history is given of approaches that aim at achieving a connectedness of the content of organic chemistry courses to real world issues. Recently, such approaches have relied more and more on online media resources, the tools of the Internet and the World Wide Web. We propose a six-level taxonomy of ‘authentic news media-based learning activities’ to provide a conceptual framework for the description and discussion of such approaches. The Chemistry Is in the News project was designed to allow students to draw explicit connections between the course content and real world issues in ways that engage the students in a full range of cognitive skills. The activities consisted in the study, creation, and peer review of news portfolios by student collaborative groups. A news portfolio consists of an authentic news article taken from the popular press with interpretive comments and questions.

  17. Image multiplexing and authentication based on double phase retrieval in fresnel transform domain

    NASA Astrophysics Data System (ADS)

    Chang, Hsuan-Ting; Lin, Che-Hsian; Chen, Chien-Yue

    2017-04-01

    An image multiplexing and authentication method based on the double-phase retrieval algorithm (DPRA) with the manipulations of wavelength and position in the Fresnel transform (FrT) domain is proposed in this study. The DPRA generates two matched phase-only functions (POFs) in the different planes so that the corresponding image can be reconstructed at the output plane. Given a number of target images, all the sets of matched POFs are used to generate the phase-locked system through the phase modulation and synthesis to achieve the multiplexing purpose. To reconstruct a target image, the corresponding phase key and all the correct parameters in the FrT are required. Therefore, the authentication system with high-level security can be achieved. The computer simulation verifies the validity of the proposed method and also shows good resistance to the crosstalk among the reconstructed images.

  18. New RSA-Based (Selectively) Convertible Undeniable Signature Schemes

    NASA Astrophysics Data System (ADS)

    Phong, Le Trieu; Kurosawa, Kaoru; Ogata, Wakaha

    In this paper, we design and analyze some new and practical (selectively) convertible undeniable signature (SCUS) schemes in both random oracle and standard model, which enjoy several merits over existing schemes in the literature. In particular, we design the first practical RSA-based SCUS schemes secure in the standard model. On the path, we also introduce two moduli RSA assumptions, including the strong twin RSA assumption, which is the RSA symmetry of the strong twin Diffie-Hellman assumption (Eurocrypt'08).

  19. Authentication of quantum messages.

    SciTech Connect

    Barnum, Howard; Crépeau, Jean-Claude; Gottesman, D.; Smith, A.; Tapp, Alan

    2001-01-01

    Authentication is a well-studied area of classical cryptography: a sender A and a receiver B sharing a classical private key want to exchange a classical message with the guarantee that the message has not been modified or replaced by a dishonest party with control of the communication line. In this paper we study the authentication of messages composed of quantum states. We give a formal definition of authentication in the quantum setting. Assuming A and B have access to an insecure quantum channel and share a private, classical random key, we provide a non-interactive scheme that both enables A to encrypt and authenticate (with unconditional security) an m qubit message by encoding it into m + s qubits, where the probability decreases exponentially in the security parameter s. The scheme requires a private key of size 2m + O(s). To achieve this, we give a highly efficient protocol for testing the purity of shared EPR pairs. It has long been known that learning information about a general quantum state will necessarily disturb it. We refine this result to show that such a disturbance can be done with few side effects, allowing it to circumvent cryptographic protections. Consequently, any scheme to authenticate quantum messages must also encrypt them. In contrast, no such constraint exists classically: authentication and encryption are independent tasks, and one can authenticate a message while leaving it publicly readable. This reasoning has two important consequences: On one hand, it allows us to give a lower bound of 2m key bits for authenticating m qubits, which makes our protocol asymptotically optimal. On the other hand, we use it to show that digitally signing quantum states is impossible, even with only computational security.

  20. Two-factor authentication system based on optical interference and one-way hash function

    NASA Astrophysics Data System (ADS)

    He, Wenqi; Peng, Xiang; Meng, Xiangfeng; Liu, Xiaoli

    2012-10-01

    We present a two-factor authentication method to verify the personal identification who tries to access an optoelectronic system. This method is based on the optical interference principle and the traditional one-way Hash function (e.g. MD5). The authentication process is straightforward, the phase key and the password-controlled phase lock of one user are loading on two Spatial Light Modulators (SLMs) in advance, by which two coherent beams are modulated and then interference with each other at the output plane leading to an output image. By comparing the output image with all the standard certification images in the database, the system can thus verify the user's identity. However, the system designing process involves an iterative Modified Phase Retrieval Algorithm (MPRA). For an uthorized user, a phase lock is first created based on a "Digital Fingerprint (DF)", which is the result of a Hash function on a preselected user password. The corresponding phase key can then be determined by use of the phase lock and a designated standard certification image. Note that the encode/design process can only be realized by digital means while the authentication process could be achieved digitally or optically. Computer simulations were also given to validate the proposed approach.

  1. Simple group password-based authenticated key agreements for the integrated EPR information system.

    PubMed

    Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

    2013-04-01

    The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

  2. Fully Integrated Passive UHF RFID Tag for Hash-Based Mutual Authentication Protocol

    PubMed Central

    Mikami, Shugo; Watanabe, Dai; Li, Yang; Sakiyama, Kazuo

    2015-01-01

    Passive radio-frequency identification (RFID) tag has been used in many applications. While the RFID market is expected to grow, concerns about security and privacy of the RFID tag should be overcome for the future use. To overcome these issues, privacy-preserving authentication protocols based on cryptographic algorithms have been designed. However, to the best of our knowledge, evaluation of the whole tag, which includes an antenna, an analog front end, and a digital processing block, that runs authentication protocols has not been studied. In this paper, we present an implementation and evaluation of a fully integrated passive UHF RFID tag that runs a privacy-preserving mutual authentication protocol based on a hash function. We design a single chip including the analog front end and the digital processing block. We select a lightweight hash function supporting 80-bit security strength and a standard hash function supporting 128-bit security strength. We show that when the lightweight hash function is used, the tag completes the protocol with a reader-tag distance of 10 cm. Similarly, when the standard hash function is used, the tag completes the protocol with the distance of 8.5 cm. We discuss the impact of the peak power consumption of the tag on the distance of the tag due to the hash function. PMID:26491714

  3. A novel fractal image compression scheme with block classification and sorting based on Pearson's correlation coefficient.

    PubMed

    Wang, Jianji; Zheng, Nanning

    2013-09-01

    Fractal image compression (FIC) is an image coding technology based on the local similarity of image structure. It is widely used in many fields such as image retrieval, image denoising, image authentication, and encryption. FIC, however, suffers from the high computational complexity in encoding. Although many schemes are published to speed up encoding, they do not easily satisfy the encoding time or the reconstructed image quality requirements. In this paper, a new FIC scheme is proposed based on the fact that the affine similarity between two blocks in FIC is equivalent to the absolute value of Pearson's correlation coefficient (APCC) between them. First, all blocks in the range and domain pools are chosen and classified using an APCC-based block classification method to increase the matching probability. Second, by sorting the domain blocks with respect to APCCs between these domain blocks and a preset block in each class, the matching domain block for a range block can be searched in the selected domain set in which these APCCs are closer to APCC between the range block and the preset block. Experimental results show that the proposed scheme can significantly speed up the encoding process in FIC while preserving the reconstructed image quality well.

  4. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

    PubMed

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

  5. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography

    PubMed Central

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. PMID:27163786

  6. Problem-Based Learning: As Authentic as It Gets.

    ERIC Educational Resources Information Center

    Stepien, William; Gallagher, Shelagh

    1993-01-01

    For three years, Center for Problem-Based Learning at Illinois Mathematics and Science Academy has been developing innovative programs in various K-12 settings. Students meet an "ill-structured problem" (like thorium waste) before receiving instruction. Teachers act as coaches and tutors, probing findings, hypotheses, and conclusions;…

  7. Commentary: Learner-Based Listening and Technological Authenticity

    ERIC Educational Resources Information Center

    Robin, Richard

    2007-01-01

    Language teachers know that even the best technology cannot provide the high degree of interaction required to acquire meaningful proficiency in a foreign language. Even the most polished packages available today cannot evaluate learner input and provide subtle shades of context-based feedback, except in the narrowest of circumstances. In this…

  8. Quantum fully homomorphic encryption scheme based on universal quantum circuit

    NASA Astrophysics Data System (ADS)

    Liang, Min

    2015-08-01

    Fully homomorphic encryption enables arbitrary computation on encrypted data without decrypting the data. Here it is studied in the context of quantum information processing. Based on universal quantum circuit, we present a quantum fully homomorphic encryption (QFHE) scheme, which permits arbitrary quantum transformation on any encrypted data. The QFHE scheme is proved to be perfectly secure. In the scheme, the decryption key is different from the encryption key; however, the encryption key cannot be revealed. Moreover, the evaluation algorithm of the scheme is independent of the encryption key, so it is suitable for delegated quantum computing between two parties.

  9. Call Admission Control Scheme Based on Statistical Information

    NASA Astrophysics Data System (ADS)

    Fujiwara, Takayuki; Oki, Eiji; Shiomoto, Kohei

    A call admission control (CAC) scheme based on statistical information is proposed, called the statistical CAC scheme. A conventional scheme needs to manage session information for each link to update the residual bandwidth of a network in real time. This scheme has a scalability problem in terms of network size. The statistical CAC rejects session setup requests in accordance to a pre-computed ratio, called the rejection ratio. The rejection ratio is computed by using statistical information about the bandwidth requested for each link so that the congestion probability is less than an upper bound specified by a network operator. The statistical CAC is more scalable in terms of network size than the conventional scheme because it does not need to keep accommodated session state information. Numerical results show that the statistical CAC, even without exact session state information, only slightly degrades network utilization compared with the conventional scheme.

  10. Copyright protection scheme based on chaos and secret sharing techniques

    NASA Astrophysics Data System (ADS)

    Lou, Der-Chyuan; Shieh, Jieh-Ming; Tso, Hao-Kuan

    2005-11-01

    A copyright protection scheme based on chaos and secret sharing techniques is proposed. Instead of modifying the original image to embed a watermark in it, the proposed scheme extracts a feature from the image first. Then, the extracted feature and the watermark are scrambled by a chaos technique. Finally, the secret sharing technique is used to construct a shadow image. The watermark can be retrieved by performing an XOR operation between the shadow images. The proposed scheme has the following advantages. Firstly, the watermark retrieval does not need the original image. Secondly, the scheme does not need to modify the original image for embedding the watermark. Thirdly, compared with several schemes, the scheme is secure and robust in resisting various attacks.

  11. Computer-assisted machine-to-human protocols for authentication of a RAM-based embedded system

    NASA Astrophysics Data System (ADS)

    Idrissa, Abdourhamane; Aubert, Alain; Fournel, Thierry

    2012-06-01

    Mobile readers used for optical identification of manufactured products can be tampered in different ways: with hardware Trojan or by powering up with fake configuration data. How a human verifier can authenticate the reader to be handled for goods verification? In this paper, two cryptographic protocols are proposed to achieve the verification of a RAM-based system through a trusted auxiliary machine. Such a system is assumed to be composed of a RAM memory and a secure block (in practice a FPGA or a configurable microcontroller). The system is connected to an input/output interface and contains a Non Volatile Memory where the configuration data are stored. Here, except the secure block, all the blocks are exposed to attacks. At the registration stage of the first protocol, the MAC of both the secret and the configuration data, denoted M0 is computed by the mobile device without saving it then transmitted to the user in a secure environment. At the verification stage, the reader which is challenged with nonces sendsMACs / HMACs of both nonces and MAC M0 (to be recomputed), keyed with the secret. These responses are verified by the user through a trusted auxiliary MAC computer unit. Here the verifier does not need to tract a (long) list of challenge / response pairs. This makes the protocol tractable for a human verifier as its participation in the authentication process is increased. In counterpart the secret has to be shared with the auxiliary unit. This constraint is relaxed in a second protocol directly derived from Fiat-Shamir's scheme.

  12. Comparison of two SVD-based color image compression schemes.

    PubMed

    Li, Ying; Wei, Musheng; Zhang, Fengxia; Zhao, Jianli

    2017-01-01

    Color image compression is a commonly used process to represent image data as few bits as possible, which removes redundancy in the data while maintaining an appropriate level of quality for the user. Color image compression algorithms based on quaternion are very common in recent years. In this paper, we propose a color image compression scheme, based on the real SVD, named real compression scheme. First, we form a new real rectangular matrix C according to the red, green and blue components of the original color image and perform the real SVD for C. Then we select several largest singular values and the corresponding vectors in the left and right unitary matrices to compress the color image. We compare the real compression scheme with quaternion compression scheme by performing quaternion SVD using the real structure-preserving algorithm. We compare the two schemes in terms of operation amount, assignment number, operation speed, PSNR and CR. The experimental results show that with the same numbers of selected singular values, the real compression scheme offers higher CR, much less operation time, but a little bit smaller PSNR than the quaternion compression scheme. When these two schemes have the same CR, the real compression scheme shows more prominent advantages both on the operation time and PSNR.

  13. Comparison of two SVD-based color image compression schemes

    PubMed Central

    Li, Ying; Wei, Musheng; Zhang, Fengxia; Zhao, Jianli

    2017-01-01

    Color image compression is a commonly used process to represent image data as few bits as possible, which removes redundancy in the data while maintaining an appropriate level of quality for the user. Color image compression algorithms based on quaternion are very common in recent years. In this paper, we propose a color image compression scheme, based on the real SVD, named real compression scheme. First, we form a new real rectangular matrix C according to the red, green and blue components of the original color image and perform the real SVD for C. Then we select several largest singular values and the corresponding vectors in the left and right unitary matrices to compress the color image. We compare the real compression scheme with quaternion compression scheme by performing quaternion SVD using the real structure-preserving algorithm. We compare the two schemes in terms of operation amount, assignment number, operation speed, PSNR and CR. The experimental results show that with the same numbers of selected singular values, the real compression scheme offers higher CR, much less operation time, but a little bit smaller PSNR than the quaternion compression scheme. When these two schemes have the same CR, the real compression scheme shows more prominent advantages both on the operation time and PSNR. PMID:28257451

  14. A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network

    PubMed Central

    Lai, Yan-Ming; Cheng, Pu-Jen; Lee, Cheng-Chi; Ku, Chia-Yi

    2016-01-01

    Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN) based on tickets. Unfortunately, Li et al.’s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.’s protocol includes the use of high-quality tamper-proof devices (TPDs), and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client’s privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay. PMID:27171160

  15. A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network.

    PubMed

    Lai, Yan-Ming; Cheng, Pu-Jen; Lee, Cheng-Chi; Ku, Chia-Yi

    2016-01-01

    Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN) based on tickets. Unfortunately, Li et al.'s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.'s protocol includes the use of high-quality tamper-proof devices (TPDs), and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client's privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay.

  16. Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

    PubMed

    Zhang, Liping; Tang, Shanyu; Luo, He

    2016-01-01

    In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

  17. Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids

    PubMed Central

    Zhang, Liping; Tang, Shanyu; Luo, He

    2016-01-01

    In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham- Yahalom logic. PMID:27007951

  18. A FRACTAL-BASED STOCHASTIC INTERPOLATION SCHEME IN SUBSURFACE HYDROLOGY

    EPA Science Inventory

    The need for a realistic and rational method for interpolating sparse data sets is widespread. Real porosity and hydraulic conductivity data do not vary smoothly over space, so an interpolation scheme that preserves irregularity is desirable. Such a scheme based on the properties...

  19. A Proxy Signature Scheme Based on Coding Theory

    NASA Astrophysics Data System (ADS)

    Jannati, Hoda; Falahati, Abolfazl

    Proxy signature helps the proxy signer to sign messages on behalf of the original signer. This signature is used when the original signer is not available to sign a specific document. In this paper, we introduce a new proxy signature scheme based on Stern's identification scheme whose security depends on syndrome decoding problem. The proposed scheme is the first code-based proxy signature and can be used in a quantum computer. In this scheme, the operations to perform are linear and very simple thus the signature is performed quickly and can be implemented using smart card in a quite efficient way. The proposed scheme also satisfies unforgeability, undeniability, non-transferability and distinguishability properties which are the security requirements for a proxy signature.

  20. Genome-based approaches to the authentication of medicinal plants.

    PubMed

    Sucher, Nikolaus J; Carles, Maria C

    2008-05-01

    Medicinal plants are the source of a large number of essential drugs in Western medicine and are the basis of herbal medicine, which is not only the primary source of health care for most of the world's population living in developing countries but also enjoys growing popularity in developed countries. The increased demand for botanical products is met by an expanding industry and accompanied by calls for assurance of quality, efficacy and safety. Plants used as drugs, dietary supplements and herbal medicines are identified at the species level. Unequivocal identification is a critical step at the beginning of an extensive process of quality assurance and is of importance for the characterization of the genetic diversity, phylogeny and phylogeography as well as the protection of endangered species. DNA-based methods have been developed for the identification of medicinal plants. Nuclear and chloroplast DNA is amplified by the polymerase chain reaction and the reaction products are analyzed by gel electrophoresis, sequencing, or hybridization with species-specific probes. Genomic fingerprinting can differentiate between individuals, species and populations and is useful for the detection of the homogeneity of the samples and presence of adulterants. Although sequences from single chloroplast or nuclear genes have been useful for differentiation of species, phylogenetic studies often require consideration of DNA sequence data from more than one gene or genomic region. Phytochemical and genetic data are correlated but only the latter normally allow for differentiation at the species level. The generation of molecular "barcodes" of medicinal plants will be worth the concerted effort of the medicinal plant research community and contribute to the ongoing effort of defining barcodes for every species on earth.

  1. Eyebrows Identity Authentication Based on Wavelet Transform and Support Vector Machines

    NASA Astrophysics Data System (ADS)

    Jun-bin, CAO; Haitao, Yang; Lili, Ding

    In order to study the novel biometric of eyebrow,,this paper presents an Eyebrows identity authentication based on wavelet transform and support vector machines. The features of the eyebrows image are extracted by wavelet transform, and then classifies them based on SVM. Verification results of the experiment on an eyebrow database taken from 100 of self-built personal demonstrate the effectiveness of the system. The system has a lower FAR 0.22%and FRR 28% Therefore, eyebrow recongnition may possibly apply to personal identification.

  2. A biometric signcryption scheme without bilinear pairing

    NASA Astrophysics Data System (ADS)

    Wang, Mingwen; Ren, Zhiyuan; Cai, Jun; Zheng, Wentao

    2013-03-01

    How to apply the entropy in biometrics into the encryption and remote authentication schemes to simplify the management of keys is a hot research area. Utilizing Dodis's fuzzy extractor method and Liu's original signcryption scheme, a biometric identity based signcryption scheme is proposed in this paper. The proposed scheme is more efficient than most of the previous proposed biometric signcryption schemes for that it does not need bilinear pairing computation and modular exponentiation computation which is time consuming largely. The analysis results show that under the CDH and DL hard problem assumption, the proposed scheme has the features of confidentiality and unforgeability simultaneously.

  3. Triangle based TVD schemes for hyperbolic conservation laws

    NASA Technical Reports Server (NTRS)

    Durlofsky, Louis J.; Osher, Stanley; Engquist, Bjorn

    1990-01-01

    A triangle based total variation diminishing (TVD) scheme for the numerical approximation of hyperbolic conservation laws in two space dimensions is constructed. The novelty of the scheme lies in the nature of the preprocessing of the cell averaged data, which is accomplished via a nearest neighbor linear interpolation followed by a slope limiting procedures. Two such limiting procedures are suggested. The resulting method is considerably more simple than other triangle based non-oscillatory approximations which, like this scheme, approximate the flux up to second order accuracy. Numerical results for linear advection and Burgers' equation are presented.

  4. Splitting based finite volume schemes for ideal MHD equations

    NASA Astrophysics Data System (ADS)

    Fuchs, F. G.; Mishra, S.; Risebro, N. H.

    2009-02-01

    We design finite volume schemes for the equations of ideal magnetohydrodynamics (MHD) and based on splitting these equations into a fluid part and a magnetic induction part. The fluid part leads to an extended Euler system with magnetic forces as source terms. This set of equations are approximated by suitable two- and three-wave HLL solvers. The magnetic part is modeled by the magnetic induction equations which are approximated using stable upwind schemes devised in a recent paper [F. Fuchs, K.H. Karlsen, S. Mishra, N.H. Risebro, Stable upwind schemes for the Magnetic Induction equation. Math. Model. Num. Anal., Available on conservation laws preprint server, submitted for publication, URL: ]. These two sets of schemes can be combined either component by component, or by using an operator splitting procedure to obtain a finite volume scheme for the MHD equations. The resulting schemes are simple to design and implement. These schemes are compared with existing HLL type and Roe type schemes for MHD equations in a series of numerical experiments. These tests reveal that the proposed schemes are robust and have a greater numerical resolution than HLL type solvers, particularly in several space dimensions. In fact, the numerical resolution is comparable to that of the Roe scheme on most test problems with the computational cost being at the level of a HLL type solver. Furthermore, the schemes are remarkably stable even at very fine mesh resolutions and handle the divergence constraint efficiently with low divergence errors.

  5. An expert system based intelligent control scheme for space bioreactors

    NASA Technical Reports Server (NTRS)

    San, Ka-Yiu

    1988-01-01

    An expert system based intelligent control scheme is being developed for the effective control and full automation of bioreactor systems in space. The scheme developed will have the capability to capture information from various resources including heuristic information from process researchers and operators. The knowledge base of the expert system should contain enough expertise to perform on-line system identification and thus be able to adapt the controllers accordingly with minimal human supervision.

  6. Do We Need to Design Course-Based Undergraduate Research Experiences for Authenticity?

    PubMed

    Rowland, Susan; Pedwell, Rhianna; Lawrie, Gwen; Lovie-Toon, Joseph; Hung, Yu

    2016-01-01

    The recent push for more authentic teaching and learning in science, technology, engineering, and mathematics indicates a shared agreement that undergraduates require greater exposure to professional practices. There is considerable variation, however, in how "authentic" science education is defined. In this paper we present our definition of authenticity as it applies to an "authentic" large-scale undergraduate research experience (ALURE); we also look to the literature and the student voice for alternate perceptions around this concept. A metareview of science education literature confirmed the inconsistency in definitions and application of the notion of authentic science education. An exploration of how authenticity was explained in 604 reflections from ALURE and traditional laboratory students revealed contrasting and surprising notions and experiences of authenticity. We consider the student experience in terms of alignment with 1) the intent of our designed curriculum and 2) the literature definitions of authentic science education. These findings contribute to the conversation surrounding authenticity in science education. They suggest two things: 1) educational experiences can have significant authenticity for the participants, even when there is no purposeful design for authentic practice, and 2) the continuing discussion of and design for authenticity in UREs may be redundant.

  7. Dropping out of Ethiopia's community-based health insurance scheme.

    PubMed

    Mebratie, Anagaw D; Sparrow, Robert; Yilma, Zelalem; Alemu, Getnet; Bedi, Arjun S

    2015-12-01

    Low contract renewal rates have been identified as one of the challenges facing the development of community-based health insurance (CBHI) schemes. This article uses longitudinal household survey data gathered in 2012 and 2013 to examine dropout in the case of Ethiopia's pilot CBHI scheme. We treat dropout as a function of scheme affordability, health status, scheme understanding and quality of care. The scheme saw enrolment increase from 41% 1 year after inception to 48% a year later. An impressive 82% of those who enrolled in the first year renewed their subscriptions, while 25% who had not enrolled joined the scheme. The analysis shows that socioeconomic status, a greater understanding of health insurance and experience with and knowledge of the CBHI scheme are associated with lower dropout rates. While there are concerns about the quality of care and the treatment meted out to the insured by providers, the overall picture is that returns from the scheme are overwhelmingly positive. For the bulk of households, premiums do not seem to be onerous, basic understanding of health insurance is high and almost all those who are currently enrolled signalled their desire to renew contracts.

  8. Device interoperability and authentication for telemedical appliance based on the ISO/IEEE 11073 Personal Health Device (PHD) Standards.

    PubMed

    Caranguian, Luther Paul R; Pancho-Festin, Susan; Sison, Luis G

    2012-01-01

    In this study, we focused on the interoperability and authentication of medical devices in the context of telemedical systems. A recent standard called the ISO/IEEE 11073 Personal Health Device (X73-PHD) Standards addresses the device interoperability problem by defining common protocols for agent (medical device) and manager (appliance) interface. The X73-PHD standard however has not addressed security and authentication of medical devices which is important in establishing integrity of a telemedical system. We have designed and implemented a security policy within the X73-PHD standards. The policy will enable device authentication using Asymmetric-Key Cryptography and the RSA algorithm as the digital signature scheme. We used two approaches for performing the digital signatures: direct software implementation and use of embedded security modules (ESM). The two approaches were evaluated and compared in terms of execution time and memory requirement. For the standard 2048-bit RSA, ESM calculates digital signatures only 12% of the total time for the direct implementation. Moreover, analysis shows that ESM offers more security advantage such as secure storage of keys compared to using direct implementation. Interoperability with other systems was verified by testing the system with LNI Healthlink, a manager software that implements the X73-PHD standard. Lastly, security analysis was done and the system's response to common attacks on authentication systems was analyzed and several measures were implemented to protect the system against them.

  9. Design of a MEMS-based retina scanning system for biometric authentication

    NASA Astrophysics Data System (ADS)

    Woittennek, Franziska; Knobbe, Jens; Pügner, Tino; Schelinski, Uwe; Grüger, Heinrich

    2014-05-01

    There is an increasing need for reliable authentication for a number of applications such as e commerce. Common authentication methods based on ownership (ID card) or knowledge factors (password, PIN) are often prone to manipulations and may therefore be not safe enough. Various inherence factor based methods like fingerprint, retinal pattern or voice identifications are considered more secure. Retina scanning in particular offers both low false rejection rate (FRR) and low false acceptance rate (FAR) with about one in a million. Images of the retina with its characteristic pattern of blood vessels can be made with either a fundus camera or laser scanning methods. The present work describes the optical design of a new compact retina laser scanner which is based on MEMS (Micro Electric Mechanical System) technology. The use of a dual axis micro scanning mirror for laser beam deflection enables a more compact and robust design compared to classical systems. The scanner exhibits a full field of view of 10° which corresponds to an area of 4 mm2 on the retinal surface surrounding the optical disc. The system works in the near infrared and is designed for use under ambient light conditions, which implies a pupil diameter of 1.5 mm. Furthermore it features a long eye relief of 30 mm so that it can be conveniently used by persons wearing glasses. The optical design requirements and the optical performance are discussed in terms of spot diagrams and ray fan plots.

  10. Time to unravel the conceptual confusion of authenticity and fidelity and their contribution to learning within simulation-based nurse education. A discussion paper.

    PubMed

    Bland, Andrew J; Topping, Annie; Tobbell, Jane

    2014-07-01

    High-fidelity patient simulation is a method of education increasingly utilised by educators of nursing to provide authentic learning experiences. Fidelity and authenticity, however, are not conceptually equivalent. Whilst fidelity is important when striving to replicate a life experience such as clinical practice, authenticity can be produced with low fidelity. A challenge for educators of undergraduate nursing is to ensure authentic representation of the clinical situation which is a core component for potential success. What is less clear is the relationship between fidelity and authenticity in the context of simulation based learning. Authenticity does not automatically follow fidelity and as a result, educators of nursing cannot assume that embracing the latest technology-based educational tools will in isolation provide a learning environment perceived authentic by the learner. As nursing education programmes increasingly adopt simulators that offer the possibility of representing authentic real world situations, there is an urgency to better articulate and understand the terms fidelity and authenticity. Without such understanding there is a real danger that simulation as a teaching and learning resource in nurse education will never reach its potential and be misunderstood, creating a potential barrier to learning. This paper examines current literature to promote discussion within nurse education, concluding that authenticity in the context of simulation-based learning is complex, relying on far more than engineered fidelity.

  11. High order accurate finite difference schemes based on symmetry preservation

    NASA Astrophysics Data System (ADS)

    Ozbenli, Ersin; Vedula, Prakash

    2016-11-01

    A new algorithm for development of high order accurate finite difference schemes for numerical solution of partial differential equations using Lie symmetries is presented. Considering applicable symmetry groups (such as those relevant to space/time translations, Galilean transformation, scaling, rotation and projection) of a partial differential equation, invariant numerical schemes are constructed based on the notions of moving frames and modified equations. Several strategies for construction of invariant numerical schemes with a desired order of accuracy are analyzed. Performance of the proposed algorithm is demonstrated using analysis of one-dimensional partial differential equations, such as linear advection diffusion equations inviscid Burgers equation and viscous Burgers equation, as our test cases. Through numerical simulations based on these examples, the expected improvement in accuracy of invariant numerical schemes (up to fourth order) is demonstrated. Advantages due to implementation and enhanced computational efficiency inherent in our proposed algorithm are presented. Extension of the basic framework to multidimensional partial differential equations is also discussed.

  12. Secure authenticated video equipment

    SciTech Connect

    Doren, N.E.

    1993-07-01

    In the verification technology arena, there is a pressing need for surveillance and monitoring equipment that produces authentic, verifiable records of observed activities. Such a record provides the inspecting party with confidence that observed activities occurred as recorded, without undetected tampering or spoofing having taken place. The secure authenticated video equipment (SAVE) system provides an authenticated series of video images of an observed activity. Being self-contained and portable, it can be installed as a stand-alone surveillance system or used in conjunction with existing monitoring equipment in a non-invasive manner. Security is provided by a tamper-proof camera enclosure containing a private, electronic authentication key. Video data is transferred communication link consisting of a coaxial cable, fiber-optic link or other similar media. A video review station, located remotely from the camera, receives, validates, displays and stores the incoming data. Video data is validated within the review station using a public key, a copy of which is held by authorized panics. This scheme allows the holder of the public key to verify the authenticity of the recorded video data but precludes undetectable modification of the data generated by the tamper-protected private authentication key.

  13. Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

    PubMed

    Park, Chang-Seop

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  14. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    PubMed Central

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  15. Do We Need to Design Course-Based Undergraduate Research Experiences for Authenticity?

    PubMed Central

    Rowland, Susan; Pedwell, Rhianna; Lawrie, Gwen; Lovie-Toon, Joseph; Hung, Yu

    2016-01-01

    The recent push for more authentic teaching and learning in science, technology, engineering, and mathematics indicates a shared agreement that undergraduates require greater exposure to professional practices. There is considerable variation, however, in how “authentic” science education is defined. In this paper we present our definition of authenticity as it applies to an “authentic” large-scale undergraduate research experience (ALURE); we also look to the literature and the student voice for alternate perceptions around this concept. A metareview of science education literature confirmed the inconsistency in definitions and application of the notion of authentic science education. An exploration of how authenticity was explained in 604 reflections from ALURE and traditional laboratory students revealed contrasting and surprising notions and experiences of authenticity. We consider the student experience in terms of alignment with 1) the intent of our designed curriculum and 2) the literature definitions of authentic science education. These findings contribute to the conversation surrounding authenticity in science education. They suggest two things: 1) educational experiences can have significant authenticity for the participants, even when there is no purposeful design for authentic practice, and 2) the continuing discussion of and design for authenticity in UREs may be redundant. PMID:27909029

  16. Edge-based finite element scheme for the Euler equations

    NASA Astrophysics Data System (ADS)

    Luo, Hong; Baum, Joseph D.; Loehner, Rainald

    1994-06-01

    This paper describes the development, validation, and application of a new finite element scheme for the solution of the compressible Euler equations on unstructured grids. The implementation of the numerical scheme is based on an edge-based data structure, as opposed to a more element-based data structure. The use of this edge-based data structure not only improves the efficiency of the algorithm but also enables a straightforward implementation of the upwind schemes in the context of finite element methods. The algorithm has been tested and validated on some well documented configurations. A flow solution about a complete F-18 fighter is shown to demonstrate the accuracy and robustness of the proposed algorithm.

  17. Edge-based finite element scheme for the Euler equations

    NASA Astrophysics Data System (ADS)

    Luo, Hong; Baum, Joseph D.; Lohner, Rainald

    1994-06-01

    This paper describes the development, validation, and application of a new finite element scheme for the solution of the compressible Euler equations on unstructured grids. The implementation of the numerical scheme is based on an edge-based data structure, as opposed to a more traditional element-based data structure. The use of this edge-based data structure not only improves the efficiency of the algorithm but also enables a straightforward implementation of upwind schemes in the context of finite element methods. The algorithm has been tested and validated on some well-documented configurations. A flow solution about a complete F-18 fighter is shown to demonstrate the accuracy and robustness of the proposed algorithm.

  18. Packet Forwarding Scheme Based on Interworking Architecture for Future Internet

    NASA Astrophysics Data System (ADS)

    Kim, Seokhoon; Ryoo, Intae

    This paper introduces a packet forwarding scheme based on interworking architecture that can provide quite a good QoS by minimizing processing delay which is the major part of the timeliness factor in New Generation IP-based networks. Based on path and resource reservation mechanism, the POSIA makes routers on the packet forwarding path synchronize with each other and then forward packets. We have shown that the POSIA outperforms the existing packet forwarding schemes like IntServ, DiffServ and MPLS through computer simulations using OPNET.

  19. A Survey of Watermarking Algorithms for Image Authentication

    NASA Astrophysics Data System (ADS)

    Rey, Christian; Dugelay, Jean-Luc

    2002-12-01

    Digital image manipulation software is now readily available on personal computers. It is therefore very simple to tamper with any image and make it available to others. Insuring digital image integrity has therefore become a major issue. Watermarking has become a popular technique for copyright enforcement and image authentication. The aim of this paper is to present an overview of emerging techniques for detecting whether image tampering has taken place. Compared to the techniques and protocols for security usually employed to perform this task, the majority of the proposed methods based on watermarking, place a particular emphasis on the notion of content authentication rather than strict integrity. In this paper, we introduce the notion of image content authentication and the features required to design an effective authentication scheme. We present some algorithms, and introduce frequently used key techniques.

  20. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

    PubMed Central

    Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

    2015-01-01

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic. PMID:26580963

  1. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

    PubMed

    Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroaki; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

    2015-01-01

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

  2. Adaptive PCA based fault diagnosis scheme in imperial smelting process.

    PubMed

    Hu, Zhikun; Chen, Zhiwen; Gui, Weihua; Jiang, Bin

    2014-09-01

    In this paper, an adaptive fault detection scheme based on a recursive principal component analysis (PCA) is proposed to deal with the problem of false alarm due to normal process changes in real process. Our further study is also dedicated to develop a fault isolation approach based on Generalized Likelihood Ratio (GLR) test and Singular Value Decomposition (SVD) which is one of general techniques of PCA, on which the off-set and scaling fault can be easily isolated with explicit off-set fault direction and scaling fault classification. The identification of off-set and scaling fault is also applied. The complete scheme of PCA-based fault diagnosis procedure is proposed. The proposed scheme is first applied to Imperial Smelting Process, and the results show that the proposed strategies can be able to mitigate false alarms and isolate faults efficiently.

  3. Saffron authentication based on liquid chromatography high resolution tandem mass spectrometry and multivariate data analysis.

    PubMed

    Rubert, Josep; Lacina, Ondrej; Zachariasova, Milena; Hajslova, Jana

    2016-08-01

    Saffron is one of the oldest and most expensive spices, which is often target of fraudulent activities. In this research, a new strategy of saffron authentication based on metabolic fingerprinting was developed. In the first phase, a solid liquid extraction procedure was optimized, the main aim was to isolate as maximal representation of small molecules contained in saffron as possible. In the second step, a detection method based on liquid chromatography coupled with high-resolution mass spectrometry was developed. Initially, principal component analysis (PCA) revealed clear differences between saffron cultivated and packaged in Spain, protected designation of origin (PDO), and saffron packaged in Spain of unknown origin, labeled Spanish saffron. Afterwards, orthogonal partial least square discriminant analysis (OPLS-DA) was favorably used to discriminate between Spanish saffron. The tentative identification of markers showed glycerophospholipids and their oxidized lipids were significant markers according to their origin.

  4. An efficient biometric and password-based remote user authentication using smart card for Telecare Medical Information Systems in multi-server environment.

    PubMed

    Maitra, Tanmoy; Giri, Debasis

    2014-12-01

    The medical organizations have introduced Telecare Medical Information System (TMIS) to provide a reliable facility by which a patient who is unable to go to a doctor in critical or urgent period, can communicate to a doctor through a medical server via internet from home. An authentication mechanism is needed in TMIS to hide the secret information of both parties, namely a server and a patient. Recent research includes patient's biometric information as well as password to design a remote user authentication scheme that enhances the security level. In a single server environment, one server is responsible for providing services to all the authorized remote patients. However, the problem arises if a patient wishes to access several branch servers, he/she needs to register to the branch servers individually. In 2014, Chuang and Chen proposed an remote user authentication scheme for multi-server environment. In this paper, we have shown that in their scheme, an non-register adversary can successfully logged-in into the system as a valid patient. To resist the weaknesses, we have proposed an authentication scheme for TMIS in multi-server environment where the patients can register to a root telecare server called registration center (RC) in one time to get services from all the telecare branch servers through their registered smart card. Security analysis and comparison shows that our proposed scheme provides better security with low computational and communication cost.

  5. Towards second-generation smart card-based authentication in health information systems: the secure server model.

    PubMed

    Hallberg, J; Hallberg, N; Timpka, T

    2001-01-01

    Conventional smart card-based authentication systems used in health care alleviate some of the security issues in user and system authentication. Existing models still do not cover all security aspects. To enable new protective measures to be developed, an extended model of the authentication process is presented. This model includes a new entity referred to as secure server. Assuming a secure server, a method where the smart card is aware of the status of the terminal integrity verification becomes feasible. The card can then act upon this knowledge and restrict the exposure of sensitive information to the terminal as required in order to minimize the risks. The secure server model can be used to illuminate the weaknesses of current approaches and the need for extensions which alleviate the resulting risks.

  6. Research Based Science Education: Bringing Authentic Scientific Research into the Secondary Classroom

    NASA Astrophysics Data System (ADS)

    Sayers, J.

    2003-12-01

    Teachers and students at Northview High School in Brazil, Indiana have the opportunity to engage in authentic scientific research through our participation in two national projects, TLRBSE and PEPP. Teacher Leaders in Research Based Science Education (TLRBSE) is a teacher professional development and retention program coupled with authentic scientific research projects in astronomy. Teacher-Leaders are trained in research-based pedagogy and serve as mentors to less experienced colleagues and work with students to develop science research methods and research projects for the classroom. Astronomical data collected at Kitt Peak by astronomers and teachers is made available on CD for classroom use. Northview is in its second year as a TLRBSE school. The Princeton Earth Physics Project (PEPP) trains mentor teachers in fundamentals of research in seismology. Teachers and students then gain hands on experience in science research through operation of a research quality seismic station sited at the high school. Data from the Northview seismometer are stored locally and also transmitted over the Internet to a database at Indiana University. Students have access to local data as well as seismic databases accessible through the Internet to use for research projects. The Northview Seismic Station has been in operation since 1998. In this presentation, I will describe how these projects have been incorporated into the physics and earth science programs at Northview High School. I will discus how our teachers and students have benefited from the opportunity to take part in hands-on scientific research under the guidance of university faculty. In particular, I will describe our participation in a regional seismic network through seismic data acquisition, data analysis using seismological software, and students' experiences in a university-based student research symposium. I reflect on the some of the successes and barriers to high-school teachers' and students' involvement in

  7. Authentic Assessment.

    ERIC Educational Resources Information Center

    Lockwood, Anne Turnbaugh

    1991-01-01

    Authentic performance assessments--when used simultaneously with matching curricular practices--are a promising development for practitioners and students alike. A major benefit for practitioners appears to be the opportunity to redefine the curriculum and guide instruction. Benefits for students include the opportunity to engage in authentic work…

  8. A Broker-based approach for GEOSS authentication/authorization services

    NASA Astrophysics Data System (ADS)

    Santoro, Mattia; Nativi, Stefano

    2015-04-01

    The Group on Earth Observation (GEO) is a voluntary partnership of governments and international organizations coordinating efforts to build a Global Earth Observation System of Systems (GEOSS). GEOSS aims to achieve societal benefits through voluntary contribution and sharing of resources to better understand the relationships between the society and the environment where we live. The GEOSS Common Infrastructure (GCI) implements a digital infrastructure (e-infrastructure) that coordinates access to these systems, interconnecting and harmonizing their data, applications, models, and products. The GCI component implementing the needed interoperability arrangements to interconnect the data systems contributing to GEOSS is the GEO DAB (Discovery and Access Broker). This provides a unique entry point to which client applications (i.e. the portals and apps) can connect for exploiting (search, discover, and access) resources available through GCI. The GEO DAB implements the brokering approach (Nativi et al., 2013) to build a flexible and scalable System of Systems. GEOSS data providers ask for information about who accessed their resources and, in some cases, want to limit the data download. GEOSS users ask for a profiled interaction with the system based on their needs and expertise level. This raised the need for an enrichment of GEO DAB functionalities, i.e. user authentication/authorization. Besides, authentication and authorization is necessary for GEOSS to provide moderated social services - e.g. feedback messages, data "fit for use" comments, etc. In the development of this new functionality, the need to support existing and well-used users' credentials (e.g. Google, Twitter, etc.) stems from GEOSS principles to build on existing systems and lower entry-barriers for users. To cope with these requirements and face the heterogeneity of technologies used by the different data systems and client applications, a broker-based approach for the authentication

  9. Geospatial Authentication

    NASA Technical Reports Server (NTRS)

    Lyle, Stacey D.

    2009-01-01

    A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time has been developed. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server. The Geospatial Authentication software has two parts Server and Client. The server software is a virtual private network (VPN) developed in Linux operating system using Perl programming language. The server can be a stand-alone VPN server or can be combined with other applications and services. The client software is a GUI Windows CE software, or Mobile Graphical Software, that allows users to authenticate into a network. The purpose of the client software is to pass the needed satellite information to the server for authentication.

  10. Redesigning a library-based genetics class research project through instructional theory and authentic experience*

    PubMed Central

    Tennant, Michele R; Edwards, Mary; Miyamoto, Michael M

    2012-01-01

    Question: How can the library-based research project of a genetics course be reinvigorated and made sustainable without sacrificing educational integrity? Setting: The University of Florida's Health Science Center Library provides the case study. Methods: Since 1996, the librarian has codeveloped, supported, and graded all components of the project. In 2009, the project evolved from a single-authored paper to a group-work poster, with graded presentations hosted by the library. In 2010, students were surveyed regarding class enhancements. Results: Responses indicated a preference for collaborative work and the poster format and suggested the changes facilitated learning. Instructors reported that the poster format more clearly documented students' understanding of genetics. Conclusion: Results suggest project enhancements contributed to greater appreciation, understanding, and application of classroom material and offered a unique and authentic learning experience, without compromising educational integrity. The library benefitted through increased visibility as a partner in the educational mission and development of a sustainable instructional collaboration. PMID:22514504

  11. Improved Readout Scheme for SQUID-Based Thermometry

    NASA Technical Reports Server (NTRS)

    Penanen, Konstantin

    2007-01-01

    An improved readout scheme has been proposed for high-resolution thermometers, (HRTs) based on the use of superconducting quantum interference devices (SQUIDs) to measure temperature- dependent magnetic susceptibilities. The proposed scheme would eliminate counting ambiguities that arise in the conventional scheme, while maintaining the superior magnetic-flux sensitivity of the conventional scheme. The proposed scheme is expected to be especially beneficial for HRT-based temperature control of multiplexed SQUIDbased bolometer sensor arrays. SQUID-based HRTs have become standard for measuring and controlling temperatures in the sub-nano-Kelvin temperature range in a broad range of low-temperature scientific and engineering applications. A typical SQUIDbased HRT that utilizes the conventional scheme includes a coil wound on a core made of a material that has temperature- dependent magnetic susceptibility in the temperature range of interest. The core and the coil are placed in a DC magnetic field provided either by a permanent magnet or as magnetic flux inside a superconducting outer wall. The aforementioned coil is connected to an input coil of a SQUID. Changes in temperature lead to changes in the susceptibility of the core and to changes in the magnetic flux detected by the SQUID. The SQUID readout instrumentation is capable of measuring magnetic-flux changes that correspond to temperature changes down to a noise limit .0.1 nK/Hz1/2. When the flux exceeds a few fundamental flux units, which typically corresponds to a temperature of .100 nK, the SQUID is reset. The temperature range can be greatly expanded if the reset events are carefully tracked and counted, either by a computer running appropriate software or by a dedicated piece of hardware.

  12. Do We Need to Design Course-Based Undergraduate Research Experiences for Authenticity?

    ERIC Educational Resources Information Center

    Rowland, Susan; Pedwell, Rhianna; Lawrie, Gwen; Lovie-Toon, Joseph; Hung, Yu

    2016-01-01

    The recent push for more authentic teaching and learning in science, technology, engineering, and mathematics indicates a shared agreement that undergraduates require greater exposure to professional practices. There is considerable variation, however, in how "authentic" science education is defined. In this paper we present our…

  13. The Role of Authenticity in Design-Based Learning Environments: The Case of Engineering Education

    ERIC Educational Resources Information Center

    Strobel, J.; Wang, J.; Weber, N. R.; Dyehouse, M.

    2013-01-01

    The term "authenticity" is pervasive in the education literature in general and specifically in the design education and engineering education literature; yet, the construct is often used un-reflected and ill defined. The purpose of this paper is (1) to critically examine current conceptualizations of authenticity as principles to design learning…

  14. Block-based adaptive lifting schemes for multiband image compression

    NASA Astrophysics Data System (ADS)

    Masmoudi, Hela; Benazza-Benyahia, Amel; Pesquet, Jean-Christophe

    2004-02-01

    In this paper, we are interested in designing lifting schemes adapted to the statistics of the wavelet coefficients of multiband images for compression applications. More precisely, nonseparable vector lifting schemes are used in order to capture simultaneously the spatial and the spectral redundancies. The underlying operators are then computed in order to minimize the entropy of the resulting multiresolution representation. To this respect, we have developed a new iterative block-based classification algorithm. Simulation tests carried out on remotely sensed multispectral images indicate that a substantial gain in terms of bit-rate is achieved by the proposed adaptive coding method w.r.t the non-adaptive one.

  15. A second order derivative scheme based on Bregman algorithm class

    NASA Astrophysics Data System (ADS)

    Campagna, Rosanna; Crisci, Serena; Cuomo, Salvatore; Galletti, Ardelio; Marcellino, Livia

    2016-10-01

    The algorithms based on the Bregman iterative regularization are known for efficiently solving convex constraint optimization problems. In this paper, we introduce a second order derivative scheme for the class of Bregman algorithms. Its properties of convergence and stability are investigated by means of numerical evidences. Moreover, we apply the proposed scheme to an isotropic Total Variation (TV) problem arising out of the Magnetic Resonance Image (MRI) denoising. Experimental results confirm that our algorithm has good performance in terms of denoising quality, effectiveness and robustness.

  16. Writing the Book…Literally: The Convergence of Authentic Intellectual Work (AIW) and Project-Based Learning (PBL)

    ERIC Educational Resources Information Center

    Buckmiller, Tom M.; Kruse, Jerrid W.

    2015-01-01

    Using the Project-Based Learning (PBL) and Authentic Intellectual Work (AIW) models, we sought to create coursework that had value beyond the classroom. Refinements in the self-publishing book industry provide the opportunity to present student work to a larger audience and in a different, more engaging format. With the help of free software, our…

  17. New optical scheme for a polarimetric-based glucose sensor

    NASA Technical Reports Server (NTRS)

    Ansari, Rafat R.; Bockle, Stefan; Rovati, Luigi

    2004-01-01

    A new optical scheme to detect glucose concentration in the aqueous humor of the eye is presented. The ultimate aim is to apply this technique in designing a new instrument for, routinely and frequently, noninvasively monitoring blood glucose levels in diabetic patients without contact (no index matching) between the eye and the instrument. The optical scheme exploits the Brewster reflection of circularly polarized light off of the lens of the eye. Theoretically, this reflected linearly polarized light on its way to the detector is expected to rotate its state of polarization, owing to the presence of glucose molecules in the aqueous humor of a patient's eye. An experimental laboratory setup based on this scheme was designed and tested by measuring a range of known concentrations of glucose solutions dissolved in water. (c) 2004 Society of Photo-Optical Instrumentation Engineers.

  18. An ICA based MIMO-OFDM VLC scheme

    NASA Astrophysics Data System (ADS)

    Jiang, Fangqing; Deng, Honggui; Xiao, Wei; Tao, Shaohua; Zhu, Kaicheng

    2015-07-01

    In this paper, we propose a novel ICA based MIMO-OFDM VLC scheme, where ICA is applied to convert the MIMO-OFDM channel into several SISO-OFDM channels to reduce computational complexity in channel estimation, without any spectral overhead. Besides, the FM is first investigated to further modulate the OFDM symbols to eliminate the correlation of the signals, so as to improve the separation performance of the ICA algorithm. In the 4×4MIMO-OFDM VLC simulation experiment, LOS path and NLOS paths are both considered, each transmitting signal at 100 Mb/s. Simulation results show that the BER of the proposed scheme reaches the 10-5 level at SNR=20 dB, which is a large improvement compared to the traditional schemes.

  19. Image classification based on scheme of principal node analysis

    NASA Astrophysics Data System (ADS)

    Yang, Feng; Ma, Zheng; Xie, Mei

    2016-11-01

    This paper presents a scheme of principal node analysis (PNA) with the aim to improve the representativeness of the learned codebook so as to enhance the classification rate of scene image. Original images are normalized into gray ones and the scale-invariant feature transform (SIFT) descriptors are extracted from each image in the preprocessing stage. Then, the PNA-based scheme is applied to the SIFT descriptors with iteration and selection algorithms. The principal nodes of each image are selected through spatial analysis of the SIFT descriptors with Manhattan distance (L1 norm) and Euclidean distance (L2 norm) in order to increase the representativeness of the codebook. With the purpose of evaluating the performance of our scheme, the feature vector of the image is calculated by two baseline methods after the codebook is constructed. The L1-PNA- and L2-PNA-based baseline methods are tested and compared with different scales of codebooks over three public scene image databases. The experimental results show the effectiveness of the proposed scheme of PNA with a higher categorization rate.

  20. Threshold secret sharing scheme based on phase-shifting interferometry.

    PubMed

    Deng, Xiaopeng; Shi, Zhengang; Wen, Wei

    2016-11-01

    We propose a new method for secret image sharing with the (3,N) threshold scheme based on phase-shifting interferometry. The secret image, which is multiplied with an encryption key in advance, is first encrypted by using Fourier transformation. Then, the encoded image is shared into N shadow images based on the recording principle of phase-shifting interferometry. Based on the reconstruction principle of phase-shifting interferometry, any three or more shadow images can retrieve the secret image, while any two or fewer shadow images cannot obtain any information of the secret image. Thus, a (3,N) threshold secret sharing scheme can be implemented. Compared with our previously reported method, the algorithm of this paper is suited for not only a binary image but also a gray-scale image. Moreover, the proposed algorithm can obtain a larger threshold value t. Simulation results are presented to demonstrate the feasibility of the proposed method.

  1. A Provably Secure Revocable ID-Based Authenticated Group Key Exchange Protocol with Identifying Malicious Participants

    PubMed Central

    Tsai, Tung-Tso

    2014-01-01

    The existence of malicious participants is a major threat for authenticated group key exchange (AGKE) protocols. Typically, there are two detecting ways (passive and active) to resist malicious participants in AGKE protocols. In 2012, the revocable identity- (ID-) based public key system (R-IDPKS) was proposed to solve the revocation problem in the ID-based public key system (IDPKS). Afterwards, based on the R-IDPKS, Wu et al. proposed a revocable ID-based AGKE (RID-AGKE) protocol, which adopted a passive detecting way to resist malicious participants. However, it needs three rounds and cannot identify malicious participants. In this paper, we fuse a noninteractive confirmed computation technique to propose the first two-round RID-AGKE protocol with identifying malicious participants, which is an active detecting way. We demonstrate that our protocol is a provably secure AGKE protocol with forward secrecy and can identify malicious participants. When compared with the recently proposed ID/RID-AGKE protocols, our protocol possesses better performance and more robust security properties. PMID:24991641

  2. Geospatial Authentication

    NASA Technical Reports Server (NTRS)

    Lyle, Stacey D.

    2009-01-01

    A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server.

  3. A Cartesian grid-based unified gas kinetic scheme

    NASA Astrophysics Data System (ADS)

    Chen, Songze; Xu, Kun

    2014-12-01

    A Cartesian grid-based unified gas kinetic scheme is developed. In this approach, any oriented boundary in a Cartesian grid is represented by many directional boundary points. The numerical flux is evaluated on each boundary point. Then, a boundary flux interpolation method (BFIM) is constructed to distribute the boundary effect to the flow evolution on regular Cartesian grid points. The BFIM provides a general strategy to implement any kind of boundary condition on Cartesian grid. The newly developed technique is implemented in the unified gas kinetic scheme, where the scheme is reformulated into a finite difference format. Several typical test cases are simulated with different geometries. For example, the thermophoresis phenomenon for a plate with infinitesimal thickness immersed in a rarefied flow environment is calculated under different orientations on the same Cartesian grid. These computational results validate the BFIM in the unified scheme for the capturing of different thermal boundary conditions. The BFIM can be extended to the moving boundary problems as well.

  4. Template characterization and correlation algorithm created from segmentation for the iris biometric authentication based on analysis of textures implemented on a FPGA

    NASA Astrophysics Data System (ADS)

    Giacometto, F. J.; Vilardy, J. M.; Torres, C. O.; Mattos, L.

    2011-01-01

    Among the most used biometric signals to set personal security permissions, taker increasingly importance biometric iris recognition based on their textures and images of blood vessels due to the rich in these two unique characteristics that are unique to each individual. This paper presents an implementation of an algorithm characterization and correlation of templates created for biometric authentication based on iris texture analysis programmed on a FPGA (Field Programmable Gate Array), authentication is based on processes like characterization methods based on frequency analysis of the sample, and frequency correlation to obtain the expected results of authentication.

  5. Design of Anonymous Attribute Authentication Mechanism

    NASA Astrophysics Data System (ADS)

    Kiyomoto, Shinsaku; Fukushima, Kazuhide; Tanaka, Toshiaki

    Privacy remains an issue for IT services. Users are concerned that their history of service use may be traceable since each user is assigned a single identifier as a means of authentication.
    In this paper, we propose a perfectly anonymous attribute authentication scheme that is both unidentifiable and untraceable. Then, we present the evaluation results of a prototype system using a PC and mobile phone with the scheme. The proposed scheme employs a self-blindable certificate that a user can change randomly; thus the certificate is modified for each authentication, and the authentication scheme is unidentifiable and untraceable. Furthermore, our scheme can revoke self-blindable certificates without leaks of confidential private information and check the revocation status without online access.

  6. Enhancing Community Detection By Affinity-based Edge Weighting Scheme

    SciTech Connect

    Yoo, Andy; Sanders, Geoffrey; Henson, Van; Vassilevski, Panayot

    2015-10-05

    Community detection refers to an important graph analytics problem of finding a set of densely-connected subgraphs in a graph and has gained a great deal of interest recently. The performance of current community detection algorithms is limited by an inherent constraint of unweighted graphs that offer very little information on their internal community structures. In this paper, we propose a new scheme to address this issue that weights the edges in a given graph based on recently proposed vertex affinity. The vertex affinity quantifies the proximity between two vertices in terms of their clustering strength, and therefore, it is ideal for graph analytics applications such as community detection. We also demonstrate that the affinity-based edge weighting scheme can improve the performance of community detection algorithms significantly.

  7. Kinetic energy decomposition scheme based on information theory.

    PubMed

    Imamura, Yutaka; Suzuki, Jun; Nakai, Hiromi

    2013-12-15

    We proposed a novel kinetic energy decomposition analysis based on information theory. Since the Hirshfeld partitioning for electron densities can be formulated in terms of Kullback-Leibler information deficiency in information theory, a similar partitioning for kinetic energy densities was newly proposed. The numerical assessments confirm that the current kinetic energy decomposition scheme provides reasonable chemical pictures for ionic and covalent molecules, and can also estimate atomic energies using a correction with viral ratios.

  8. A public key encryption scheme based on idempotent semirings

    NASA Astrophysics Data System (ADS)

    Durcheva, Mariana; Rachev, Martin

    2015-11-01

    The problem of solving two sided linear equations in the idempotent semirings R¯m a x and R¯m i n has been proved to be reducible to the problem mean payoff game which is of the NP∩ coNP type. In the present paper, we use the mentioned security results and construct a new public key encryption scheme based on the hardness of the problem of solving two sided linear equations in the idempotent semirings.

  9. Capturing Cognitive Processing Time for Active Authentication

    DTIC Science & Technology

    2014-02-01

    biometrics, extracted from keystroke dynamics , as “something a user is” for active authentication. This scheme performs continual verification in the...fingerprint for continuous authentication. Its effectiveness has been verified through a large-scale dataset. 2.0 INTRODUCTION Keystroke dynamics —the...measure the similarity. A recent survey on biometric authentication using keystroke dynamics classified research papers on the basis of their

  10. Energy Efficient Cluster Based Scheduling Scheme for Wireless Sensor Networks.

    PubMed

    Janani, E Srie Vidhya; Kumar, P Ganesh

    2015-01-01

    The energy utilization of sensor nodes in large scale wireless sensor network points out the crucial need for scalable and energy efficient clustering protocols. Since sensor nodes usually operate on batteries, the maximum utility of network is greatly dependent on ideal usage of energy leftover in these sensor nodes. In this paper, we propose an Energy Efficient Cluster Based Scheduling Scheme for wireless sensor networks that balances the sensor network lifetime and energy efficiency. In the first phase of our proposed scheme, cluster topology is discovered and cluster head is chosen based on remaining energy level. The cluster head monitors the network energy threshold value to identify the energy drain rate of all its cluster members. In the second phase, scheduling algorithm is presented to allocate time slots to cluster member data packets. Here congestion occurrence is totally avoided. In the third phase, energy consumption model is proposed to maintain maximum residual energy level across the network. Moreover, we also propose a new packet format which is given to all cluster member nodes. The simulation results prove that the proposed scheme greatly contributes to maximum network lifetime, high energy, reduced overhead, and maximum delivery ratio.

  11. Adverse drug reactions: a hospital pharmacy-based reporting scheme.

    PubMed Central

    Winstanley, P A; Irvin, L E; Smith, J C; Orme, M L; Breckenridge, A M

    1989-01-01

    A pharmacy-based adverse drug reaction (ADR) reporting scheme, using pharmacists, nurses and medical practitioners as initiators of reports, was set up at the end of 1984 in the Royal Liverpool Hospital in order to encourage reporting. New reports were inspected at weekly intervals by a staff pharmacist, and a clinical pharmacologist. Reports were forwarded to the Committee on Safety of Medicines if the reaction was considered to be serious by the clinicians, or the ADR team or involved 'black triangle' drugs. The total number of ADR reports was increased eightfold by the introduction of the scheme (from 14 in 1984 to 76, 102 and 94 in 1985, 1986 and 1987 respectively), and this rate of reporting has been sustained. PMID:2775609

  12. Prediction-based association control scheme in dense femtocell networks

    PubMed Central

    Pham, Ngoc-Thai; Huynh, Thong; Hwang, Won-Joo; You, Ilsun; Choo, Kim-Kwang Raymond

    2017-01-01

    The deployment of large number of femtocell base stations allows us to extend the coverage and efficiently utilize resources in a low cost manner. However, the small cell size of femtocell networks can result in frequent handovers to the mobile user, and consequently throughput degradation. Thus, in this paper, we propose predictive association control schemes to improve the system’s effective throughput. Our design focuses on reducing handover frequency without impacting on throughput. The proposed schemes determine handover decisions that contribute most to the network throughput and are proper for distributed implementations. The simulation results show significant gains compared with existing methods in terms of handover frequency and network throughput perspective. PMID:28328992

  13. Security enhancement mechanism based on contextual authentication and role analysis for 2G-RFID systems.

    PubMed

    Tang, Wan; Chen, Min; Ni, Jin; Yang, Ximin

    2011-01-01

    The traditional Radio Frequency Identification (RFID) system, in which the information maintained in tags is passive and static, has no intelligent decision-making ability to suit application and environment dynamics. The Second-Generation RFID (2G-RFID) system, referred as 2G-RFID-sys, is an evolution of the traditional RFID system to ensure better quality of service in future networks. Due to the openness of the active mobile codes in the 2G-RFID system, the realization of conveying intelligence brings a critical issue: how can we make sure the backend system will interpret and execute mobile codes in the right way without misuse so as to avoid malicious attacks? To address this issue, this paper expands the concept of Role-Based Access Control (RBAC) by introducing context-aware computing, and then designs a secure middleware for backend systems, named Two-Level Security Enhancement Mechanism or 2L-SEM, in order to ensure the usability and validity of the mobile code through contextual authentication and role analysis. According to the given contextual restrictions, 2L-SEM can filtrate the illegal and invalid mobile codes contained in tags. Finally, a reference architecture and its typical application are given to illustrate the implementation of 2L-SEM in a 2G-RFID system, along with the simulation results to evaluate how the proposed mechanism can guarantee secure execution of mobile codes for the system.

  14. Security Enhancement Mechanism Based on Contextual Authentication and Role Analysis for 2G-RFID Systems

    PubMed Central

    Tang, Wan; Chen, Min; Ni, Jin; Yang, Ximin

    2011-01-01

    The traditional Radio Frequency Identification (RFID) system, in which the information maintained in tags is passive and static, has no intelligent decision-making ability to suit application and environment dynamics. The Second-Generation RFID (2G-RFID) system, referred as 2G-RFID-sys, is an evolution of the traditional RFID system to ensure better quality of service in future networks. Due to the openness of the active mobile codes in the 2G-RFID system, the realization of conveying intelligence brings a critical issue: how can we make sure the backend system will interpret and execute mobile codes in the right way without misuse so as to avoid malicious attacks? To address this issue, this paper expands the concept of Role-Based Access Control (RBAC) by introducing context-aware computing, and then designs a secure middleware for backend systems, named Two-Level Security Enhancement Mechanism or 2L-SEM, in order to ensure the usability and validity of the mobile code through contextual authentication and role analysis. According to the given contextual restrictions, 2L-SEM can filtrate the illegal and invalid mobile codes contained in tags. Finally, a reference architecture and its typical application are given to illustrate the implementation of 2L-SEM in a 2G-RFID system, along with the simulation results to evaluate how the proposed mechanism can guarantee secure execution of mobile codes for the system. PMID:22163983

  15. Secure voice-based authentication for mobile devices: vaulted voice verification

    NASA Astrophysics Data System (ADS)

    Johnson, R. C.; Scheirer, Walter J.; Boult, Terrance E.

    2013-05-01

    As the use of biometrics becomes more wide-spread, the privacy concerns that stem from the use of biometrics are becoming more apparent. As the usage of mobile devices grows, so does the desire to implement biometric identification into such devices. A large majority of mobile devices being used are mobile phones. While work is being done to implement different types of biometrics into mobile phones, such as photo based biometrics, voice is a more natural choice. The idea of voice as a biometric identifier has been around a long time. One of the major concerns with using voice as an identifier is the instability of voice. We have developed a protocol that addresses those instabilities and preserves privacy. This paper describes a novel protocol that allows a user to authenticate using voice on a mobile/remote device without compromising their privacy. We first discuss the Vaulted Verification protocol, which has recently been introduced in research literature, and then describe its limitations. We then introduce a novel adaptation and extension of the Vaulted Verification protocol to voice, dubbed Vaulted Voice Verification (V3). Following that we show a performance evaluation and then conclude with a discussion of security and future work.

  16. Intersubject Differences in False Nonmatch Rates for a Fingerprint-Based Authentication System

    NASA Astrophysics Data System (ADS)

    Breebaart, Jeroen; Akkermans, Ton; Kelkboom, Emile

    2009-12-01

    The intersubject dependencies of false nonmatch rates were investigated for a minutiae-based biometric authentication process using single enrollment and verification measurements. A large number of genuine comparison scores were subjected to statistical inference tests that indicated that the number of false nonmatches depends on the subject and finger under test. This result was also observed if subjects associated with failures to enroll were excluded from the test set. The majority of the population (about 90%) showed a false nonmatch rate that was considerably smaller than the average false nonmatch rate of the complete population. The remaining 10% could be characterized as "goats due to their relatively high probability for a false nonmatch. The image quality reported by the template extraction module only weakly correlated with the genuine comparison scores. When multiple verification attempts were investigated, only a limited benefit was observed for "goats, since the conditional probability for a false nonmatch given earlier nonsuccessful attempts increased with the number of attempts. These observations suggest that (1) there is a need for improved identification of "goats during enrollment (e.g., using dedicated signal-driven analysis and classification methods and/or the use of multiple enrollment images) and (2) there should be alternative means for identity verification in the biometric system under test in case of two subsequent false nonmatches.

  17. Authenticating cache.

    SciTech Connect

    Smith, Tyler Barratt; Urrea, Jorge Mario

    2012-06-01

    The aim of the Authenticating Cache architecture is to ensure that machine instructions in a Read Only Memory (ROM) are legitimate from the time the ROM image is signed (immediately after compilation) to the time they are placed in the cache for the processor to consume. The proposed architecture allows the detection of ROM image modifications during distribution or when it is loaded into memory. It also ensures that modified instructions will not execute in the processor-as the cache will not be loaded with a page that fails an integrity check. The authenticity of the instruction stream can also be verified in this architecture. The combination of integrity and authenticity assurance greatly improves the security profile of a system.

  18. A proposed classification scheme for Ada-based software products

    NASA Technical Reports Server (NTRS)

    Cernosek, Gary J.

    1986-01-01

    As the requirements for producing software in the Ada language become a reality for projects such as the Space Station, a great amount of Ada-based program code will begin to emerge. Recognizing the potential for varying levels of quality to result in Ada programs, what is needed is a classification scheme that describes the quality of a software product whose source code exists in Ada form. A 5-level classification scheme is proposed that attempts to decompose this potentially broad spectrum of quality which Ada programs may possess. The number of classes and their corresponding names are not as important as the mere fact that there needs to be some set of criteria from which to evaluate programs existing in Ada. An exact criteria for each class is not presented, nor are any detailed suggestions of how to effectively implement this quality assessment. The idea of Ada-based software classification is introduced and a set of requirements from which to base further research and development is suggested.

  19. Strengthening Authentication

    ERIC Educational Resources Information Center

    Gale, Doug

    2007-01-01

    The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

  20. How to Speak an Authentication Secret Securely from an Eavesdropper

    NASA Astrophysics Data System (ADS)

    O'Gorman, Lawrence; Brotman, Lynne; Sammon, Michael

    When authenticating over the telephone or mobile headphone, the user cannot always assure that no eavesdropper hears the password or authentication secret. We describe an eavesdropper-resistant, challenge-response authentication scheme for spoken authentication where an attacker can hear the user’s voiced responses. This scheme entails the user to memorize a small number of plaintext-ciphertext pairs. At authentication, these are challenged in random order and interspersed with camouflage elements. It is shown that the response can be made to appear random so that no information on the memorized secret can be learned by eavesdroppers. We describe the method along with parameter value tradeoffs of security strength, authentication time, and memory effort. This scheme was designed for user authentication of wireless headsets used for hands-free communication by healthcare staff at a hospital.

  1. Improving a Field School Curriculum Using Modularized Lessons and Authentic Case-Based Learning

    ERIC Educational Resources Information Center

    Rea, Roy V.; Hodder, Dexter P.

    2007-01-01

    University course evaluations are replete with student comments expressing frustration with taking time out of work, paying money for, and putting energy into field education projects that lack authentic "real-world" problem-solving objectives. Here, we describe a model for field school education that borrows on pedagogical tools such as…

  2. Authentic Arts-Based Learning in Teacher Education: A Musical Theatre Experience

    ERIC Educational Resources Information Center

    Ogden, Holly; DeLuca, Christopher; Searle, Michelle

    2010-01-01

    There is increasing concern over disengagement of teacher candidates during on-campus periods of pre-service programs due to the perceived disconnect between educational theory and practice. In response, teacher education has been called to engage candidates in praxis through authentic learning. In this paper, we bring together the fields of…

  3. Text-Based Recall and Extra-Textual Generations Resulting from Simplified and Authentic Texts

    ERIC Educational Resources Information Center

    Crossley, Scott A.; McNamara, Danielle S.

    2016-01-01

    This study uses a moving windows self-paced reading task to assess text comprehension of beginning and intermediate-level simplified texts and authentic texts by L2 learners engaged in a text-retelling task. Linear mixed effects (LME) models revealed statistically significant main effects for reading proficiency and text level on the number of…

  4. Authentic Game-Based Learning and Teachers' Dilemmas in Reconstructing Professional Practice

    ERIC Educational Resources Information Center

    Chee, Yam San; Mehrotra, Swati; Ong, Jing Chuan

    2015-01-01

    Teachers who attempt pedagogical innovation with authentic digital games face significant challenges because such games instantiate open systems of learner activity, inviting enquiry learning rather than knowledge acquisition. However, school environments are normatively sanctioned cultural spaces where direct instruction and high-stakes tests are…

  5. Authentic Education by Providing a Situation for Student-Selected Problem-Based Learning

    ERIC Educational Resources Information Center

    Strimel, Greg

    2014-01-01

    Students are seldom given an authentic experience within school that allows them the opportunity to solve real-life complex engineering design problems that have meaning to their lives and/ or the greater society. They are often confined to learning environments that are limited by the restrictions set by course content for assessment purposes and…

  6. Vocabulary Recycling in Children's Authentic Reading Materials: A Corpus-Based Investigation of Narrow Reading

    ERIC Educational Resources Information Center

    Gardner, Dee

    2008-01-01

    Fourteen collections of children's reading materials were used to investigate the claim that collections of authentic texts with a common theme, or written by one author, afford readers with more repeated exposures to new words than unrelated materials. The collections, distinguished by relative thematic tightness, authorship (1 vs. 4 authors),…

  7. Appreciation of Authenticity Promotes Curiosity: Implications for Object-Based Learning in Museums

    ERIC Educational Resources Information Center

    Bunce, Louise

    2016-01-01

    Museum professionals suppose that interacting with authentic objects promotes curiosity and engagement, but this has not been tested. In this research, children and adults visiting the Oxford University Museum of Natural History were shown a taxidermied rabbit or rabbit skeleton. They were asked "Is it real?," "Why?" and were…

  8. Kerberos authentication: The security answer for unsecured networks

    SciTech Connect

    Engert, D.E.

    1995-06-01

    Traditional authentication schemes do not properly address the problems encountered with today`s unsecured networks. Kerbmm developed by MIT, on the other hand is designed to operate in an open unsecured network, yet provide good authentication and security including encrypted session traffic. Basic Kerberos principles as well as experiences of the ESnet Authentication Pilot Project with Cross Realm. Authentication between four National Laboratories will also be described.

  9. Enhanced visual secret sharing for graphical password authentication

    NASA Astrophysics Data System (ADS)

    Rajendra, A. B.; Sheshadri, H. S.

    2013-03-01

    Password is a very common and widely used authentication method to provide security to valuable data. It is desirable to make password more memorable and easier for people to use. Traditionally passwords are alphanumeric, numbers & symbols. Some problems of normal password appear like stolen the password, forgetting the password, week password. Study shows that text-based passwords suffer with both security and authentication problems. To overcome these problems, Graphical passwords have been developed. Visual secret sharing (VSS) scheme is a secret sharing scheme in which an image is converted into shares. No information can be revealed by observing any share (Dotted image). The information about the original image will be revealed only after stacking sufficient number of shares (Dotted images). In this paper, we have used XNOR operation instead of OR operation and contrast of the decrypted image is clearer than existing Enhanced Visual Secret Sharing (EVSS) scheme. Also, we are presenting new approach to authenticate graphical password image using 2-out-of-2 EVSS scheme. Which can be used to protect machines with additional security.

  10. Differential Effects of Web-Based and Paper-Based Administration of Questionnaire Research Instruments in Authentic Contexts-of-Use

    ERIC Educational Resources Information Center

    Hardre, Patricia L.; Crowson, H. Michael; Xie, Kui

    2010-01-01

    Questionnaire instruments are routinely translated to digital administration systems; however, few studies have compared the differential effects of these administrative methods, and fewer yet in authentic contexts-of-use. In this study, 326 university students were randomly assigned to one of two administration conditions, paper-based (PBA) or…

  11. System and method for authentication

    DOEpatents

    Duerksen, Gary L.; Miller, Seth A.

    2015-12-29

    Described are methods and systems for determining authenticity. For example, the method may include providing an object of authentication, capturing characteristic data from the object of authentication, deriving authentication data from the characteristic data of the object of authentication, and comparing the authentication data with an electronic database comprising reference authentication data to provide an authenticity score for the object of authentication. The reference authentication data may correspond to one or more reference objects of authentication other than the object of authentication.

  12. Authentication Binding between SSL/TLS and HTTP

    NASA Astrophysics Data System (ADS)

    Saito, Takamichi; Sekiguchi, Kiyomi; Hatsugai, Ryosuke

    While the Secure Socket Layer or Transport Layer Security (SSL/TLS) is assumed to provide secure communications over the Internet, many web applications utilize basic or digest authentication of Hyper Text Transport Protocol (HTTP) over SSL/TLS. Namely, in the scheme, there are two different authentication schemes in a session. Since they are separated by a layer, these are not convenient for a web application. Moreover, the scheme may also cause problems in establishing secure communication. Then we provide a scheme of authentication binding between SSL/TLS and HTTP without modifying SSL/TLS protocols and its implementation, and we show the effectiveness of our proposed scheme.

  13. Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

    SciTech Connect

    Chevassut, Olivier; Milner, Joseph; Pointcheval, David

    2008-04-21

    The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on an analysis of relevant patents in the area.

  14. An Arbitrated Quantum Signature Scheme Based on Hyperchaotic Quantum Cryptosystem

    NASA Astrophysics Data System (ADS)

    Guo, Ying; Sun, Xin; Zhang, Wei

    2013-07-01

    A chaos-based arbitrated quantum signature (AQS) scheme is designed on the basis of an improved quantum chaotic encryption algorithm whose security is ensured due to the implementation of the quantum one-time pad that embraces the key-dependent chaotic operation string. It involves in a small-scale quantum computation network with three participants in three phases, i.e. initializing phase, signing phase and verifying phase. The signatory signs the encrypted message and then the receiver verifies the signature is valid with the aid of an arbitrator who plays a crucial role when a dispute arises. Analysis shows that the signature can neither be forged nor disavowed by the malicious attackers.

  15. Genetic comparison of breeding schemes based on semen importation and local breeding schemes: framework and application to Costa Rica.

    PubMed

    Vargas, B; van Arendonk, J A M

    2004-05-01

    Local breeding schemes for Holstein cattle of Costa Rica were compared with the current practice based on continuous semen importation (SI) by deterministic simulation. Comparison was made on the basis of genetic response and correlation between breeding goals. A local breeding goal was defined on the basis of prevailing production circumstances and compared against a typical breeding goal for an exporting country. Differences in genetic response were <3%, and the correlation between breeding goals was 0.99. Therefore, difference between breeding objectives proved negligible. For the evaluation of genetic response, the current scheme based on SI was evaluated against a progeny testing (PT) scheme and a closed nucleus (CN) breeding scheme, both local. Selection intensities and accuracy of selection were defined according to current population size and reproduction efficiency parameters. When genotype x environment interaction (G x E) was ignored, SI was the strategy with the highest genetic response: 5.0% above the CN breeding scheme and 33.2% above PT. A correlation between breeding values in both countries lower than one was assumed to assess the effect of G x E. This resulted in permanent effects on the relative efficiencies of breeding strategies because of the reduction in the rate of genetic response when SI was used. When the genetic correlation was assumed equal to 0.75, the genetic response achieved with SI was reduced at the same level as local PT. When an initial difference in average genetic merit of the populations was assumed, this only had a temporal effect on the relative ranking of strategies, which is reverted after some years of selection because the rate of change in genetic responses remains unchanged. Given that the actual levels of genetic correlation between countries may be around 0.60, it was concluded that a local breeding scheme based on a nucleus herd could provide better results than the current strategy based on SI.

  16. CURRICULUM MATTERS: Authentic science in schools? - an evidence-based rationale

    NASA Astrophysics Data System (ADS)

    Woolnough, Brian E.

    2000-07-01

    Students can, and should, do open-ended projects in their school science education. This article draws together findings from a series of research investigations into students' research projects in schools. It finds that they are effective in developing core skills in students, especially problem-solving, communication and interpersonal skills; that they improve the attitudes of students towards science and technology and the likelihood that they will enter careers in these areas; and that they allow students to experience and develop one important type of authentic science in schools. It suggests that we now have a rationale for the inclusion of student research projects into the science curriculum and evidence that school science will be enriched and revived by the introduction of such authentic science.

  17. Color image authentication using a zone-corrected error-monitoring quantization-based watermarking technique

    NASA Astrophysics Data System (ADS)

    Al-Otum, Hazem Munawer

    2016-08-01

    This article presents a semifragile color image watermarking technique for content authentication. The proposed technique can be implemented with color images and embeds a watermarking sequence into the low-frequency coefficients of the approximation, horizontal, and vertical sub-bands of a modified two-leveled discrete wavelet transform. This is obtained by inserting a predefined value, collected from two of the three R, G, and B color layers, into the third color layer. This gives an ability to monitor modifications by observing the changes occurring in the color layer where the watermark is embedded. Here, two measures were developed to check the technique copyright and authentication performances. Experimental results have shown a high accuracy in detecting and localizing intentional attacks while exhibiting a high robustness against common image processing attacks.

  18. A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System.

    PubMed

    Mohit, Prerna; Amin, Ruhul; Karati, Arijit; Biswas, G P; Khan, Muhammad Khurram

    2017-04-01

    Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

  19. On Secure Implementation of an IHE XUA-Based Protocol for Authenticating Healthcare Professionals

    NASA Astrophysics Data System (ADS)

    Masi, Massimiliano; Pugliese, Rosario; Tiezzi, Francesco

    The importance of the Electronic Health Record (EHR) has been addressed in recent years by governments and institutions.Many large scale projects have been funded with the aim to allow healthcare professionals to consult patients data. Properties such as confidentiality, authentication and authorization are the key for the success for these projects. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of established standards for authenticated and secure EHR exchanges among clinics and hospitals. In particular, the IHE integration profile named XUA permits to attest user identities by relying on SAML assertions, i.e. XML documents containing authentication statements. In this paper, we provide a formal model for the secure issuance of such an assertion. We first specify the scenario using the process calculus COWS and then analyse it using the model checker CMC. Our analysis reveals a potential flaw in the XUA profile when using a SAML assertion in an unprotected network. We then suggest a solution for this flaw, and model check and implement this solution to show that it is secure and feasible.

  20. Cryptanalysis and Improvement on "Robust EPR-Pairs-Based Quantum Secure Communication with Authentication Resisting Collective Noise"

    NASA Astrophysics Data System (ADS)

    Yue, Qiu-Ling; Yu, Chao-Hua; Liu, Bin; Wang, Qing-Le

    2016-10-01

    Recently, Chang et al. [Sci Chin-Phys Mech Astron. 57(10), 1907-1912, 2014] proposed two robust quantum secure communication protocols with authentication based on Einstein-Podolsky-Rosen (EPR) pairs, which can resist collective noise. In this paper, we analyze the security of their protocols, and show that there is a kind of security flaw in their protocols. By a kind of impersonation attack, the eavesdropper can obtain half of the message on average. Furthermore, an improved method of their protocols is proposed to close the security loophole.

  1. A Robust Conditional Privacy-Preserving Authentication Protocol in VANET

    NASA Astrophysics Data System (ADS)

    Jung, Chae Duk; Sur, Chul; Park, Youngho; Rhee, Kyung-Hyune

    Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for secure vehicular communications. However, ECPP dose not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust conditional privacy-preserving authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in our protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for validity check of RSUs. In order to achieve these goals, we consider a universal re-encryption scheme as our building block.

  2. On the Security of Provably Secure Multi-Receiver ID-Based Signcryption Scheme

    NASA Astrophysics Data System (ADS)

    Tan, Chik-How

    Recently, Duan and Cao proposed an multi-receiver identity-based signcryption scheme. They showed that their scheme is secure against adaptive chosen ciphertext attacks in the random oracle model. In this paper, we show that their scheme is in fact not secure against adaptive chosen ciphertext attacks under their defined security model.

  3. An Anonymous Voting Scheme based on Confirmation Numbers

    NASA Astrophysics Data System (ADS)

    Alam, Kazi Md. Rokibul; Tamura, Shinsuke; Taniguchi, Shuji; Yanase, Tatsuro

    This paper proposes a new electronic voting (e-voting) scheme that fulfills all the security requirements of e-voting i.e. privacy, accuracy, universal verifiability, fairness, receipt-freeness, incoercibility, dispute-freeness, robustness, practicality and scalability; usually some of which are found to be traded. When compared with other existing schemes, this scheme requires much more simple computations and weaker assumptions about trustworthiness of individual election authorities. The key mechanism is the one that uses confirmation numbers involved in individual votes to make votes verifiable while disabling all entities including voters themselves to know the linkages between voters and their votes. Many existing e-voting schemes extensively deploy zero-knowledge proof (ZKP) to achieve verifiability. However, ZKP is expensive and complicated. The confirmation numbers attain the verifiability requirement in a much more simple and intuitive way, then the scheme becomes scalable and practical.

  4. Final report for the network authentication investigation and pilot.

    SciTech Connect

    Eldridge, John M.; Dautenhahn, Nathan; Miller, Marc M.; Wiener, Dallas J; Witzke, Edward L.

    2006-11-01

    New network based authentication mechanisms are beginning to be implemented in industry. This project investigated different authentication technologies to see if and how Sandia might benefit from them. It also investigated how these mechanisms can integrate with the Sandia Two-Factor Authentication Project. The results of these investigations and a network authentication path forward strategy are documented in this report.

  5. Three-dimensional compression scheme based on wavelet transform

    NASA Astrophysics Data System (ADS)

    Yang, Wu; Xu, Hui; Liao, Mengyang

    1999-03-01

    In this paper, a 3D compression method based on separable wavelet transform is discussed in detail. The most commonly used digital modalities generate multiple slices in a single examination, which are normally anatomically or physiologically correlated to each other. 3D wavelet compression methods can achieve more efficient compression by exploring the correlation between slices. The first step is based on a separable 3D wavelet transform. Considering the difference between pixel distances within a slice and those between slices, one biorthogonal Antoninin filter bank is applied within 2D slices and a second biorthogonal Villa4 filter bank on the slice direction. Then, S+P transform is applied in the low-resolution wavelet components and an optimal quantizer is presented after analysis of the quantization noise. We use an optimal bit allocation algorithm, which, instead of eliminating the coefficients of high-resolution components in smooth areas, minimizes the system reconstruction distortion at a given bit-rate. Finally, to remain high coding efficiency and adapt to different properties of each component, a comprehensive entropy coding method is proposed, in which arithmetic coding method is applied in high-resolution components and adaptive Huffman coding method in low-resolution components. Our experimental results are evaluated by several image measures and our 3D wavelet compression scheme is proved to be more efficient than 2D wavelet compression.

  6. Tools for Authentication

    SciTech Connect

    White, G

    2008-07-09

    Many recent Non-proliferation and Arms Control software projects include a software authentication component. In this context, 'authentication' is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. In addition to visual inspection by knowledgeable computer scientists, automated tools are needed to highlight suspicious code constructs both to aid the visual inspection and to guide program development. While many commercial tools are available for portions of the authentication task, they are proprietary, and have limited extensibility. An open-source, extensible tool can be customized to the unique needs of each project (projects can have both common and custom rules to detect flaws and security holes). Any such extensible tool must be based on a complete language compiler infrastructure, that is, one that can parse and digest the full language through its standard grammar. ROSE is precisely such a compiler infrastructure developed within DOE. ROSE is a robust source-to-source analysis and optimization infrastructure currently addressing large, million-line DOE applications in C, C++, and FORTRAN. This year, it has been extended to support the automated analysis of binaries. We continue to extend ROSE to address a number of security-specific requirements and apply it to software authentication for Non-proliferation and Arms Control projects. We will give an update on the status of our work.

  7. Multiparty quantum secret sharing scheme based on the phase shift operations

    NASA Astrophysics Data System (ADS)

    Du, Yu-tao; Bao, Wan-su

    2013-11-01

    Based on a kind of multiparty quantum secret sharing schemes with Bell states, we propose a novel collective attack strategy in this paper. In our strategy, the group of in-attackers can obtain the entire secret information without introducing any error. More interestingly, a new multiparty quantum secret sharing scheme is proposed based on the 3-element phase shift operations. The scheme can resist not only the existing attacks, but also the cheating attack from the dishonest agent. Meanwhile, the scheme improves the efficiency of scheme by reducing the number of the eavesdropping detections and the computation complexity.

  8. An efficient and provable secure revocable identity-based encryption scheme.

    PubMed

    Wang, Changji; Li, Yuan; Xia, Xiaonan; Zheng, Kangjia

    2014-01-01

    Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE) has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters' identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters.

  9. An Efficient and Provable Secure Revocable Identity-Based Encryption Scheme

    PubMed Central

    Wang, Changji; Li, Yuan; Xia, Xiaonan; Zheng, Kangjia

    2014-01-01

    Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE) has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters’ identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters. PMID:25238418

  10. An Identity-Based (IDB) Broadcast Encryption Scheme with Personalized Messages (BEPM).

    PubMed

    Xu, Ke; Liao, Yongjian; Qiao, Li; Liu, Zhangyun; Yang, Xiaowei

    2015-01-01

    A broadcast encryption scheme with personalized messages (BEPM) is a scheme in which a broadcaster transmits not only encrypted broadcast messages to a subset of recipients but also encrypted personalized messages to each user individually. Several broadcast encryption (BE) schemes allow a broadcaster encrypts a message for a subset S of recipients with public keys and any user in S can decrypt the message with his/her private key. However, these BE schemes can not provide an efficient way to transmit encrypted personalized messages to each user individually. In this paper, we propose a broadcast encryption scheme with a transmission of personalized messages. Besides, the scheme is based on multilinear maps ensure constant ciphertext size and private key size of each user and the scheme can achieve statically security. More realistically, the scheme can be applied to the Conditional Access System (CAS) of pay television (pay-TV) efficiently and safely.

  11. An Identity-Based (IDB) Broadcast Encryption Scheme with Personalized Messages (BEPM)

    PubMed Central

    Xu, Ke; Liao, Yongjian; Qiao, Li

    2015-01-01

    A broadcast encryption scheme with personalized messages (BEPM) is a scheme in which a broadcaster transmits not only encrypted broadcast messages to a subset of recipients but also encrypted personalized messages to each user individually. Several broadcast encryption (BE) schemes allow a broadcaster encrypts a message for a subset S of recipients with public keys and any user in S can decrypt the message with his/her private key. However, these BE schemes can not provide an efficient way to transmit encrypted personalized messages to each user individually. In this paper, we propose a broadcast encryption scheme with a transmission of personalized messages. Besides, the scheme is based on multilinear maps ensure constant ciphertext size and private key size of each user and the scheme can achieve statically security. More realistically, the scheme can be applied to the Conditional Access System (CAS) of pay television (pay-TV) efficiently and safely. PMID:26629817

  12. A Malware Detection Scheme Based on Mining Format Information

    PubMed Central

    Bai, Jinrong; Wang, Junfeng; Zou, Guozhong

    2014-01-01

    Malware has become one of the most serious threats to computer information system and the current malware detection technology still has very significant limitations. In this paper, we proposed a malware detection approach by mining format information of PE (portable executable) files. Based on in-depth analysis of the static format information of the PE files, we extracted 197 features from format information of PE files and applied feature selection methods to reduce the dimensionality of the features and achieve acceptable high performance. When the selected features were trained using classification algorithms, the results of our experiments indicate that the accuracy of the top classification algorithm is 99.1% and the value of the AUC is 0.998. We designed three experiments to evaluate the performance of our detection scheme and the ability of detecting unknown and new malware. Although the experimental results of identifying new malware are not perfect, our method is still able to identify 97.6% of new malware with 1.3% false positive rates. PMID:24991639

  13. Noninvasive blood pressure measurement scheme based on optical fiber sensor

    NASA Astrophysics Data System (ADS)

    Liu, Xianxuan; Yuan, Xueguang; Zhang, Yangan

    2016-10-01

    Optical fiber sensing has many advantages, such as volume small, light quality, low loss, strong in anti-jamming. Since the invention of the optical fiber sensing technology in 1977, optical fiber sensing technology has been applied in the military, national defense, aerospace, industrial, medical and other fields in recent years, and made a great contribution to parameter measurement in the environment under the limited condition .With the rapid development of computer, network system, the intelligent optical fiber sensing technology, the sensor technology, the combination of computer and communication technology , the detection, diagnosis and analysis can be automatically and efficiently completed. In this work, we proposed a noninvasive blood pressure detection and analysis scheme which uses optical fiber sensor. Optical fiber sensing system mainly includes the light source, optical fiber, optical detector, optical modulator, the signal processing module and so on. wavelength optical signals were led into the optical fiber sensor and the signals reflected by the human body surface were detected. By comparing actual testing data with the data got by traditional way to measure the blood pressure we can establish models for predicting the blood pressure and achieve noninvasive blood pressure measurement by using spectrum analysis technology. Blood pressure measurement method based on optical fiber sensing system is faster and more convenient than traditional way, and it can get accurate analysis results in a shorter period of time than before, so it can efficiently reduce the time cost and manpower cost.

  14. Arbitrated quantum signature scheme based on cluster states

    NASA Astrophysics Data System (ADS)

    Yang, Yu-Guang; Lei, He; Liu, Zhi-Chao; Zhou, Yi-Hua; Shi, Wei-Min

    2016-06-01

    Cluster states can be exploited for some tasks such as topological one-way computation, quantum error correction, teleportation and dense coding. In this paper, we investigate and propose an arbitrated quantum signature scheme with cluster states. The cluster states are used for quantum key distribution and quantum signature. The proposed scheme can achieve an efficiency of 100 %. Finally, we also discuss its security against various attacks.

  15. Novel Threshold Changeable Secret Sharing Schemes Based on Polynomial Interpolation

    PubMed Central

    Li, Mingchu; Guo, Cheng; Choo, Kim-Kwang Raymond; Ren, Yizhi

    2016-01-01

    After any distribution of secret sharing shadows in a threshold changeable secret sharing scheme, the threshold may need to be adjusted to deal with changes in the security policy and adversary structure. For example, when employees leave the organization, it is not realistic to expect departing employees to ensure the security of their secret shadows. Therefore, in 2012, Zhang et al. proposed (t → t′, n) and ({t1, t2,⋯, tN}, n) threshold changeable secret sharing schemes. However, their schemes suffer from a number of limitations such as strict limit on the threshold values, large storage space requirement for secret shadows, and significant computation for constructing and recovering polynomials. To address these limitations, we propose two improved dealer-free threshold changeable secret sharing schemes. In our schemes, we construct polynomials to update secret shadows, and use two-variable one-way function to resist collusion attacks and secure the information stored by the combiner. We then demonstrate our schemes can adjust the threshold safely. PMID:27792784

  16. Novel Threshold Changeable Secret Sharing Schemes Based on Polynomial Interpolation.

    PubMed

    Yuan, Lifeng; Li, Mingchu; Guo, Cheng; Choo, Kim-Kwang Raymond; Ren, Yizhi

    2016-01-01

    After any distribution of secret sharing shadows in a threshold changeable secret sharing scheme, the threshold may need to be adjusted to deal with changes in the security policy and adversary structure. For example, when employees leave the organization, it is not realistic to expect departing employees to ensure the security of their secret shadows. Therefore, in 2012, Zhang et al. proposed (t → t', n) and ({t1, t2,⋯, tN}, n) threshold changeable secret sharing schemes. However, their schemes suffer from a number of limitations such as strict limit on the threshold values, large storage space requirement for secret shadows, and significant computation for constructing and recovering polynomials. To address these limitations, we propose two improved dealer-free threshold changeable secret sharing schemes. In our schemes, we construct polynomials to update secret shadows, and use two-variable one-way function to resist collusion attacks and secure the information stored by the combiner. We then demonstrate our schemes can adjust the threshold safely.

  17. A cancellable and fuzzy fingerprint scheme for mobile computing security

    NASA Astrophysics Data System (ADS)

    Yang, Wencheng; Xi, Kai; Li, Cai

    2012-09-01

    Fingerprint recognition provides an effective user authentication solution for mobile computing systems. However, as a fingerprint template protection scheme, fingerprint fuzzy vault is subject to cross-matching attacks, since the same finger might be registered for various applications. In this paper, we propose a fingerprint-based biometric security scheme named the cancellable and fuzzy fingerprint scheme, which combines a cancellable non-linear transformation with the client/server version of fuzzy vault, to address the cross-matching attack in a mobile computing system. Experimental results demonstrate that our scheme can provide reliable and secure protection to the mobile computing system while achieving an acceptable matching performance.

  18. Index-based reactive power compensation scheme for voltage regulation

    NASA Astrophysics Data System (ADS)

    Dike, Damian Obioma

    2008-10-01

    Increasing demand for electrical power arising from deregulation and the restrictions posed to the construction of new transmission lines by environment, socioeconomic, and political issues had led to higher grid loading. Consequently, voltage instability has become a major concern, and reactive power support is vital to enhance transmission grid performance. Improved reactive power support to distressed grid is possible through the application of relatively unfamiliar emerging technologies of "Flexible AC Transmission Systems (FACTS)" devices and "Distributed Energy Resources (DERS)." In addition to these infrastructure issues, a lack of situational awareness by system operators can cause major power outages as evidenced by the August 14, 2003 widespread North American blackout. This and many other recent major outages have highlighted the inadequacies of existing power system indexes. In this work, a novel "Index-based reactive compensation scheme" appropriate for both on-line and off-line computation of grid status has been developed. A new voltage stability index (Ls-index) suitable for long transmission lines was developed, simulated, and compared to the existing two-machine modeled L-index. This showed the effect of long distance power wheeling amongst regional transmission organizations. The dissertation further provided models for index modulated voltage source converters (VSC) and index-based load flow analysis of both FACTS and microgrid interconnected power systems using the Newton-Raphson's load flow model incorporated with multi-FACTS devices. The developed package has been made user-friendly through the embodiment of interactive graphical user interface and implemented on the IEEE 14, 30, and 300 bus systems. The results showed reactive compensation has system wide-effect, provided readily accessible system status indicators, ensured seamless DERs interconnection through new islanding modes and enhanced VSC utilization. These outcomes may contribute

  19. A novel quantum deniable authentication protocol without entanglement

    NASA Astrophysics Data System (ADS)

    Shi, Wei-Min; Zhang, Jian-Biao; Zhou, Yi-Hua; Yang, Yu-Guang

    2015-06-01

    A novel quantum deniable authentication protocol based on single photons is proposed. In this scheme, the message sender and the specified receiver will first agree a new shared secret key by key update phases with the help of a third center, where only they can encrypt and decrypt the message by using the new shared secret key. Hence, this scheme can guarantee that only the specified receiver can identify the true source of a given message and the specified receiver cannot prove the source of the message to a third party by a transcript simulation algorithm. Compared with our previous scheme (Shi et al. in Quantum Inf Process 13:1501-1510, 2014), this scheme has the remarkable advantages of the higher qubit efficiency and consuming fewer quantum resources. Finally, security analysis results show that this scheme satisfies known key security and the basic security requirements of deniable authentication protocol such as completeness and deniability, and can withstand forgery attack, impersonation attack and inter-resend attack.

  20. Application of loop-mediated isothermal amplification (LAMP)-based technology for authentication of Catharanthus roseus (L.) G. Don.

    PubMed

    Chaudhary, Anis Ahmad; Hemant; Mohsin, Mohd; Ahmad, Altaf

    2012-04-01

    In this study, loop-mediated isothermal amplification (LAMP)-based molecular marker was developed for authentication of Catharanthus roseus, a medicinal plant. Samples of this plant were collected from different geographical locations in India. Random amplified polymorphic deoxyribonucleic acid (DNA) analysis of collected samples was carried out with 25 random primers. A 610-bp DNA fragment, common to all accessions, was eluted, cloned, and sequenced. Four LAMP primers were designed on the basis of sequence of 610 bp DNA fragment. LAMP reaction, containing 10× Bst DNA polymerase reaction buffer, Bst DNA polymerase, four in-house designed primers, dNTPs, MgSO(4), and betaine, was incubated at 65°C for 1 h. The resulting amplicon was visualized by adding SYBR Green I to the reaction tube. The data showed confirmatory results. Since the assay method is simple, sensitive, and cost-effective, it is a feasible method for identifying and authentication of C. roseus.

  1. Multi-factor challenge/response approach for remote biometric authentication

    NASA Astrophysics Data System (ADS)

    Al-Assam, Hisham; Jassim, Sabah A.

    2011-06-01

    Although biometric authentication is perceived to be more reliable than traditional authentication schemes, it becomes vulnerable to many attacks when it comes to remote authentication over open networks and raises serious privacy concerns. This paper proposes a biometric-based challenge-response approach to be used for remote authentication between two parties A and B over open networks. In the proposed approach, a remote authenticator system B (e.g. a bank) challenges its client A who wants to authenticate his/her self to the system by sending a one-time public random challenge. The client A responds by employing the random challenge along with secret information obtained from a password and a token to produce a one-time cancellable representation of his freshly captured biometric sample. The one-time biometric representation, which is based on multi-factor, is then sent back to B for matching. Here, we argue that eavesdropping of the one-time random challenge and/or the resulting one-time biometric representation does not compromise the security of the system, and no information about the original biometric data is leaked. In addition to securing biometric templates, the proposed protocol offers a practical solution for the replay attack on biometric systems. Moreover, we propose a new scheme for generating a password-based pseudo random numbers/permutation to be used as a building block in the proposed approach. The proposed scheme is also designed to provide protection against repudiation. We illustrate the viability and effectiveness of the proposed approach by experimental results based on two biometric modalities: fingerprint and face biometrics.

  2. Should Teachers Be Authentic?

    ERIC Educational Resources Information Center

    Bialystok, Lauren

    2015-01-01

    Authenticity is often touted as an important virtue for teachers. But what do we mean when we say that a teacher ought to be "authentic"? Research shows that discussions of teacher authenticity frequently refer to other character traits or simply to teacher effectiveness, but authenticity is a unique concept with a long philosophical…

  3. An optical authentication system based on encryption technique and multimodal biometrics

    NASA Astrophysics Data System (ADS)

    Yuan, Sheng; Zhang, Tong; Zhou, Xin; Liu, Xuemei; Liu, Mingtang

    2013-12-01

    A major concern nowadays for a biometric credential management system is its potential vulnerability to protect its information sources. To prevent a genuine user's templates from both internal and external threats, a novel and simple method combined optical encryption with multimodal biometric authentication technique is proposed. In this method, the standard biometric templates are generated real-timely by the verification keys owned by legal user so that they are unnecessary to be stored in a database. Compared with the traditional recognition algorithms, storage space and matching time are greatly saved. In addition, the verification keys are difficult to be forged due to the utilization of optical encryption technique. Although the verification keys are lost or stolen, they are useless for others in absence of the legal owner's biometric. A series of numerical simulations are performed to demonstrate the feasibility and performance of this method.

  4. Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials

    NASA Astrophysics Data System (ADS)

    Park, Jun-Cheol

    User privacy preservation is critical to prevent many sophisticated attacks that are based on the user's server access patterns and ID-related information. We propose a password-based user authentication scheme that provides strong privacy protection using one-time credentials. It eliminates the possibility of tracing a user's authentication history and hides the user's ID and password even from servers. In addition, it is resistant against user impersonation even if both a server's verification database and a user's smart card storage are disclosed. We also provide a revocation scheme for a user to promptly invalidate the user's credentials on a server when the user's smart card is compromised. The schemes use lightweight operations only such as computing hashes and bitwise XORs.

  5. A secure quantum group signature scheme based on Bell states

    NASA Astrophysics Data System (ADS)

    Zhang, Kejia; Song, Tingting; Zuo, Huijuan; Zhang, Weiwei

    2013-04-01

    In this paper, we propose a new secure quantum group signature with Bell states, which may have applications in e-payment system, e-government, e-business, etc. Compared with the recent quantum group signature protocols, our scheme is focused on the most general situation in practice, i.e. only the arbitrator is trusted and no intermediate information needs to be stored in the signing phase to ensure the security. Furthermore, our scheme has achieved all the characteristics of group signature—anonymity, verifiability, traceability, unforgetability and undeniability, by using some current developed quantum and classical technologies. Finally, a feasible security analysis model for quantum group signature is presented.

  6. Acquiring Authentic Data in Unattended Wireless Sensor Networks

    PubMed Central

    Yu, Chia-Mu; Chen, Chi-Yuan; Lu, Chun-Shien; Kuo, Sy-Yen; Chao, Han-Chieh

    2010-01-01

    An Unattended Wireless Sensor Network (UWSN) can be used in many applications to collect valuable data. Nevertheless, due to the unattended nature, the sensors could be compromised and the sensor readings would be maliciously altered so that the sink accepts the falsified sensor readings. Unfortunately, few attentions have been given to this authentication problem. Moreover, existing methods suffer from different kinds of DoS attacks such as Path-Based DoS (PDoS) and False Endorsement-based DoS (FEDoS) attacks. In this paper, a scheme, called AAD, is proposed to Acquire Authentic Data in UWSNs. We exploit the collaboration among sensors to address the authentication problem. With the proper design of the collaboration mechanism, AAD has superior resilience against sensor compromises, PDoS attack, and FEDoS attack. In addition, compared with prior works, AAD also has relatively low energy consumption. In particular, according to our simulation, in a network with 1,000 sensors, the energy consumed by AAD is lower than 30% of that consumed by the existing method, ExCo. The analysis and simulation are also conducted to demonstrate the superiority of the proposed AAD scheme over the existing methods. PMID:22319271

  7. New Identity-Based Blind Signature and Blind Decryption Scheme in the Standard Model

    NASA Astrophysics Data System (ADS)

    Phong, Le Trieu; Ogata, Wakaha

    We explicitly describe and analyse blind hierachical identity-based encryption (blind HIBE) schemes, which are natural generalizations of blind IBE schemes [20]. We then uses the blind HIBE schemes to construct: (1) An identity-based blind signature scheme secure in the standard model, under the computational Diffie-Hellman (CDH) assumption, and with much shorter signature size and lesser communication cost, compared to existing proposals. (2) A new mechanism supporting a user to buy digital information over the Internet without revealing what he/she has bought, while protecting the providers from cheating users.

  8. A global optimization algorithm for simulation-based problems via the extended DIRECT scheme

    NASA Astrophysics Data System (ADS)

    Liu, Haitao; Xu, Shengli; Wang, Xiaofang; Wu, Junnan; Song, Yang

    2015-11-01

    This article presents a global optimization algorithm via the extension of the DIviding RECTangles (DIRECT) scheme to handle problems with computationally expensive simulations efficiently. The new optimization strategy improves the regular partition scheme of DIRECT to a flexible irregular partition scheme in order to utilize information from irregular points. The metamodelling technique is introduced to work with the flexible partition scheme to speed up the convergence, which is meaningful for simulation-based problems. Comparative results on eight representative benchmark problems and an engineering application with some existing global optimization algorithms indicate that the proposed global optimization strategy is promising for simulation-based problems in terms of efficiency and accuracy.

  9. MultiScheme: A Parallel Processing System Based on MIT (Massachusetts Institute of Technology) Scheme.

    DTIC Science & Technology

    1987-09-01

    a sufficiently wide range of parallel-processing applications, that it has become the base for a commercial product, the Butterfly Lisp System...robust, and supports a sufficiently wide range of parallel-processing applications, that it has become the base for a commercial product, the Butterfly ...and inspiration have kept me going when my own interest or ability lapsed. The members of the BBN Butterfly Lisp group (especially Don Allen and Seth

  10. Toward the authentication of wines of Nemea denomination of origin through cleaved amplified polymorphic sequence (CAPS)-based assay.

    PubMed

    Spaniolas, Stelios; Tsachaki, Maroussa; Bennett, Malcolm J; Tucker, Gregory A

    2008-09-10

    In the present study, we developed a cleaved amplified polymorphic sequence (CAPS)-based assay as a first attempt to detect fraud in grapevine musts with a long-term objective to establish an analytical methodology to authenticate wines of Nemea denomination of origin (Agiorgitiko). The analytical assay makes use of a single nucleotide polymorphism that discriminates Agiorgitiko and Cabernet Sauvignon varieties. The latter grape variety is one of the major adulterants for Nemea wines. Agiorgitiko grapevine must was spiked with Cabernet Sauvignon in several ratios (v/v) from 50 down to 10%, and the subsequent mixes were subjected to alcoholic microfermentation. DNA was extracted from all mixture samples up to the end of the fermentation process and was subjected to the CAPS assay. Both standard agarose gel and lab-on-a-chip capillary electrophoresis illustrated the ability of the method to detect the presence of Cabernet Sauvignon down to 10% throughout the whole fermentation process.

  11. An Activity-Based Instructional Framework for Transforming Authentic Modeling Practices into Meaningful Contexts for Learning in Science Education

    ERIC Educational Resources Information Center

    Prins, Gjalt T.; Bulte, Astrid M. W.; Pilot, Albert

    2016-01-01

    One of the challenges of science education is to integrate activities, content, and tools in a meaningful manner. One way to address this challenging goal is the transformation of authentic scientific practices into contexts for learning, in line with sociocultural activity theory. In this respect, authentic scientific practices are interpreted as…

  12. An RSA-Based Leakage-Resilient Authenticated Key Exchange Protocol Secure against Replacement Attacks, and Its Extensions

    NASA Astrophysics Data System (ADS)

    Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

    Secure channels can be realized by an authenticated key exchange (AKE) protocol that generates authenticated session keys between the involving parties. In [32], Shin et al., proposed a new kind of AKE (RSA-AKE) protocol whose goal is to provide high efficiency and security against leakage of stored secrets as much as possible. Let us consider more powerful attacks where an adversary completely controls the communications and the stored secrets (the latter is denoted by “replacement” attacks). In this paper, we first show that the RSA-AKE protocol [32] is no longer secure against such an adversary. The main contributions of this paper are as follows: (1) we propose an RSA-based leakage-resilient AKE (RSA-AKE2) protocol that is secure against active attacks as well as replacement attacks; (2) we prove that the RSA-AKE2 protocol is secure against replacement attacks based on the number theory results; (3) we show that it is provably secure in the random oracle model, by showing the reduction to the RSA one-wayness, under an extended model that covers active attacks and replacement attacks; (4) in terms of efficiency, the RSA-AKE2 protocol is comparable to [32] in the sense that the client needs to compute only one modular multiplication with pre-computation; and (5) we also discuss about extensions of the RSA-AKE2 protocol for several security properties (i.e., synchronization of stored secrets, privacy of client and solution to server compromise-impersonation attacks).

  13. Chaos-based partial image encryption scheme based on linear fractional and lifting wavelet transforms

    NASA Astrophysics Data System (ADS)

    Belazi, Akram; Abd El-Latif, Ahmed A.; Diaconu, Adrian-Viorel; Rhouma, Rhouma; Belghith, Safya

    2017-01-01

    In this paper, a new chaos-based partial image encryption scheme based on Substitution-boxes (S-box) constructed by chaotic system and Linear Fractional Transform (LFT) is proposed. It encrypts only the requisite parts of the sensitive information in Lifting-Wavelet Transform (LWT) frequency domain based on hybrid of chaotic maps and a new S-box. In the proposed encryption scheme, the characteristics of confusion and diffusion are accomplished in three phases: block permutation, substitution, and diffusion. Then, we used dynamic keys instead of fixed keys used in other approaches, to control the encryption process and make any attack impossible. The new S-box was constructed by mixing of chaotic map and LFT to insure the high confidentiality in the inner encryption of the proposed approach. In addition, the hybrid compound of S-box and chaotic systems strengthened the whole encryption performance and enlarged the key space required to resist the brute force attacks. Extensive experiments were conducted to evaluate the security and efficiency of the proposed approach. In comparison with previous schemes, the proposed cryptosystem scheme showed high performances and great potential for prominent prevalence in cryptographic applications.

  14. Research on comprehensive power quality compensation schemes based on series and shunt converters

    NASA Astrophysics Data System (ADS)

    Jia, Dongqiang; He, Rongkai; Qian, Yeniu

    2017-01-01

    To solve power quality problems such as voltage sag and low power factor which may occur simultaneously. This paper has taken research on two comprehensive power quality compensation schemes based on series and shunt converters, including corresponding topology structure and operation principle, meanwhile, the equivalent circuit and power flow analysis are also given. Then the paper has discussed relative characteristics of schemes, such as flexibility, reliability and applications. Finally, simulation results have verified effectiveness of related analysis of schemes.

  15. Remote sensing image compression method based on lift scheme wavelet transform

    NASA Astrophysics Data System (ADS)

    Tao, Hongjiu; Tang, Xinjian; Liu, Jian; Tian, Jinwen

    2003-06-01

    Based on lifting scheme and the construction theorem of the integer Haar wavelet and biorthogonal wavelet, we propose a new integer wavelet transform construct method on the basis of lift scheme after introduciton of constructing specific-demand biorthogonal wavelet transform using Harr wavelet and Lazy wavelet. In this paper, we represent the method and algorithm of the lifting scheme, and we also give mathematical formulation on this method and experimental results as well.

  16. A Quantum Proxy Weak Blind Signature Scheme Based on Controlled Quantum Teleportation

    NASA Astrophysics Data System (ADS)

    Cao, Hai-Jing; Yu, Yao-Feng; Song, Qin; Gao, Lan-Xiang

    2015-04-01

    Proxy blind signature is applied to the electronic paying system, electronic voting system, mobile agent system, security of internet, etc. A quantum proxy weak blind signature scheme is proposed in this paper. It is based on controlled quantum teleportation. Five-qubit entangled state functions as quantum channel. The scheme uses the physical characteristics of quantum mechanics to implement message blinding, so it could guarantee not only the unconditional security of the scheme but also the anonymity of the messages owner.

  17. A Quantum Proxy Weak Blind Signature Scheme Based on Controlled Quantum Teleportation

    NASA Astrophysics Data System (ADS)

    Cao, Hai-Jing; Yu, Yao-Feng; Song, Qin; Gao, Lan-Xiang

    2014-09-01

    Proxy blind signature is applied to the electronic paying system, electronic voting system, mobile agent system, security of internet, etc. A quantum proxy weak blind signature scheme is proposed in this paper. It is based on controlled quantum teleportation. Five-qubit entangled state functions as quantum channel. The scheme uses the physical characteristics of quantum mechanics to implement message blinding, so it could guarantee not only the unconditional security of the scheme but also the anonymity of the messages owner.

  18. Opinions of the Teachers Related with the Positive and Negative Aspects of the Authentic Task-Based Approach in Foreign Language Education

    ERIC Educational Resources Information Center

    Karakoc, Berna; Bay, Erdal

    2016-01-01

    This study has been made for researching the efficacy of the authentic task-based approach in secondary school 5th grade foreign language course. Interview technique from the qualitative research method is used in the study. The data is collected through the semi-structured interviews and the opinions of the teachers. The research process is made…

  19. A continuous and prognostic convection scheme based on buoyancy, PCMT

    NASA Astrophysics Data System (ADS)

    Guérémy, Jean-François; Piriou, Jean-Marcel

    2016-04-01

    A new and consistent convection scheme (PCMT: Prognostic Condensates Microphysics and Transport), providing a continuous and prognostic treatment of this atmospheric process, is described. The main concept ensuring the consistency of the whole system is the buoyancy, key element of any vertical motion. The buoyancy constitutes the forcing term of the convective vertical velocity, which is then used to define the triggering condition, the mass flux, and the rates of entrainment-detrainment. The buoyancy is also used in its vertically integrated form (CAPE) to determine the closure condition. The continuous treatment of convection, from dry thermals to deep precipitating convection, is achieved with the help of a continuous formulation of the entrainment-detrainment rates (depending on the convective vertical velocity) and of the CAPE relaxation time (depending on the convective over-turning time). The convective tendencies are directly expressed in terms of condensation and transport. Finally, the convective vertical velocity and condensates are fully prognostic, the latter being treated using the same microphysics scheme as for the resolved condensates but considering the convective environment. A Single Column Model (SCM) validation of this scheme is shown, allowing detailed comparisons with observed and explicitly simulated data. Four cases covering the convective spectrum are considered: over ocean, sensitivity to environmental moisture (S. Derbyshire) non precipitating shallow convection to deep precipitating convection, trade wind shallow convection (BOMEX) and strato-cumulus (FIRE), together with an entire continental diurnal cycle of convection (ARM). The emphasis is put on the characteristics of the scheme which enable a continuous treatment of convection. Then, a 3D LAM validation is presented considering an AMMA case with both observations and a CRM simulation using the same initial and lateral conditions as for the parameterized one. Finally, global

  20. A Data Gathering Scheme in Wireless Sensor Networks Based on Synchronization of Chaotic Spiking Oscillator Networks

    SciTech Connect

    Nakano, Hidehiro; Utani, Akihide; Miyauchi, Arata; Yamamoto, Hisao

    2011-04-19

    This paper studies chaos-based data gathering scheme in multiple sink wireless sensor networks. In the proposed scheme, each wireless sensor node has a simple chaotic oscillator. The oscillators generate spike signals with chaotic interspike intervals, and are impulsively coupled by the signals via wireless communication. Each wireless sensor node transmits and receives sensor information only in the timing of the couplings. The proposed scheme can exhibit various chaos synchronous phenomena and their breakdown phenomena, and can effectively gather sensor information with the significantly small number of transmissions and receptions compared with the conventional scheme. Also, the proposed scheme can flexibly adapt various wireless sensor networks not only with a single sink node but also with multiple sink nodes. This paper introduces our previous works. Through simulation experiments, we show effectiveness of the proposed scheme and discuss its development potential.

  1. Force feedback microscopy based on an optical beam deflection scheme

    SciTech Connect

    Vitorino, Miguel V.; Rodrigues, Mario S.; Carpentier, Simon; Costa, Luca

    2014-07-07

    Force feedback microscopy circumvents the jump to contact in atomic force microscopy when using soft cantilevers and quantitatively measures the interaction properties at the nanoscale by simultaneously providing force, force gradient, and dissipation. The force feedback microscope developed so far used an optical cavity to measure the tip displacement. In this Letter, we show that the more conventional optical beam deflection scheme can be used to the same purpose. With this instrument, we have followed the evolution of the Brownian motion of the tip under the influence of a water bridge.

  2. Efficient spin injector scheme based on Heusler materials.

    PubMed

    Chadov, Stanislav; Graf, Tanja; Chadova, Kristina; Dai, Xuefang; Casper, Frederick; Fecher, Gerhard H; Felser, Claudia

    2011-07-22

    We present a rational design scheme intended to provide stable high spin polarization at the interfaces of the magnetoresistive junctions by fulfilling the criteria of structural and chemical compatibilities at the interface. This can be realized by joining the semiconducting and half-metallic Heusler materials with similar structures. The present first-principles calculations verify that the interface remains half-metallic if the nearest interface layers effectively form a stable Heusler material with the properties intermediately between the surrounding bulk parts. This leads to a simple rule for selecting the proper combinations.

  3. A proactive quantum secret sharing scheme based on GHZ state

    NASA Astrophysics Data System (ADS)

    Qin, Huawang; Zhu, Xiaohua; Dai, Yuewei

    2015-09-01

    A proactive quantum secret sharing scheme is proposed, in which the participants can update their shadows periodically. In an updating period, one participant randomly generates the GHZ states and sends the particles to the other participants, and the participants update their shadows according to the measurement performed on the particles. After an updating period, each participant can change his shadow but the secret is changeless. The old shadows will be useless even if they have been stolen by the attacker. The proactive property is very useful to resist the mobile attacker.

  4. User Authentication and Authorization Challenges in a Networked Library Environment.

    ERIC Educational Resources Information Center

    Machovec, George S.

    1997-01-01

    Discusses computer user authentication and authorization issues when libraries need to let valid users access databases and information services without making the process too difficult for either party. Common solutions are explained, including filtering, passwords, and kerberos (cryptographic authentication scheme for secure use over public…

  5. A Multihop Key Agreement Scheme for Wireless Ad Hoc Networks Based on Channel Characteristics

    PubMed Central

    Yu, Nenghai

    2013-01-01

    A number of key agreement schemes based on wireless channel characteristics have been proposed recently. However, previous key agreement schemes require that two nodes which need to agree on a key are within the communication range of each other. Hence, they are not suitable for multihop wireless networks, in which nodes do not always have direct connections with each other. In this paper, we first propose a basic multihop key agreement scheme for wireless ad hoc networks. The proposed basic scheme is resistant to external eavesdroppers. Nevertheless, this basic scheme is not secure when there exist internal eavesdroppers or Man-in-the-Middle (MITM) adversaries. In order to cope with these adversaries, we propose an improved multihop key agreement scheme. We show that the improved scheme is secure against internal eavesdroppers and MITM adversaries in a single path. Both performance analysis and simulation results demonstrate that the improved scheme is efficient. Consequently, the improved key agreement scheme is suitable for multihop wireless ad hoc networks. PMID:23766725

  6. A multihop key agreement scheme for wireless ad hoc networks based on channel characteristics.

    PubMed

    Hao, Zhuo; Zhong, Sheng; Yu, Nenghai

    2013-01-01

    A number of key agreement schemes based on wireless channel characteristics have been proposed recently. However, previous key agreement schemes require that two nodes which need to agree on a key are within the communication range of each other. Hence, they are not suitable for multihop wireless networks, in which nodes do not always have direct connections with each other. In this paper, we first propose a basic multihop key agreement scheme for wireless ad hoc networks. The proposed basic scheme is resistant to external eavesdroppers. Nevertheless, this basic scheme is not secure when there exist internal eavesdroppers or Man-in-the-Middle (MITM) adversaries. In order to cope with these adversaries, we propose an improved multihop key agreement scheme. We show that the improved scheme is secure against internal eavesdroppers and MITM adversaries in a single path. Both performance analysis and simulation results demonstrate that the improved scheme is efficient. Consequently, the improved key agreement scheme is suitable for multihop wireless ad hoc networks.

  7. Motion-based wake-up scheme for ambulatory monitoring in wireless body sensor networks.

    PubMed

    Pek, Isaac; Waluyo, Agustinus Borgy; Yeoh, Wee-Soon; Chen, Xiang

    2009-01-01

    Given that wearable sensors that are attached on patients for the purpose of continuous real-time medical monitoring typically need to remain operational for periods of up to 24 hours before a battery change or recharge, power preservation schemes play a critical role in minimizing any possible disruption to a patient's daily activities. In this paper, we propose a motion-based wake-up scheme, a feature which combines motion detection with existing power preservation schemes in order to achieve a balance between energy saving and data timeliness, particularly in critical situations. As a showcase, we have integrated this feature with a healthcare application and demonstrate the capability of the scheme to deal with critical events, e.g., when a patient falls down from the bed. This showcase affirms the effective uses of our proposed motion-based wake-up scheme.

  8. Public-key encryption and authentication of quantum information

    NASA Astrophysics Data System (ADS)

    Liang, Min; Yang, Li

    2012-09-01

    Public-key cryptosystems for quantum messages are considered from two aspects: public-key encryption and public-key authentication. Firstly, we propose a general construction of quantum public-key encryption scheme, and then construct an information-theoretic secure instance. Then, we propose a quantum public-key authentication scheme, which can protect the integrity of quantum messages. This scheme can both encrypt and authenticate quantum messages. It is information-theoretic secure with regard to encryption, and the success probability of tampering decreases exponentially with the security parameter with regard to authentication. Compared with classical public-key cryptosystems, one private-key in our schemes corresponds to an exponential number of public-keys, and every quantum public-key used by the sender is an unknown quantum state to the sender.

  9. Security Encryption Scheme for Communication of Web Based Control Systems

    NASA Astrophysics Data System (ADS)

    Robles, Rosslin John; Kim, Tai-Hoon

    A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

  10. A novel dynamical community detection algorithm based on weighting scheme

    NASA Astrophysics Data System (ADS)

    Li, Ju; Yu, Kai; Hu, Ke

    2015-12-01

    Network dynamics plays an important role in analyzing the correlation between the function properties and the topological structure. In this paper, we propose a novel dynamical iteration (DI) algorithm, which incorporates the iterative process of membership vector with weighting scheme, i.e. weighting W and tightness T. These new elements can be used to adjust the link strength and the node compactness for improving the speed and accuracy of community structure detection. To estimate the optimal stop time of iteration, we utilize a new stability measure which is defined as the Markov random walk auto-covariance. We do not need to specify the number of communities in advance. It naturally supports the overlapping communities by associating each node with a membership vector describing the node's involvement in each community. Theoretical analysis and experiments show that the algorithm can uncover communities effectively and efficiently.

  11. Sparse Parallel MRI Based on Accelerated Operator Splitting Schemes

    PubMed Central

    Xie, Weisi; Su, Zhenghang

    2016-01-01

    Recently, the sparsity which is implicit in MR images has been successfully exploited for fast MR imaging with incomplete acquisitions. In this paper, two novel algorithms are proposed to solve the sparse parallel MR imaging problem, which consists of l1 regularization and fidelity terms. The two algorithms combine forward-backward operator splitting and Barzilai-Borwein schemes. Theoretically, the presented algorithms overcome the nondifferentiable property in l1 regularization term. Meanwhile, they are able to treat a general matrix operator that may not be diagonalized by fast Fourier transform and to ensure that a well-conditioned optimization system of equations is simply solved. In addition, we build connections between the proposed algorithms and the state-of-the-art existing methods and prove their convergence with a constant stepsize in Appendix. Numerical results and comparisons with the advanced methods demonstrate the efficiency of proposed algorithms. PMID:27746824

  12. Evaluation of Superimposed Sequence Components of Currents based Islanding Detection Scheme during DG Interconnections

    NASA Astrophysics Data System (ADS)

    Sareen, Karan; Bhalja, Bhavesh R.; Maheshwari, Rudra Prakash

    2016-02-01

    A new islanding detection scheme for distribution network containing different types of distributed generations (DGs) is presented in this paper. The proposed scheme is based on acquiring three phase current samples for full cycle duration of each simulation case of islanding/non-islanding conditions at the point of common coupling (PCC) of the targeted DG. Afterwards, superimposed positive & negative sequence components of current are calculated and continuously compared with pre-determined threshold values. Performance of the proposed scheme has been evaluated on diversified islanding and non-islanding events which were generated by modeling standard IEEE 34-bus system using PSCAD/EMTDC software package. The proposed scheme is capable to detect islanding condition rapidly even for perfect power balance situation for both synchronous and inverter based DGs. Furthermore, it remains stable during non-islanding events such as tripping of multiple DGs and different DG interconnection operating conditions. Therefore, the proposed scheme avoids nuisance tripping during diversified non-islanding events. At the end, comparison of the proposed scheme with the existing scheme clearly indicates its advantage over the existing scheme.

  13. Authentic Assessment, Professional's Guide.

    ERIC Educational Resources Information Center

    Ryan, Concetta Doti

    Authentic assessment is the process of gathering evidence and documenting student learning and growth in an authentic context. Authentic assessment can do a better job than more traditional forms of assessment in informing educators and parents about a student's real achievement. The first chapter of this book presents an overview of authentic…

  14. Authenticity in Adult Learning

    ERIC Educational Resources Information Center

    Ashton, Sam

    2010-01-01

    This paper is concerned with the relationship between authenticity and adult learning and prompted by some studies in which adult "authentic learning" is a central concept. The implication revealed by them is that real-worldness of learning contexts, learning content and learning tasks is perceived as conferring authenticity on learning. Here,…

  15. Deniable Anonymous Group Authentication

    DTIC Science & Technology

    2014-02-13

    Deniable ring authentication. In ’02 CRYPTO, 2002. [48] L. Nguyen and R. Safavi-naini. Dynamic k-times anonymous authentication. In ’05 ACNS , 2005...Cryptography: Theory and Practice. 2005. [56] W. Susilo and Y. Mu. Deniable ring authentication revisited. In ’04 ACNS , 2004. [57] W. Susilo and Y. Mu. Non

  16. FIELD TESTS OF GEOGRAPHICALLY-DEPENDENT VS. THRESHOLD-BASED WATERSHED CLASSIFICATION SCHEMES IN THE GREAT LAKES BASIN

    EPA Science Inventory

    We compared classification schemes based on watershed storage (wetland + lake area/watershed area) and forest fragmentation with a geographically-based classification scheme for two case studies involving 1) Lake Superior tributaries and 2) watersheds of riverine coastal wetlands...

  17. FIELD TESTS OF GEOGRAPHICALLY-DEPENDENT VS. THRESHOLD-BASED WATERSHED CLASSIFICATION SCHEMED IN THE GREAT LAKES BASIN

    EPA Science Inventory

    We compared classification schemes based on watershed storage (wetland + lake area/watershed area) and forest fragmentation with a geographically-based classification scheme for two case studies involving 1)Lake Superior tributaries and 2) watersheds of riverine coastal wetlands ...

  18. A target coverage scheduling scheme based on genetic algorithms in directional sensor networks.

    PubMed

    Gil, Joon-Min; Han, Youn-Hee

    2011-01-01

    As a promising tool for monitoring the physical world, directional sensor networks (DSNs) consisting of a large number of directional sensors are attracting increasing attention. As directional sensors in DSNs have limited battery power and restricted angles of sensing range, maximizing the network lifetime while monitoring all the targets in a given area remains a challenge. A major technique to conserve the energy of directional sensors is to use a node wake-up scheduling protocol by which some sensors remain active to provide sensing services, while the others are inactive to conserve their energy. In this paper, we first address a Maximum Set Covers for DSNs (MSCD) problem, which is known to be NP-complete, and present a greedy algorithm-based target coverage scheduling scheme that can solve this problem by heuristics. This scheme is used as a baseline for comparison. We then propose a target coverage scheduling scheme based on a genetic algorithm that can find the optimal cover sets to extend the network lifetime while monitoring all targets by the evolutionary global search technique. To verify and evaluate these schemes, we conducted simulations and showed that the schemes can contribute to extending the network lifetime. Simulation results indicated that the genetic algorithm-based scheduling scheme had better performance than the greedy algorithm-based scheme in terms of maximizing network lifetime.

  19. The method of registration of screw dislocations in polychromatic light based on the Young's interference scheme

    NASA Astrophysics Data System (ADS)

    Shostka, N. V.

    2011-06-01

    A new experimental method of registration of phase dislocations in polychromatic light is proposed and described, which is based on the Young's interference scheme using the screen with lots of pairs of holes.

  20. Block-wise authentication method for digital images

    NASA Astrophysics Data System (ADS)

    Nahtigal, Tomaž; Žemva, Andrej

    2012-11-01

    The ability to modify digital images can cause a serious problem in some applications. In this paper we propose a novel method derived from Wong’s authentication scheme that is capable of authenticating JPEG images as well as uncompressed images, but is not a watermarking method. The method offers great flexibility in terms of the size of the authenticator and the time needed to generate the authenticator, thus making it suitable for real-time image processing. We demonstrate this by implementing it in a programmable FPGA circuit.

  1. Asynchronous error-correcting secure communication scheme based on fractional-order shifting chaotic system

    NASA Astrophysics Data System (ADS)

    Chao, Luo

    2015-11-01

    In this paper, a novel digital secure communication scheme is firstly proposed. Different from the usual secure communication schemes based on chaotic synchronization, the proposed scheme employs asynchronous communication which avoids the weakness of synchronous systems and is susceptible to environmental interference. Moreover, as to the transmission errors and data loss in the process of communication, the proposed scheme has the ability to be error-checking and error-correcting in real time. In order to guarantee security, the fractional-order complex chaotic system with the shifting of order is utilized to modulate the transmitted signal, which has high nonlinearity and complexity in both frequency and time domains. The corresponding numerical simulations demonstrate the effectiveness and feasibility of the scheme.

  2. Security analysis of the unrestricted identity-based aggregate signature scheme.

    PubMed

    Lee, Kwangsu; Lee, Dong Hoon

    2015-01-01

    Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw.

  3. A multi-label image annotation scheme based on improved SVM multiple kernel learning

    NASA Astrophysics Data System (ADS)

    Jin, Cong; Jin, Shu-Wei

    2017-02-01

    Multi-label image annotation (MIA) has been widely studied during recent years and many MIA schemes have been proposed. However, the most existing schemes are not satisfactory. In this paper, an improved multiple kernel learning (IMKL) method of support vector machine (SVM) is proposed to improve the classification accuracy of SVM, then a novel MIA scheme based on IMKL is presented, which uses the discriminant loss to control the number of top semantic labels, and the feature selection approach is also used for improving the performance of MIA. The experiment results show that proposed MIA scheme achieves higher the performance than the existing other MIA schemes, its performance is satisfactory for large image dataset.

  4. Security Analysis of the Unrestricted Identity-Based Aggregate Signature Scheme

    PubMed Central

    Lee, Kwangsu; Lee, Dong Hoon

    2015-01-01

    Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan et al. proposed such a scheme and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there is an efficient forgery on their IBAS scheme and that their security proof has a serious flaw. PMID:25993247

  5. Comparison of horizontal dust fluxes simulated with two dust emission schemes based on field experiments in Xinjiang, China

    NASA Astrophysics Data System (ADS)

    Yang, Xinghua; Yang, Fan; Liu, Xinchun; Huo, Wen; He, Qing; Mamtimin, Ali; Zhang, Qingyu

    2016-10-01

    Horizontal dust fluxes were simulated with two different dust emission schemes developed by Marticorena and Shao (hereinafter referred to as the M scheme, S scheme, and S scheme corrections), based on field experiments over a bare desert surface and a vegetated desert surface from May 19 to June 18, 2010 in Xinjiang, China. The M scheme produced a much higher dust emission than the S schemes over different surface conditions, with the emission being about 4 times larger than that produced by the S schemes over the bare desert, and 3 to 200 times larger over the vegetated surface. Compared to observations, the missing report rate of wind erosion events was about 30 % for the S schemes and about 10 % for the M scheme over the bare desert surface, while all schemes had a false alarm rate of wind erosion events over the vegetated desert surface. The total dust emission from the bare desert surface during the study period was 674.4, 551.5, 595.2, and 2995.8 kg/m for observation, the S scheme, S scheme correction 2, and M scheme, respectively. Total dust emission from the vegetated desert surface was 1.6, 0, 55.5, 0.9, and 227.7 kg/m for observation, the S scheme, S scheme correction 1, S scheme correction 2, and M scheme, respectively.

  6. A Contourlet-Based Embedded Image Coding Scheme on Low Bit-Rate

    NASA Astrophysics Data System (ADS)

    Song, Haohao; Yu, Songyu

    Contourlet transform (CT) is a new image representation method, which can efficiently represent contours and textures in images. However, CT is a kind of overcomplete transform with a redundancy factor of 4/3. If it is applied to image compression straightforwardly, the encoding bit-rate may increase to meet a given distortion. This fact baffles the coding community to develop CT-based image compression techniques with satisfactory performance. In this paper, we analyze the distribution of significant contourlet coefficients in different subbands and propose a new contourlet-based embedded image coding (CEIC) scheme on low bit-rate. The well-known wavelet-based embedded image coding (WEIC) algorithms such as EZW, SPIHT and SPECK can be easily integrated into the proposed scheme by constructing a virtual low frequency subband, modifying the coding framework of WEIC algorithms according to the structure of contourlet coefficients, and adopting a high-efficiency significant coefficient scanning scheme for CEIC scheme. The proposed CEIC scheme can provide an embedded bit-stream, which is desirable in heterogeneous networks. Our experiments demonstrate that the proposed scheme can achieve the better compression performance on low bit-rate. Furthermore, thanks to the contourlet adopted in the proposed scheme, more contours and textures in the coded images are preserved to ensure the superior subjective quality.

  7. IP Packet Size Entropy-Based Scheme for Detection of DoS/DDoS Attacks

    NASA Astrophysics Data System (ADS)

    Du, Ping; Abe, Shunji

    Denial of service (DoS) attacks have become one of the most serious threats to the Internet. Enabling detection of attacks in network traffic is an important and challenging task. However, most existing volume-based schemes can not detect short-term attacks that have a minor effect on traffic volume. On the other hand, feature-based schemes are not suitable for real-time detection because of their complicated calculations. In this paper, we develop an IP packet size entropy (IPSE)-based DoS/DDoS detection scheme in which the entropy is markedly changed when traffic is affected by an attack. Through our analysis, we find that the IPSE-based scheme is capable of detecting not only long-term attacks but also short-term attacks that are beyond the volume-based schemes' ability to detect. Moreover, we test our proposal using two typical Internet traffic data sets from DARPA and SINET, and the test results show that the IPSE-based detection scheme can provide detection of DoS/DDoS attacks not only in a local area network (DARPA) and but also in academic backbone network (SINET).

  8. Testing conceptual and physically based soil hydrology schemes against observations for the Amazon Basin

    NASA Astrophysics Data System (ADS)

    Guimberteau, M.; Ducharne, A.; Ciais, P.; Boisier, J. P.; Peng, S.; De Weirdt, M.; Verbeeck, H.

    2014-06-01

    This study analyzes the performance of the two soil hydrology schemes of the land surface model ORCHIDEE in estimating Amazonian hydrology and phenology for five major sub-basins (Xingu, Tapajós, Madeira, Solimões and Negro), during the 29-year period 1980-2008. A simple 2-layer scheme with a bucket topped by an evaporative layer is compared to an 11-layer diffusion scheme. The soil schemes are coupled with a river routing module and a process model of plant physiology, phenology and carbon dynamics. The simulated water budget and vegetation functioning components are compared with several data sets at sub-basin scale. The use of the 11-layer soil diffusion scheme does not significantly change the Amazonian water budget simulation when compared to the 2-layer soil scheme (+3.1 and -3.0% in evapotranspiration and river discharge, respectively). However, the higher water-holding capacity of the soil and the physically based representation of runoff and drainage in the 11-layer soil diffusion scheme result in more dynamic soil water storage variation and improved simulation of the total terrestrial water storage when compared to GRACE satellite estimates. The greater soil water storage within the 11-layer scheme also results in increased dry-season evapotranspiration (+0.5 mm d-1, +17%) and improves river discharge simulation in the southeastern sub-basins such as the Xingu. Evapotranspiration over this sub-basin is sustained during the whole dry season with the 11-layer soil diffusion scheme, whereas the 2-layer scheme limits it after only 2 dry months. Lower plant drought stress simulated by the 11-layer soil diffusion scheme leads to better simulation of the seasonal cycle of photosynthesis (GPP) when compared to a GPP data-driven model based on eddy covariance and satellite greenness measurements. A dry-season length between 4 and 7 months over the entire Amazon Basin is found to be critical in distinguishing differences in hydrological feedbacks between the

  9. The Monte Carlo validation framework for the discriminant partial least squares model extended with variable selection methods applied to authenticity studies of Viagra® based on chromatographic impurity profiles.

    PubMed

    Krakowska, B; Custers, D; Deconinck, E; Daszykowski, M

    2016-02-07

    The aim of this work was to develop a general framework for the validation of discriminant models based on the Monte Carlo approach that is used in the context of authenticity studies based on chromatographic impurity profiles. The performance of the validation approach was applied to evaluate the usefulness of the diagnostic logic rule obtained from the partial least squares discriminant model (PLS-DA) that was built to discriminate authentic Viagra® samples from counterfeits (a two-class problem). The major advantage of the proposed validation framework stems from the possibility of obtaining distributions for different figures of merit that describe the PLS-DA model such as, e.g., sensitivity, specificity, correct classification rate and area under the curve in a function of model complexity. Therefore, one can quickly evaluate their uncertainty estimates. Moreover, the Monte Carlo model validation allows balanced sets of training samples to be designed, which is required at the stage of the construction of PLS-DA and is recommended in order to obtain fair estimates that are based on an independent set of samples. In this study, as an illustrative example, 46 authentic Viagra® samples and 97 counterfeit samples were analyzed and described by their impurity profiles that were determined using high performance liquid chromatography with photodiode array detection and further discriminated using the PLS-DA approach. In addition, we demonstrated how to extend the Monte Carlo validation framework with four different variable selection schemes: the elimination of uninformative variables, the importance of a variable in projections, selectivity ratio and significance multivariate correlation. The best PLS-DA model was based on a subset of variables that were selected using the variable importance in the projection approach. For an independent test set, average estimates with the corresponding standard deviation (based on 1000 Monte Carlo runs) of the correct

  10. Authentication of byte sequences

    SciTech Connect

    Stearns, S.D.

    1991-06-01

    Algorithms for the authentication of byte sequences are described. The algorithms are designed to authenticate data in the Storage, Retrieval, Analysis, and Display (SRAD) Test Data Archive of the Radiation Effects and Testing Directorate (9100) at Sandia National Laboratories, and may be used in similar situations where authentication of stored data is required. The algorithms use a well-known error detection method called the Cyclic Redundancy Check (CRC). When a byte sequence is authenticated and stored, CRC bytes are generated and attached to the end of the sequence. When the authenticated data is retrieved, the authentication check consists of processing the entire sequence, including the CRC bytes, and checking for a remainder of zero. The error detection properties of the CRC are extensive and result in a reliable authentication of SRAD data.

  11. Novel neural networks-based fault tolerant control scheme with fault alarm.

    PubMed

    Shen, Qikun; Jiang, Bin; Shi, Peng; Lim, Cheng-Chew

    2014-11-01

    In this paper, the problem of adaptive active fault-tolerant control for a class of nonlinear systems with unknown actuator fault is investigated. The actuator fault is assumed to have no traditional affine appearance of the system state variables and control input. The useful property of the basis function of the radial basis function neural network (NN), which will be used in the design of the fault tolerant controller, is explored. Based on the analysis of the design of normal and passive fault tolerant controllers, by using the implicit function theorem, a novel NN-based active fault-tolerant control scheme with fault alarm is proposed. Comparing with results in the literature, the fault-tolerant control scheme can minimize the time delay between fault occurrence and accommodation that is called the time delay due to fault diagnosis, and reduce the adverse effect on system performance. In addition, the FTC scheme has the advantages of a passive fault-tolerant control scheme as well as the traditional active fault-tolerant control scheme's properties. Furthermore, the fault-tolerant control scheme requires no additional fault detection and isolation model which is necessary in the traditional active fault-tolerant control scheme. Finally, simulation results are presented to demonstrate the efficiency of the developed techniques.

  12. Twin-Schnorr: a security upgrade for the Schnorr identity-based identification scheme.

    PubMed

    Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael Chung-Wei

    2015-01-01

    Most identity-based identification (IBI) schemes proposed in recent literature are built using pairing operations. This decreases efficiency due to the high operation costs of pairings. Furthermore, most of these IBI schemes are proven to be secure against impersonation under active and concurrent attacks using interactive assumptions such as the one-more RSA inversion assumption or the one-more discrete logarithm assumption, translating to weaker security guarantees due to the interactive nature of these assumptions. The Schnorr-IBI scheme was first proposed through the Kurosawa-Heng transformation from the Schnorr signature. It remains one of the fastest yet most secure IBI schemes under impersonation against passive attacks due to its pairing-free design. However, when required to be secure against impersonators under active and concurrent attacks, it deteriorates greatly in terms of efficiency due to the protocol having to be repeated multiple times. In this paper, we upgrade the Schnorr-IBI scheme to be secure against impersonation under active and concurrent attacks using only the classical discrete logarithm assumption. This translates to a higher degree of security guarantee with only some minor increments in operational costs. Furthermore, because the scheme operates without pairings, it still retains its efficiency and superiority when compared to other pairing-based IBI schemes.

  13. Twin-Schnorr: A Security Upgrade for the Schnorr Identity-Based Identification Scheme

    PubMed Central

    Heng, Swee-Huay; Phan, Raphael Chung-Wei

    2015-01-01

    Most identity-based identification (IBI) schemes proposed in recent literature are built using pairing operations. This decreases efficiency due to the high operation costs of pairings. Furthermore, most of these IBI schemes are proven to be secure against impersonation under active and concurrent attacks using interactive assumptions such as the one-more RSA inversion assumption or the one-more discrete logarithm assumption, translating to weaker security guarantees due to the interactive nature of these assumptions. The Schnorr-IBI scheme was first proposed through the Kurosawa-Heng transformation from the Schnorr signature. It remains one of the fastest yet most secure IBI schemes under impersonation against passive attacks due to its pairing-free design. However, when required to be secure against impersonators under active and concurrent attacks, it deteriorates greatly in terms of efficiency due to the protocol having to be repeated multiple times. In this paper, we upgrade the Schnorr-IBI scheme to be secure against impersonation under active and concurrent attacks using only the classical discrete logarithm assumption. This translates to a higher degree of security guarantee with only some minor increments in operational costs. Furthermore, because the scheme operates without pairings, it still retains its efficiency and superiority when compared to other pairing-based IBI schemes. PMID:25692179

  14. [Study on water quality monitoring scheme based on non-point source pollution].

    PubMed

    Wu, Xi-Jun; Li, Huai-En; Li, Jia-Ke; Li, Qiang-Kun; Dong, Wen

    2013-06-01

    In order to improve standardization and normalization of non-point source pollution monitoring, this paper summarized the non-point source pollution monitoring scheme that based on conventional technology condition. The scheme firstly emphasized the preparation work before monitoring, including situation investigation and index selection of the monitoring area and so on; In the process of establishing monitoring scheme, the monitoring area was divided into three types: city, agriculture and watershed. Take urban area monitoring scheme for Xi'an as an example, through dividing function zone setting sampling point, summarized sampling time interval, frequency and sampling methods during a rainfall process. An irrigation district was an example for agricultural monitoring scheme, through unit division, setting sampling point at the approach channel and drain channel, introduced sampling times, interval time and so on in the process of irrigation. Watershed monitoring scheme's example was the Weihe GuanZhong section, raised the setting principle of each sample section, and analyzed each section's sampling law in the process of rainfall. Finally the principal character of different non-point source pollution monitoring areas was discussed, and concluded that non-point source pollution monitoring scheme is the base of non-point source pollution study and control.

  15. Authentic HIV-1 integrase inhibitors

    PubMed Central

    Liao, Chenzhong; Marchand, Christophe; Burke, Terrence R; Pommier, Yves; Nicklaus, Marc C

    2010-01-01

    HIV-1 integrase (IN) is indispensable for HIV-1 replication and has become a validated target for developing anti-AIDS agents. In two decades of development of IN inhibition-based anti-HIV therapeutics, a significant number of compounds were identified as IN inhibitors, but only some of them showed antiviral activity. This article reviews a number of patented HIV-1 IN inhibitors, especially those that possess high selectivity for the strand transfer reaction. These compounds generally have a polar coplanar moiety, which is assumed to chelate two magnesium ions in the binding site. Resistance to those compounds, when given to patients, can develop as a result of IN mutations. We refer to those compounds as authentic IN inhibitors. Continued drug development has so far delivered one authentic IN inhibitor to the market (raltegravir in 2007). Current and future attention will be focused on the development of novel authentic IN inhibitors with the goal of overcoming viral resistance. PMID:21426159

  16. [Rapid PCR authentication Lonicera japanica].

    PubMed

    Jiang, Chao; Hou, Jing-Yi; Huang, Lu-Qi; Yuan, Yuan; Chen, Min; Jin, Yan

    2014-10-01

    To simply and rapid authenticate Lonicera japanica. Rapid allele-specific PCR primer was designed base on trnL-trnF 625 G/T Single nucleotide polymorphism and the PCR reaction systems including annealing temperature was optimized; optimized results were performed to authenticate L. japanica and its 9 adulterants. When 100 x SYBR Green I was added in the PCR product of 87 degrees C initial denatured 1 min; 87 degrees C denatured 5 s, 68 degrees C annealing 5 s, 30 cycle; L. japanica visualize strong green fluorescence under 365 nm UV lamp whereas adulterants without. The results indicate rapid allele-specific PCR could authenticate L. japanica and its adulterants rapidly and simply.

  17. A study on user authentication methodology using numeric password and fingerprint biometric information.

    PubMed

    Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol; Kwak, Jin

    2013-01-01

    The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

  18. Vector-lifting schemes based on sorting techniques for lossless compression of multispectral images

    NASA Astrophysics Data System (ADS)

    Benazza-Benyahia, Amel; Pesquet, Jean-Christophe

    2003-01-01

    In this paper, we introduce vector-lifting schemes which allow to generate very compact multiresolution representations, suitable for lossless and progressive coding of multispectral images. These new decomposition schemes exploit simultaneously the spatial and the spectral redundancies contained in multispectral images. When the spectral bands have different dynamic ranges, we improve dramatically the performances of the proposed schemes by a reversible histogram modification based on sorting permutations. Simulation tests carried out on real images allow to evaluate the performances of this new compression method. They indicate that the achieved compression ratios are higher than those obtained with currently used lossless coders.

  19. An image encryption scheme based on the MLNCML system using DNA sequences

    NASA Astrophysics Data System (ADS)

    Zhang, Ying-Qian; Wang, Xing-Yuan; Liu, Jia; Chi, Ze-Lin

    2016-07-01

    We propose a new image scheme based on the spatiotemporal chaos of the Mixed Linear-Nonlinear Coupled Map Lattices (MLNCML). This spatiotemporal chaotic system has more cryptographic features in dynamics than the system of Coupled Map Lattices (CML). In the proposed scheme, we employ the strategy of DNA computing and one time pad encryption policy, which can enhance the sensitivity to the plaintext and resist differential attack, brute-force attack, statistical attack and plaintext attack. Simulation results and theoretical analysis indicate that the proposed scheme has superior high security.

  20. Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

    2015-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).

  1. Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

    PubMed Central

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

    2015-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks). PMID:25849359

  2. A homotopy method based on WENO schemes for solving steady state problems of hyperbolic conservation laws

    DTIC Science & Technology

    2012-09-03

    use of so-called probability-one methods [22]. The significant advantage of homotopy method to compute steady state solutions is free of Courant ...A homotopy method based on WENO schemes for solving steady state problems of hyperbolic conservation laws Wenrui Hao∗ Jonathan D. Hauenstein† Chi...robustness of the new method . Keywords homotopy continuation, hyperbolic conservation laws, WENO scheme, steady state problems. ∗Department of Applied and

  3. Digital image communication scheme based on the breakup of spiral waves

    NASA Astrophysics Data System (ADS)

    Vaidelys, Martynas; Lu, Chen; Cheng, Yujie; Ragulskis, Minvydas

    2017-02-01

    A digital image communication scheme based on the breakup of spiral waves is presented in this paper. This communication system does not require spatially homogeneous random initial conditions. Moreover, the secret image is not embedded into the initial conditions of the evolving self-organizing patterns. Such features increase the security of the communication, but still enable an effective transmission of the secret image. Computational experiments are used to demonstrate the properties and efficiency of the proposed scheme.

  4. Self-authentication of value documents

    NASA Astrophysics Data System (ADS)

    Hayosh, Thomas D.

    1998-04-01

    To prevent fraud it is critical to distinguish an authentic document from a counterfeit or altered document. Most current technologies rely on difficult-to-print human detectable features which are added to a document to prevent illegal reproduction. Fraud detection is mostly accomplished by human observation and is based upon the examiner's knowledge, experience and time allotted for examination of a document. Another approach to increasing the security of a value document is to add a unique property to each document. Data about that property is then encoded on the document itself and finally secured using a public key based digital signature. In such a scheme, machine readability of authenticity is possible. This paper describes a patent-applied-for methodology using the unique property of magnetic ink printing, magnetic remanence, that provides for full self- authentication when used with a recordable magnetic stripe for storing a digital signature and other document data. Traditionally the authenticity of a document is determined by physical examination for color, background printing, paper texture, printing resolution, and ink characteristics. On an initial level, there may be numerous security features present on a value document but only a few can be detected and evaluated by the untrained individual. Because security features are normally not standardized except on currency, training tellers and cashiers to do extensive security evaluation is not practical, even though these people are often the only people who get a chance to closely examine the document in a payment system which is back-end automated. In the context of this paper, one should be thinking about value documents such as commercial and personal checks although the concepts presented here can easily be applied to travelers cheques, credit cards, event tickets, passports, driver's licenses, motor vehicle titles, and even currency. For a practical self-authentication system, the false alarms

  5. Renewing membership in three community-based health insurance schemes in rural India.

    PubMed

    Panda, Pradeep; Chakraborty, Arpita; Raza, Wameq; Bedi, Arjun S

    2016-12-01

    Low renewal rate is a key challenge facing the sustainability of community-based health insurance (CBHI) schemes. While there is a large literature on initial enrolment into such schemes, there is limited evidence on the factors that impede renewal. This article uses longitudinal data to analyse what determines renewal, both 1 year and 2 years after the introduction of three CBHI schemes, which have been operating in rural Bihar and Uttar Pradesh since 2011. We find that initial scheme uptake is ∼23-24% and that 2 years after scheme operation, only ∼20% of the initial enrolees maintain their membership. A household's socio-economic status does not seem to play a large role in impeding renewal. In some instances, a greater understanding of the scheme boosts renewal. The link between health status and use of health care in maintaining renewal is mixed. The clearest effect is that individuals living in households that have received benefits from the scheme are substantially more likely to renew their contracts. We conclude that the low retention rates may be attributed to limited benefit packages, slow claims processing times and the gap between the amounts claimed and amounts paid out by insurance.

  6. Cascaded Fresnel holographic image encryption scheme based on a constrained optimization algorithm and Henon map

    NASA Astrophysics Data System (ADS)

    Su, Yonggang; Tang, Chen; Chen, Xia; Li, Biyuan; Xu, Wenjun; Lei, Zhenkun

    2017-01-01

    We propose an image encryption scheme using chaotic phase masks and cascaded Fresnel transform holography based on a constrained optimization algorithm. In the proposed encryption scheme, the chaotic phase masks are generated by Henon map, and the initial conditions and parameters of Henon map serve as the main secret keys during the encryption and decryption process. With the help of multiple chaotic phase masks, the original image can be encrypted into the form of a hologram. The constrained optimization algorithm makes it possible to retrieve the original image from only single frame hologram. The use of chaotic phase masks makes the key management and transmission become very convenient. In addition, the geometric parameters of optical system serve as the additional keys, which can improve the security level of the proposed scheme. Comprehensive security analysis performed on the proposed encryption scheme demonstrates that the scheme has high resistance against various potential attacks. Moreover, the proposed encryption scheme can be used to encrypt video information. And simulations performed on a video in AVI format have also verified the feasibility of the scheme for video encryption.

  7. Authentic Instruction and Technology Literacy

    ERIC Educational Resources Information Center

    Cydis, Susan

    2015-01-01

    Technology integration is an important aspect of student competence in the 21st century. The use of technology in teaching and learning is a valuable practice for supporting student learning and engagement. Modelling the pedagogical practices that integrate authentic, performance-based opportunities for technology integration was the focus of a…

  8. Integrating Authentic Assessment with Competence-Based Learning in Vocational Education: The Protocol Portfolio Scoring

    ERIC Educational Resources Information Center

    Sluijsmans, Dominique M. A.; Straetmans, Gerard J. J. M.; van Merrienboer, Jeroen J. G.

    2008-01-01

    This article describes how competence-based learning (CBL) can be organised in vocational education by integrating elements from a holistic instructional design model with recent ideas on assessment. A curriculum based on this model is pre-eminently suitable for an assessment approach emphasising that proof of competence is gathered by having…

  9. An improved authenticated key agreement protocol for telecare medicine information system.

    PubMed

    Liu, Wenhao; Xie, Qi; Wang, Shengbao; Hu, Bin

    2016-01-01

    In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.'s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user's identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient's identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.'s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif.

  10. Proxy-Based IPv6 Neighbor Discovery Scheme for Wireless LAN Based Mesh Networks

    NASA Astrophysics Data System (ADS)

    Lee, Jihoon; Jeon, Seungwoo; Kim, Jaehoon

    Multi-hop Wireless LAN-based mesh network (WMN) provides high capacity and self-configuring capabilities. Due to data forwarding and path selection based on MAC address, WMN requires additional operations to achieve global connectivity using IPv6 address. The neighbor discovery operation over WLAN mesh networks requires repeated all-node broadcasting and this gives rise to a big burden in the entire mesh networks. In this letter, we propose the proxy neighbor discovery scheme for optimized IPv6 communication over WMN to reduce network overhead and communication latency. Using simulation experiments, we show that the control overhead and communication setup latency can be significantly reduced using the proxy-based neighbor discovery mechanism.

  11. Multimodal biometric authentication based on the fusion of finger vein and finger geometry

    NASA Astrophysics Data System (ADS)

    Kang, Byung Jun; Park, Kang Ryoung

    2009-09-01

    We propose a new multimodal biometric recognition based on the fusion of finger vein and finger geometry. This research shows three novelties compared to previous works. First, this is the first approach to combine the finger vein and finger geometry information at the same time. Second, the proposed method includes a new finger geometry recognition based on the sequential deviation values of finger thickness extracted from a single finger. Third, we integrate finger vein and finger geometry by a score-level fusion method based on a support vector machine. Results show that recognition accuracy is significantly enhanced using the proposed method.

  12. An efficient controlled quantum secure direct communication and authentication by using four particle cluster states

    NASA Astrophysics Data System (ADS)

    Nanvakenari, Milad; Houshmand, Monireh

    In this paper, a three-party controlled quantum secure direct communication and authentication (QSDCA) protocol is proposed by using four particle cluster states via a quantum one-time pad and local unitary operations. In the present scheme, only under the permission of the controller, the sender and the receiver can implement secure direct communication successfully. But under any circumstances, Charlie cannot obtain the secret message. Eavesdropping detection and identity authentication are achieved with the help of the previously shared reusable base identity strings of users. This protocol is unconditionally secure in both ideal and practical noisy cases. In one transmission, a qubit of each four particle cluster state is used as controller’s permission and the same qubit with another qubit are used to recover two classical bits of information. In the proposed scheme, the efficiency is improved compared with the previous works.

  13. Fire. Youth Training Scheme. Core Exemplar Work Based Project.

    ERIC Educational Resources Information Center

    Further Education Staff Coll., Blagdon (England).

    This trainer's guide is intended to assist supervisors of work-based career training projects in teaching students the basics of fire prevention in the kitchen. The guide is one in a series of core curriculum modules that is intended for use in combination on- and off-the-job programs to familiarize youth with the skills, knowledge, and attitudes…

  14. Cutting Tools. Youth Training Scheme. Core Exemplar Work Based Project.

    ERIC Educational Resources Information Center

    Further Education Staff Coll., Blagdon (England).

    This trainer's guide is intended to assist supervisors of work-based career training projects in teaching students to compare the performance of two different types of engineering cutting tools and to determine their cost-effectiveness and efficiency. The guide is one in a series of core curriculum modules that is intended for use in combination…

  15. Dairy Health. Youth Training Scheme. Core Exemplar Work Based Project.

    ERIC Educational Resources Information Center

    Further Education Staff Coll., Blagdon (England).

    This trainer's guide is intended to assist supervisors of work-based career training projects in helping students learn about dairy herd health, as well as how to gather, record, and interpret information. The guide is one in a series of core curriculum modules that is intended for use in combination on- and off-the-job programs to familiarize…

  16. Cache Scheme Based on Pre-Fetch Operation in ICN.

    PubMed

    Duan, Jie; Wang, Xiong; Xu, Shizhong; Liu, Yuanni; Xu, Chuan; Zhao, Guofeng

    2016-01-01

    Many recent researches focus on ICN (Information-Centric Network), in which named content becomes the first citizen instead of end-host. In ICN, Named content can be further divided into many small sized chunks, and chunk-based communication has merits over content-based communication. The universal in-network cache is one of the fundamental infrastructures for ICN. In this work, a chunk-level cache mechanism based on pre-fetch operation is proposed. The main idea is that, routers with cache store should pre-fetch and cache the next chunks which may be accessed in the near future according to received requests and cache policy for reducing the users' perceived latency. Two pre-fetch driven modes are present to answer when and how to pre-fetch. The LRU (Least Recently Used) is employed for the cache replacement. Simulation results show that the average user perceived latency and hops can be decreased by employed this cache mechanism based on pre-fetch operation. Furthermore, we also demonstrate that the results are influenced by many factors, such as the cache capacity, Zipf parameters and pre-fetch window size.

  17. Cache Scheme Based on Pre-Fetch Operation in ICN

    PubMed Central

    Duan, Jie; Wang, Xiong; Xu, Shizhong; Liu, Yuanni; Xu, Chuan; Zhao, Guofeng

    2016-01-01

    Many recent researches focus on ICN (Information-Centric Network), in which named content becomes the first citizen instead of end-host. In ICN, Named content can be further divided into many small sized chunks, and chunk-based communication has merits over content-based communication. The universal in-network cache is one of the fundamental infrastructures for ICN. In this work, a chunk-level cache mechanism based on pre-fetch operation is proposed. The main idea is that, routers with cache store should pre-fetch and cache the next chunks which may be accessed in the near future according to received requests and cache policy for reducing the users’ perceived latency. Two pre-fetch driven modes are present to answer when and how to pre-fetch. The LRU (Least Recently Used) is employed for the cache replacement. Simulation results show that the average user perceived latency and hops can be decreased by employed this cache mechanism based on pre-fetch operation. Furthermore, we also demonstrate that the results are influenced by many factors, such as the cache capacity, Zipf parameters and pre-fetch window size. PMID:27362478

  18. Secure Proactive Recovery a Hardware Based Mission Assurance Scheme

    DTIC Science & Technology

    2011-08-01

    components of this evaluation include a JAVA implementation based on Chameleon ARMORs (Kalbarczyk et al. 1999), ARENA simulation (http...Room, January. Kalbarczyk, Z., Iyer, R.K., Bagchi, S. and Whisnant, K. (1999) " Chameleon : a software infrastructure for adaptive fault tolerance

  19. Data Recognition and Filtering Based on Efficient RFID Data Processing Control Schemes

    NASA Astrophysics Data System (ADS)

    Kung, Hsu-Yang; Kuo, Chiung-Wen; Tsai, Ching-Ping

    Radio Frequency Identification (RFID) applications have changed gradually from a single vendor and single application to being integrated into applications for supply chains. The primary function of RFID middleware is to process large amounts of data within a short period. High performance and efficiency are difficult to achieve in a RFID data processing control scheme when the volume of RFID data is large. This work is designed the core functions of RFID middleware and developed data processing control scheme that includes data recognition, data filtering and data searching processes. The control scheme for RFID data recognition is used to identify data with false positives and then to obtain corrected data objects. The data filtering control scheme is used to solve problems associated with RFID expansion under a large amount of work and data. The proposed data searching method is based on the EPC (Electronic Product Code) and uses the Hash to accelerate information filtering efficiency.

  20. Improvement of a quantum broadcasting multiple blind signature scheme based on quantum teleportation

    NASA Astrophysics Data System (ADS)

    Zhang, Wei; Qiu, Daowen; Zou, Xiangfu

    2016-06-01

    Recently, a broadcasting multiple blind signature scheme based on quantum teleportation has been proposed for the first time. It is claimed to have unconditional security and properties of quantum multiple signature and quantum blind signature. In this paper, we analyze the security of the protocol and show that each signatory can learn the signed message by a single-particle measurement and the signed message can be modified at random by any attacker according to the scheme. Furthermore, there are some participant attacks and external attacks existing in the scheme. Finally, we present an improved scheme and show that it can resist all of the mentioned attacks. Additionally, the secret keys can be used again and again, making it more efficient and practical.

  1. A Quantum Multi-Proxy Weak Blind Signature Scheme Based on Entanglement Swapping

    NASA Astrophysics Data System (ADS)

    Yan, LiLi; Chang, Yan; Zhang, ShiBin; Han, GuiHua; Sheng, ZhiWei

    2017-02-01

    In this paper, we present a multi-proxy weak blind signature scheme based on quantum entanglement swapping of Bell states. In the scheme, proxy signers can finish the signature instead of original singer with his/her authority. It can be applied to the electronic voting system, electronic paying system, etc. The scheme uses the physical characteristics of quantum mechanics to implement delegation, signature and verification. It could guarantee not only the unconditionally security but also the anonymity of the message owner. The security analysis shows the scheme satisfies the security features of multi-proxy weak signature, singers cannot disavowal his/her signature while the signature cannot be forged by others, and the message owner can be traced.

  2. A Quantum Multi-Proxy Weak Blind Signature Scheme Based on Entanglement Swapping

    NASA Astrophysics Data System (ADS)

    Yan, LiLi; Chang, Yan; Zhang, ShiBin; Han, GuiHua; Sheng, ZhiWei

    2016-11-01

    In this paper, we present a multi-proxy weak blind signature scheme based on quantum entanglement swapping of Bell states. In the scheme, proxy signers can finish the signature instead of original singer with his/her authority. It can be applied to the electronic voting system, electronic paying system, etc. The scheme uses the physical characteristics of quantum mechanics to implement delegation, signature and verification. It could guarantee not only the unconditionally security but also the anonymity of the message owner. The security analysis shows the scheme satisfies the security features of multi-proxy weak signature, singers cannot disavowal his/her signature while the signature cannot be forged by others, and the message owner can be traced.

  3. TripSense: A Trust-Based Vehicular Platoon Crowdsensing Scheme with Privacy Preservation in VANETs

    PubMed Central

    Hu, Hao; Lu, Rongxing; Huang, Cheng; Zhang, Zonghua

    2016-01-01

    In this paper, we propose a trust-based vehicular platoon crowdsensing scheme, named TripSense, in VANET. The proposed TripSense scheme introduces a trust-based system to evaluate vehicles’ sensing abilities and then selects the more capable vehicles in order to improve sensing results accuracy. In addition, the sensing tasks are accomplished by platoon member vehicles and preprocessed by platoon head vehicles before the data are uploaded to server. Hence, it is less time-consuming and more efficient compared with the way where the data are submitted by individual platoon member vehicles. Hence it is more suitable in ephemeral networks like VANET. Moreover, our proposed TripSense scheme integrates unlinkable pseudo-ID techniques to achieve PM vehicle identity privacy, and employs a privacy-preserving sensing vehicle selection scheme without involving the PM vehicle’s trust score to keep its location privacy. Detailed security analysis shows that our proposed TripSense scheme not only achieves desirable privacy requirements but also resists against attacks launched by adversaries. In addition, extensive simulations are conducted to show the correctness and effectiveness of our proposed scheme. PMID:27258287

  4. TripSense: A Trust-Based Vehicular Platoon Crowdsensing Scheme with Privacy Preservation in VANETs.

    PubMed

    Hu, Hao; Lu, Rongxing; Huang, Cheng; Zhang, Zonghua

    2016-06-01

    In this paper, we propose a trust-based vehicular platoon crowdsensing scheme, named TripSense, in VANET. The proposed TripSense scheme introduces a trust-based system to evaluate vehicles' sensing abilities and then selects the more capable vehicles in order to improve sensing results accuracy. In addition, the sensing tasks are accomplished by platoon member vehicles and preprocessed by platoon head vehicles before the data are uploaded to server. Hence, it is less time-consuming and more efficient compared with the way where the data are submitted by individual platoon member vehicles. Hence it is more suitable in ephemeral networks like VANET. Moreover, our proposed TripSense scheme integrates unlinkable pseudo-ID techniques to achieve PM vehicle identity privacy, and employs a privacy-preserving sensing vehicle selection scheme without involving the PM vehicle's trust score to keep its location privacy. Detailed security analysis shows that our proposed TripSense scheme not only achieves desirable privacy requirements but also resists against attacks launched by adversaries. In addition, extensive simulations are conducted to show the correctness and effectiveness of our proposed scheme.

  5. Evaluation of Effectiveness of Wavelet Based Denoising Schemes Using ANN and SVM for Bearing Condition Classification

    PubMed Central

    G. S., Vijay; H. S., Kumar; Pai P., Srinivasa; N. S., Sriram; Rao, Raj B. K. N.

    2012-01-01

    The wavelet based denoising has proven its ability to denoise the bearing vibration signals by improving the signal-to-noise ratio (SNR) and reducing the root-mean-square error (RMSE). In this paper seven wavelet based denoising schemes have been evaluated based on the performance of the Artificial Neural Network (ANN) and the Support Vector Machine (SVM), for the bearing condition classification. The work consists of two parts, the first part in which a synthetic signal simulating the defective bearing vibration signal with Gaussian noise was subjected to these denoising schemes. The best scheme based on the SNR and the RMSE was identified. In the second part, the vibration signals collected from a customized Rolling Element Bearing (REB) test rig for four bearing conditions were subjected to these denoising schemes. Several time and frequency domain features were extracted from the denoised signals, out of which a few sensitive features were selected using the Fisher's Criterion (FC). Extracted features were used to train and test the ANN and the SVM. The best denoising scheme identified, based on the classification performances of the ANN and the SVM, was found to be the same as the one obtained using the synthetic signal. PMID:23213323

  6. A hash based mutual RFID tag authentication protocol in telecare medicine information system.

    PubMed

    Srivastava, Keerti; Awasthi, Amit K; Kaul, Sonam D; Mittal, R C

    2015-01-01

    Radio Frequency Identification (RFID) is a technology which has multidimensional applications to reduce the complexity of today life. Everywhere, like access control, transportation, real-time inventory, asset management and automated payment systems etc., RFID has its enormous use. Recently, this technology is opening its wings in healthcare environments, where potential applications include patient monitoring, object traceability and drug administration systems etc. In this paper, we propose a secure RFID-based protocol for the medical sector. This protocol is based on hash operation with synchronized secret. The protocol is safe against active and passive attacks such as forgery, traceability, replay and de-synchronization attack.

  7. A quartic B-spline based explicit time integration scheme for structural dynamics with controllable numerical dissipation

    NASA Astrophysics Data System (ADS)

    Wen, W. B.; Duan, S. Y.; Yan, J.; Ma, Y. B.; Wei, K.; Fang, D. N.

    2017-03-01

    An explicit time integration scheme based on quartic B-splines is presented for solving linear structural dynamics problems. The scheme is of a one-parameter family of schemes where free algorithmic parameter controls stability, accuracy and numerical dispersion. The proposed scheme possesses at least second-order accuracy and at most third-order accuracy. A 2D wave problem is analyzed to demonstrate the effectiveness of the proposed scheme in reducing high-frequency modes and retaining low-frequency modes. Except for general structural dynamics, the proposed scheme can be used effectively for wave propagation problems in which numerical dissipation is needed to reduce spurious oscillations.

  8. Modeling and performance analysis of an improved movement-based location management scheme for packet-switched mobile communication systems.

    PubMed

    Chung, Yun Won; Kwon, Jae Kyun; Park, Suwon

    2014-01-01

    One of the key technologies to support mobility of mobile station (MS) in mobile communication systems is location management which consists of location update and paging. In this paper, an improved movement-based location management scheme with two movement thresholds is proposed, considering bursty data traffic characteristics of packet-switched (PS) services. The analytical modeling for location update and paging signaling loads of the proposed scheme is developed thoroughly and the performance of the proposed scheme is compared with that of the conventional scheme. We show that the proposed scheme outperforms the conventional scheme in terms of total signaling load with an appropriate selection of movement thresholds.

  9. Solving Authentic Science Problems: Problem-based Learning Connects Science to the World Beyond School.

    ERIC Educational Resources Information Center

    Uyeda, Steve; Madden, John; Brigham, Lindy A.; Luft, Julie A.; Washburne, Jim

    2002-01-01

    Describes problem based learning (PBL) as a science teaching approach that combines both school and real-world science. Explains how to design an ill-structured problem considering local, state, and national standards; finding and preparing data; implementing PBL in the classroom; and its benefits and student assessment. Includes an example of PBL…

  10. Reliability and Validity of Authentic Assessment in a Web Based Course

    ERIC Educational Resources Information Center

    Olfos, Raimundo; Zulantay, Hildaura

    2007-01-01

    Web-based courses are promising in that they are effective and have the possibility of their instructional design being improved over time. However, the assessments of said courses are criticized in terms of their validity. This paper is an exploratory case study regarding the validity of the assessment system used in a semi presential web-based…

  11. Conducting Guided Inquiry in Science Classes Using Authentic, Archived, Web-Based Data

    ERIC Educational Resources Information Center

    Ucar, Sedat; Trundle, Kathy Cabe

    2011-01-01

    Students are often unable to collect the real-time data necessary for conducting inquiry in science classrooms. Web-based, real-time data could, therefore, offer a promising tool for conducting scientific inquiries within classroom environments. This study used a quasi-experimental research design to investigate the effects of inquiry-based…

  12. Tool-Mediated Authentic Learning in an Educational Technology Course: A Designed-Based Innovation

    ERIC Educational Resources Information Center

    Amory, Alan

    2014-01-01

    This design-based research project is concerned with the design, development and deployment of interactive technological learning environments to support contemporary education. The use of technologies in education often replicates instructivist positions and practices. However, the use of Cultural Historical Activity Theory (C), authentic…

  13. Protection Relaying Scheme Based on Fault Reactance Operation Type

    NASA Astrophysics Data System (ADS)

    Tsuji, Kouichi

    The theories of operation of existing relays are roughly divided into two types: one is the current differential types based on Kirchhoff's first law and the other is impedance types based on second law. We can apply the Kirchhoff's laws to strictly formulate fault phenomena, so the circuit equations are represented non linear simultaneous equations with variables fault point k and fault resistance Rf. This method has next two defect. 1) heavy computational burden for the iterative calculation on N-R method, 2) relay operator can not easily understand principle of numerical matrix operation. The new protection relay principles we proposed this paper focuses on the fact that the reactance component on fault point is almost zero. Two reactance Xf(S), Xf(R) on branch both ends are calculated by operation of solving linear equations. If signs of Xf(S) and Xf(R) are not same, it can be judged that the fault point exist in the branch. This reactance Xf corresponds to difference of branch reactance between actual fault point and imaginaly fault point. And so relay engineer can to understand fault location by concept of “distance". The simulation results using this new method indicates the highly precise estimation of fault locations compared with the inspected fault locations on operating transmission lines.

  14. Performance Analysis of Positive-feedback-based Active Anti-islanding Schemes for Inverter-Based Distributed Generators

    SciTech Connect

    Du, Pengwei; Aponte, Erick E.; Nelson, J. Keith

    2010-06-14

    Recently proposed positive-feedback-based anti-islanding schemes (AI) are highly effective in preventing islanding without causing any degradation in power quality. This paper aims to analyze the performance of these schemes quantitatively in the context of the dynamic models of inverter-based distributed generators (DG). In this study, the characteristics of these active anti-islanding methods are discussed and design guidelines are derived.

  15. Generalized color interpolation scheme based on intermediate quincuncial pattern

    NASA Astrophysics Data System (ADS)

    Park, Sang Wook; Kang, Moon Gi

    2014-05-01

    Recently, color filter array patterns based on optimal design by reducing interchannel aliasing have been developed. Although these optimally subsampled patterns produce less degradation of resolution for the images in daylight about 6500 K, aliasing and grid effect become more prominent under the different lighting conditions. Moreover, the color interpolation (CI) for Bayer pattern cannot be utilized for these patterns. Since it is impossible to change coated patterns according to various conditions, CI algorithms have to compensate for light variations. In this letter, a method for generating intermediate quincuncial pattern is proposed for two patterns. Also, edge adaptive interpolation for the quincuncial pattern is carried out. Experimental results show that the proposed method reduces aliasing and grid effect.

  16. A digital filtering scheme for SQUID based magnetocardiography

    NASA Astrophysics Data System (ADS)

    Zhu, Xue-Min; Ren, Yu-Feng; Yu, Hong-Wei; Zhao, Shi-Ping; Chen, Geng-Hua; Zhang, Li-Hua; Yang, Qian-Sheng

    2006-01-01

    Considering the properties of slow change and quasi-periodicity of magnetocardiography (MCG) signal, we use an integrated technique of adaptive and low-pass filtering in dealing with two-channel MCG data measured by high Tc SQUIDs. The adaptive filter in the time domain is based on a noise feedback normalized least-mean-square (NLMS) algorithm and the low-pass filter with a cutoff at 100Hz in the frequency domain characterized by Gaussian functions is combined with a notch at the power line frequency. In this way, both relevant and irrelevant noises in original MCG data are largely eliminated. The method may also be useful for other slowly varying quasi-periodical signals.

  17. Efficient image compression scheme based on differential coding

    NASA Astrophysics Data System (ADS)

    Zhu, Li; Wang, Guoyou; Liu, Ying

    2007-11-01

    Embedded zerotree (EZW) and Set Partitioning in Hierarchical Trees (SPIHT) coding, introduced by J.M. Shapiro and Amir Said, are very effective and being used in many fields widely. In this study, brief explanation of the principles of SPIHT was first provided, and then, some improvement of SPIHT algorithm according to experiments was introduced. 1) For redundancy among the coefficients in the wavelet region, we propose differential method to reduce it during coding. 2) Meanwhile, based on characteristic of the coefficients' distribution in subband, we adjust sorting pass and optimize differential coding, in order to reduce the redundancy coding in each subband. 3) The image coding result, calculated by certain threshold, shows that through differential coding, the rate of compression get higher, and the quality of reconstructed image have been get raised greatly, when bpp (bit per pixel)=0.5, PSNR (Peak Signal to Noise Ratio) of reconstructed image exceeds that of standard SPIHT by 0.2~0.4db.

  18. Application of gas chromatography/flame ionization detector-based metabolite fingerprinting for authentication of Asian palm civet coffee (Kopi Luwak).

    PubMed

    Jumhawan, Udi; Putri, Sastia Prama; Yusianto; Bamba, Takeshi; Fukusaki, Eiichiro

    2015-11-01

    Development of authenticity screening for Asian palm civet coffee, the world-renowned priciest coffee, was previously reported using metabolite profiling through gas chromatography/mass spectrometry (GC/MS). However, a major drawback of this approach is the high cost of the instrument and maintenance. Therefore, an alternative method is needed for quality and authenticity evaluation of civet coffee. A rapid, reliable and cost-effective analysis employing a universal detector, GC coupled with flame ionization detector (FID), and metabolite fingerprinting has been established for discrimination analysis of 37 commercial and non-commercial coffee beans extracts. gas chromatography/flame ionization detector (GC/FID) provided higher sensitivity over a similar range of detected compounds than GC/MS. In combination with multivariate analysis, GC/FID could successfully reproduce quality prediction from GC/MS for differentiation of commercial civet coffee, regular coffee and coffee blend with 50 wt % civet coffee content without prior metabolite details. Our study demonstrated that GC/FID-based metabolite fingerprinting can be effectively actualized as an alternative method for coffee authenticity screening in industries.

  19. nrDNA ITS sequence based SCAR marker to authenticate Aconitum heterophyllum and Cyperus rotundus in Ayurvedic raw drug source and prepared herbal products.

    PubMed

    Seethapathy, Gopalakrishnan Saroja; Balasubramani, Subramani Paranthaman; Venkatasubramanian, Padma

    2014-02-15

    To authenticate Ayurvedic medicinal plants Ativisha (Aconitum heterophyllum) and Musta (Cyperus rotundus) at the raw drug source and in prepared herbal products, nrDNA ITS sequence based SCAR markers were designed and validated spp.-specific SCAR primers gave amplicon of 415 bp and 134 bp, respectively, in authentic species. The SCAR primers (Cyr-FP and Cyr-RP) could identify tissue sample containing 750 μg to 4.76 mg/100mg of Musta in complex mixtures of DNA extracted from commercial herbal drugs. Ativisha could not be identified through SCAR markers suggesting that authentic species may not been used to prepare herbal drugs despite its being labelled as one of the ingredients in formulations. Analysis of individual tubers of Ativisha and Musta assures the presence of admixtures in raw drug trade of Ativisha, indicates the need to monitor the basic raw material supply and concludes, supplying plant materials through cultivation to manufacturing industries can minimize the risks of adulteration.

  20. Coupled-cluster method: A lattice-path-based subsystem approximation scheme for quantum lattice models

    SciTech Connect

    Bishop, R. F.; Li, P. H. Y.

    2011-04-15

    An approximation hierarchy, called the lattice-path-based subsystem (LPSUBm) approximation scheme, is described for the coupled-cluster method (CCM). It is applicable to systems defined on a regular spatial lattice. We then apply it to two well-studied prototypical (spin-(1/2) Heisenberg antiferromagnetic) spin-lattice models, namely, the XXZ and the XY models on the square lattice in two dimensions. Results are obtained in each case for the ground-state energy, the ground-state sublattice magnetization, and the quantum critical point. They are all in good agreement with those from such alternative methods as spin-wave theory, series expansions, quantum Monte Carlo methods, and the CCM using the alternative lattice-animal-based subsystem (LSUBm) and the distance-based subsystem (DSUBm) schemes. Each of the three CCM schemes (LSUBm, DSUBm, and LPSUBm) for use with systems defined on a regular spatial lattice is shown to have its own advantages in particular applications.

  1. Meaningful, Authentic and Place-Based Informal Science Education for 6-12 Students

    NASA Astrophysics Data System (ADS)

    Ito, E.; Dalbotten, D. M.

    2014-12-01

    American Indians are underrepresented in STEM and especially in Earth sciences. They have the lowest high school graduation rate and highest unemployment. On the other hand, tribes are in search of qualified young people to work in geo- and hydro-technical fields to manage reservations' natural resources. Dalbotten and her collaborators at the Fond du Lac Band of Lake Superior Chippewa and local 6-12 teachers ran a place-based but non-themed informal monthly science camps (gidakiimanaaniwigamig) for 7 years starting 2003. Camps were held on reservation and some activities focused on observing seasonal changes. The students enjoyed coming to the camps but the camp activities went largely unnoticed by the reservation itself. For the last 5 years, we and the same cast of characters from the gidakiimanaaniwigamig camps ran a very place-based, research-based camp program, manoomin. The research was focused on manoomin (wild rice) which is a culturally important plant and food that grows in local lakes and wetlands. Manmade changes in hydrology, toxic metals from mining, and changing weather patterns due to climate change threaten this precious resource. Our plan was for 6-12 students to investigate the past, the present and the future conditions of manoomin on and around the reservation. It became clear by 3rd year that the research project, as conceived, was overly ambitious and could not be completed at the level we hoped in a camp setting (6 weekend camps = 6 full days per year). However, students felt that they were involved in research that was beneficial to their reservation, reported gaining self-confidence to pursue a career in science, and stated a desired to obtain a college degree. They also became aware of STEM employment opportunities on reservation that they could aim for. The camps also fostered a trusting relationship between researchers at Fond du Lac resource managers and the U. of MN. Based on these experiences, we proposed a new format for these

  2. A two-stage spectrum sensing scheme based on energy detection and a novel multitaper method

    NASA Astrophysics Data System (ADS)

    Qi, Pei-Han; Li, Zan; Si, Jiang-Bo; Xiong, Tian-Yi

    2015-04-01

    Wideband spectrum sensing has drawn much attention in recent years since it provides more opportunities to the secondary users. However, wideband spectrum sensing requires a long time and a complex mechanism at the sensing terminal. A two-stage wideband spectrum sensing scheme is considered to proceed spectrum sensing with low time consumption and high performance to tackle this predicament. In this scheme, a novel multitaper spectrum sensing (MSS) method is proposed to mitigate the poor performance of energy detection (ED) in the low signal-to-noise ratio (SNR) region. The closed-form expression of the decision threshold is derived based on the Neyman-Pearson criterion and the probability of detection in the Rayleigh fading channel is analyzed. An optimization problem is formulated to maximize the probability of detection of the proposed two-stage scheme and the average sensing time of the two-stage scheme is analyzed. Numerical results validate the efficiency of MSS and show that the two-stage spectrum sensing scheme enjoys higher performance in the low SNR region and lower time cost in the high SNR region than the single-stage scheme. Project supported by the National Natural Science Foundation of China (Grant No. 61301179), the China Postdoctoral Science Foundation (Grant No. 2014M550479), and the Doctorial Programs Foundation of the Ministry of Education, China (Grant No. 20110203110011).

  3. Development of swine-specific DNA markers for biosensor-based halal authentication.

    PubMed

    Ali, M E; Hashim, U; Kashif, M; Mustafa, S; Che Man, Y B; Abd Hamid, S B

    2012-06-29

    The pig (Sus scrofa) mitochondrial genome was targeted to design short (15-30 nucleotides) DNA markers that would be suitable for biosensor-based hybridization detection of target DNA. Short DNA markers are reported to survive harsh conditions in which longer ones are degraded into smaller fragments. The whole swine mitochondrial-genome was in silico digested with AluI restriction enzyme. Among 66 AluI fragments, five were selected as potential markers because of their convenient lengths, high degree of interspecies polymorphism and intraspecies conservatism. These were confirmed by NCBI blast analysis and ClustalW alignment analysis with 11 different meat-providing animal and fish species. Finally, we integrated a tetramethyl rhodamine-labeled 18-nucleotide AluI fragment into a 3-nm diameter citrate-tannate coated gold nanoparticle to develop a swine-specific hybrid nanobioprobe for the determination of pork adulteration in 2.5-h autoclaved pork-beef binary mixtures. This hybrid probe detected as low as 1% pork in deliberately contaminated autoclaved pork-beef binary mixtures and no cross-species detection was recorded, demonstrating the feasibility of this type of probe for biosensor-based detection of pork adulteration of halal and kosher foods.

  4. A novel user authentication and key agreement protocol for accessing multi-medical server usable in TMIS.

    PubMed

    Amin, Ruhul; Biswas, G P

    2015-03-01

    Telecare Medical Information System (TMIS) makes an efficient and convenient connection between patient(s)/user(s) at home and doctor(s) at a clinical center. To ensure secure connection between the two entities (patient(s)/user(s), doctor(s)), user authentication is enormously important for the medical server. In this regard, many authentication protocols have been proposed in the literature only for accessing single medical server. In order to fix the drawbacks of the single medical server, we have primarily developed a novel architecture for accessing several medical services of the multi-medical server, where a user can directly communicate with the doctor of the medical server securely. Thereafter, we have developed a smart card based user authentication and key agreement security protocol usable for TMIS system using cryptographic one-way hash function. We have analyzed the security of our proposed authentication scheme through both formal and informal security analysis. Furthermore, we have simulated the proposed scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and showed that the scheme is secure against the replay and man-in-the-middle attacks. The informal security analysis is also presented which confirms that the protocol has well security protection on the relevant security attacks. The security and performance comparison analysis confirm that the proposed protocol not only provides security protection on the above mentioned attacks, but it also achieves better complexities along with efficient login and password change phase.

  5. A Hybrid Key Management Scheme for WSNs Based on PPBR and a Tree-Based Path Key Establishment Method.

    PubMed

    Zhang, Ying; Liang, Jixing; Zheng, Bingxin; Chen, Wei

    2016-04-09

    With the development of wireless sensor networks (WSNs), in most application scenarios traditional WSNs with static sink nodes will be gradually replaced by Mobile Sinks (MSs), and the corresponding application requires a secure communication environment. Current key management researches pay less attention to the security of sensor networks with MS. This paper proposes a hybrid key management schemes based on a Polynomial Pool-based key pre-distribution and Basic Random key pre-distribution (PPBR) to be used in WSNs with MS. The scheme takes full advantages of these two kinds of methods to improve the cracking difficulty of the key system. The storage effectiveness and the network resilience can be significantly enhanced as well. The tree-based path key establishment method is introduced to effectively solve the problem of communication link connectivity. Simulation clearly shows that the proposed scheme performs better in terms of network resilience, connectivity and storage effectiveness compared to other widely used schemes.

  6. A Hybrid Key Management Scheme for WSNs Based on PPBR and a Tree-Based Path Key Establishment Method

    PubMed Central

    Zhang, Ying; Liang, Jixing; Zheng, Bingxin; Chen, Wei

    2016-01-01

    With the development of wireless sensor networks (WSNs), in most application scenarios traditional WSNs with static sink nodes will be gradually replaced by Mobile Sinks (MSs), and the corresponding application requires a secure communication environment. Current key management researches pay less attention to the security of sensor networks with MS. This paper proposes a hybrid key management schemes based on a Polynomial Pool-based key pre-distribution and Basic Random key pre-distribution (PPBR) to be used in WSNs with MS. The scheme takes full advantages of these two kinds of methods to improve the cracking difficulty of the key system. The storage effectiveness and the network resilience can be significantly enhanced as well. The tree-based path key establishment method is introduced to effectively solve the problem of communication link connectivity. Simulation clearly shows that the proposed scheme performs better in terms of network resilience, connectivity and storage effectiveness compared to other widely used schemes. PMID:27070624

  7. Engaging Middle School Students in Authentic Research based on a summer research cruise

    NASA Astrophysics Data System (ADS)

    Manley, J.; Ellins, K. K.; Conte, M. H.

    2011-12-01

    In summer 2010, as a participant in the TXESS Revolution, a National Science Foundation (NSF)-sponsored professional development program for teachers in support of Earth and Space Science, I participated in a scientific research cruise led by Dr. Maureen Conte of the Bermuda Institute of Ocean Sciences (BIOS). The primary purpose of the cruise was to collect water samples from different ocean depths, make temperature and conductivity measurements, and retrieve biologic particle debris collection equipment deployed as part of the NSF-sponsored Oceanic Flux Program to measure particle fluxes in the deep Sargasso Sea. A secondary objective involved the collection of plastic debris floating within the sargassum grass trapped in the North Atlantic gyre in order to investigate plastic pollution. As a member of the science team I worked alongside of Dr. Conte, scientists and graduate students, giving me a personal experience to inspire my students' interest in the marine ecosystem. In the classroom, I used a Project Based Learning (PBL) approach to translate my experience and knowledge gained into productive learning for my students. With Project Based Learning, teams of students solve a real world, open-ended challenge problem through research and experimentation. In this Problem, the challenge was to design a virtual product to motivate ordinary people to change their habits regarding their use and improper disposal of plastics. Team products included websites, social network pages, and in-school announcements to create awareness about plastic pollution in the ocean. Fulfilling one of the basic principles of the PBL approach to provide student access to experts, cruise participant and University of North Carolina graduate student Bonnie Monteleone dedicated an entire day to speak with each of my classes about her experiences studying ocean plastics and answer their questions via SKYPE. In addition, Ms. Monteleone used her extensive contacts to post the best of my

  8. Safety assurance of assistive devices based on a two-level checking scheme.

    PubMed

    Lin, Hua-Sheng; Chang, Yi-Chu; Chen, Chiun-Fan; Luh, Jer-Junn; Chiou, Ying-Han; Lai, Jin-Shin; Kuog, T-S

    2005-01-01

    The increasing number of physically challenged individuals has boosted the demand of powered wheelchairs. This paper is on the subject of a DSP (Digital Signal Processors) based assistive system, which is associated with a two-level checking scheme. The assistive system takes on the M3S (Multiple Master Multiple Slave) regulation for the assurance of safety. The CAN (Control Area Networks) embedded module in the DSP provides robust transmission of information within the system. The hardware interfaces based on the two-level checking scheme is implemented in input devices (e.g. joystick, head control apparatus) and in output devices (e.g. manipulator, prime mover motors).

  9. Very low bit streaming image compression coder based on lift scheme

    NASA Astrophysics Data System (ADS)

    Tao, Hongjiu; Tian, Jinwen; Liu, Jianguo; Yu, Qiuzhe; Xu, Hongbo

    2001-09-01

    This paper presents a novel compression encoding/decoding method based on lift scheme for I-VOP. In traditional coding I-VOP algorithm, the textures and shapes are separately coded, and the macro-block DCT coding method is adopted in the coding texture and 16x16 BAB(Binary Alpha Block) coding method is employed in shape coding. The texture and shape coding method is not of embed feature. The algorithm based on lift scheme for I-VOP, the texture and shape at same time is coded and the bit streaming is of embed feature.

  10. Building secure wireless access point based on certificate authentication and firewall captive portal

    NASA Astrophysics Data System (ADS)

    Soewito, B.; Hirzi

    2014-03-01

    Wireless local area network or WLAN more vulnerability than wired network even though WLAN has many advantages over wired. Wireless networks use radio transmissions to carry data between end users and access point. Therefore, it is possible for someone to sit in your office building's lobby or parking lot or parking lot to eavesdrop on the wireless network communication. This paper discussed securing wires local area network used WPA2 Enterprise based PEAP MS-CHAP and Captive portal firewall. We also divided the network for employer and visitor to increase the level of security. Our experiment showed that the WLAN could be broken using the attacker tool such as airodump, aireply, and aircrack.

  11. A new Fourier transform based CBIR scheme for mammographic mass classification: a preliminary invariance assessment

    NASA Astrophysics Data System (ADS)

    Gundreddy, Rohith Reddy; Tan, Maxine; Qui, Yuchen; Zheng, Bin

    2015-03-01

    The purpose of this study is to develop and test a new content-based image retrieval (CBIR) scheme that enables to achieve higher reproducibility when it is implemented in an interactive computer-aided diagnosis (CAD) system without significantly reducing lesion classification performance. This is a new Fourier transform based CBIR algorithm that determines image similarity of two regions of interest (ROI) based on the difference of average regional image pixel value distribution in two Fourier transform mapped images under comparison. A reference image database involving 227 ROIs depicting the verified soft-tissue breast lesions was used. For each testing ROI, the queried lesion center was systematically shifted from 10 to 50 pixels to simulate inter-user variation of querying suspicious lesion center when using an interactive CAD system. The lesion classification performance and reproducibility as the queried lesion center shift were assessed and compared among the three CBIR schemes based on Fourier transform, mutual information and Pearson correlation. Each CBIR scheme retrieved 10 most similar reference ROIs and computed a likelihood score of the queried ROI depicting a malignant lesion. The experimental results shown that three CBIR schemes yielded very comparable lesion classification performance as measured by the areas under ROC curves with the p-value greater than 0.498. However, the CBIR scheme using Fourier transform yielded the highest invariance to both queried lesion center shift and lesion size change. This study demonstrated the feasibility of improving robustness of the interactive CAD systems by adding a new Fourier transform based image feature to CBIR schemes.

  12. Variance reduction for Fokker–Planck based particle Monte Carlo schemes

    SciTech Connect

    Gorji, M. Hossein Andric, Nemanja; Jenny, Patrick

    2015-08-15

    Recently, Fokker–Planck based particle Monte Carlo schemes have been proposed and evaluated for simulations of rarefied gas flows [1–3]. In this paper, the variance reduction for particle Monte Carlo simulations based on the Fokker–Planck model is considered. First, deviational based schemes were derived and reviewed, and it is shown that these deviational methods are not appropriate for practical Fokker–Planck based rarefied gas flow simulations. This is due to the fact that the deviational schemes considered in this study lead either to instabilities in the case of two-weight methods or to large statistical errors if the direct sampling method is applied. Motivated by this conclusion, we developed a novel scheme based on correlated stochastic processes. The main idea here is to synthesize an additional stochastic process with a known solution, which is simultaneously solved together with the main one. By correlating the two processes, the statistical errors can dramatically be reduced; especially for low Mach numbers. To assess the methods, homogeneous relaxation, planar Couette and lid-driven cavity flows were considered. For these test cases, it could be demonstrated that variance reduction based on parallel processes is very robust and effective.

  13. An Energy-Efficient Game-Theory-Based Spectrum Decision Scheme for Cognitive Radio Sensor Networks.

    PubMed

    Salim, Shelly; Moh, Sangman

    2016-06-30

    A cognitive radio sensor network (CRSN) is a wireless sensor network in which sensor nodes are equipped with cognitive radio. In this paper, we propose an energy-efficient game-theory-based spectrum decision (EGSD) scheme for CRSNs to prolong the network lifetime. Note that energy efficiency is the most important design consideration in CRSNs because it determines the network lifetime. The central part of the EGSD scheme consists of two spectrum selection algorithms: random selection and game-theory-based selection. The EGSD scheme also includes a clustering algorithm, spectrum characterization with a Markov chain, and cluster member coordination. Our performance study shows that EGSD outperforms the existing popular framework in terms of network lifetime and coordination overhead.

  14. Aeromonas hydrophila typing scheme based on patterns of agglutination with erythrocytes and yeast cells.

    PubMed Central

    Adams, D; Atkinson, H M; Woods, W H

    1983-01-01

    An agglutination typing scheme has been developed for strains of Aeromonas hydrophila. Primary agglutination typing is based on testing agar-grown A. hydrophila cells with human, horse, rat, and guinea pig erythrocytes and Saccharomyces cerevisiae cells. Further subdivision of primary groups is based firstly on whether yeast cell agglutination is inhibited by a D-mannose polymer, yeast mannan, and secondly on patterns of inhibition of hemagglutination by yeast mannan and the monomeric sugars L-fucose, D-galactose, and D-mannose. A total of 320 isolates were tested, and these were divisible into 39 distinct types on the basis of this scheme. Application of this typing scheme in the future to isolates of A. hydrophila known to be associated with human infection may enable correlations to be made between particular agglutination types and human pathogenicity. PMID:6841579

  15. A joint JPEG2000 compression and watermarking system using a TCQ-based quantization scheme

    NASA Astrophysics Data System (ADS)

    Goudia, D.; Chaumont, M.; Puech, W.; Hadj Said, N.

    2011-01-01

    In this paper, we describe a Trellis Coded Quantization (TCQ)-based quantization and watermarking technique in the framework of JPEG2000 still image compression. Furthermore, we investigate the design of a novel joint compression and watermarking scheme based on a hybrid TCQ module which can perform at the same time quantization and watermark embedding. The watermark extraction process can be achieved both during and after image decompression. Another advantage is the lower complexity of the system because the quantization stage is used for both compression and watermarking purposes. Experimental results have demonstrated that the proposed joint scheme successfully survives JPEG2000 compression with minimal degradation of the image quality. We also studied the robustness of the scheme against gaussian filtering attack, gaussian noise attack, valumetric attack and jpeg attack.

  16. An Energy-Efficient Game-Theory-Based Spectrum Decision Scheme for Cognitive Radio Sensor Networks

    PubMed Central

    Salim, Shelly; Moh, Sangman

    2016-01-01

    A cognitive radio sensor network (CRSN) is a wireless sensor network in which sensor nodes are equipped with cognitive radio. In this paper, we propose an energy-efficient game-theory-based spectrum decision (EGSD) scheme for CRSNs to prolong the network lifetime. Note that energy efficiency is the most important design consideration in CRSNs because it determines the network lifetime. The central part of the EGSD scheme consists of two spectrum selection algorithms: random selection and game-theory-based selection. The EGSD scheme also includes a clustering algorithm, spectrum characterization with a Markov chain, and cluster member coordination. Our performance study shows that EGSD outperforms the existing popular framework in terms of network lifetime and coordination overhead. PMID:27376290

  17. Lighten Encryption Schemes for Secure and Private RFID Systems

    NASA Astrophysics Data System (ADS)

    Canard, Sébastien; Coisel, Iwen; Etrog, Jonathan

    We provide several concrete implementations of a generic method given by Vaudenay to construct secure privacy-preserving RFID authentication and identification systems. More precisely, we give the first instantiation of the Vaudenay's result by using the IND-CCA secure DHAES cryptosystem. Next we argue that weaker cryptosystems can also be used by recalling the WIPR RFID system and giving a new protocol based on the El Gamal encryption scheme. After that, we introduce a new generic construction based on the use of any IND-CPA secure public key cryptosystem together with a MAC scheme and describe a possibility using the Hash El Gamal cryptosystem. We finally compare all these schemes, both in terms of implementation and security, proving that, nowadays the DHAES and our Hash El Gamal based solutions appear as the most promising schemes.

  18. Developing (Authentic?) Academic Writers

    ERIC Educational Resources Information Center

    Badley, Graham

    2008-01-01

    Purpose: This paper seeks to consider whether the notion of authenticity is useful or meaningful in the context of developing academics as writers. Design/methodology/approach: The approach taken is that of a reflective essay. Recent texts on authenticity in higher education are examined whilst a transactional theory of writing is also considered…

  19. Decolonizing Researcher Authenticity

    ERIC Educational Resources Information Center

    Daza, Stephanie Lynn

    2008-01-01

    This article examines the ways in which researcher authenticity is negotiated along three axes of difference, ethno-linguistic affiliation, sexual orientation and race/skin color. Ultimately, it analyzes how researcher authenticity is produced and played out within research, via interactions between participants, researchers and others who…

  20. Complete M-Level Quantum Teleportation Based on Kossakowski-Ohya Scheme

    NASA Astrophysics Data System (ADS)

    Asano, M.; Ohya, M.; Tanaka, Y.

    2009-02-01

    In many models of perfect teleportation, maximum entangled states are usually used as resources. Kossakowski and Ohya showed that a linear teleportation map is defined mathematically even if a non-maximum entangled state is postulated. Based on K-O scheme, we design a perfect teleportation model by means of non-maximal entangled state.

  1. Optical information authentication using compressed double-random-phase-encoded images and quick-response codes.

    PubMed

    Wang, Xiaogang; Chen, Wen; Chen, Xudong

    2015-03-09

    In this paper, we develop a new optical information authentication system based on compressed double-random-phase-encoded images and quick-response (QR) codes, where the parameters of optical lightwave are used as keys for optical decryption and the QR code is a key for verification. An input image attached with QR code is first optically encoded in a simplified double random phase encoding (DRPE) scheme without using interferometric setup. From the single encoded intensity pattern recorded by a CCD camera, a compressed double-random-phase-encoded image, i.e., the sparse phase distribution used for optical decryption, is generated by using an iterative phase retrieval technique with QR code. We compare this technique to the other two methods proposed in literature, i.e., Fresnel domain information authentication based on the classical DRPE with holographic technique and information authentication based on DRPE and phase retrieval algorithm. Simulation results show that QR codes are effective on improving the security and data sparsity of optical information encryption and authentication system.

  2. Fast polarization-state tracking scheme based on radius-directed linear Kalman filter.

    PubMed

    Yang, Yanfu; Cao, Guoliang; Zhong, Kangping; Zhou, Xian; Yao, Yong; Lau, Alan Pak Tao; Lu, Chao

    2015-07-27

    We propose and experimentally demonstrate a fast polarization tracking scheme based on radius-directed linear Kalman filter. It has the advantages of fast convergence and is inherently insensitive to phase noise and frequency offset effects. The scheme is experimentally compared to conventional polarization tracking methods on the polarization rotation angular frequency. The results show that better tracking capability with more than one order of magnitude improvement is obtained in the cases of polarization multiplexed QPSK and 16QAM signals. The influences of the filter tuning parameters on tracking performance are also investigated in detail.

  3. A Signcryption-based Secure Localization Scheme in Wireless Sensor Networks

    NASA Astrophysics Data System (ADS)

    Zhang, Ting; He, Jingsha; Li, Xiaohui; Wei, Qian

    Localization technology in wireless sensor networks has great significance for theoretical study and practical applications. However, most current localization schemes have failed to pay enough attention to security issues. In this paper, we propose a novel secure localization algorithm named signcryption-based secure localization scheme (SSLS) that allows sensors to ensure the confidentiality and integrity of their location information. Analysis shows that SSLS can enhance the security and robustness of localization through the signcryption mechanism while simulation results help to verify the performance of SSLS in that distance measurement errors can be limited within a small range.

  4. Bar-HRM for Authentication of Plant-Based Medicines: Evaluation of Three Medicinal Products Derived from Acanthaceae Species.

    PubMed

    Osathanunkul, Maslin; Madesis, Panagiotis; de Boer, Hugo

    2015-01-01

    Medicinal plants are used as a popular alternative to synthetic drugs, both in developed and developing countries. The economic importance of the herbal and natural supplement industry is increasing every year. As the herbal industry grows, consumer safety is one issue that cannot be overlooked. Herbal products in Thai local markets are commonly sold without packaging or labels. Plant powders are stored in large bags or boxes, and therefore buying local herbal products poses a high risk of acquiring counterfeited, substituted and/or adulterated products. Due to these issues, a reliable method to authenticate products is needed. Here DNA barcoding was used in combination with High Resolution Melting analysis (Bar-HRM) to authenticate three medicinal Acanthaceae species (Acanthus ebracteatus, Andrographis paniculata and Rhinacanthus nasutus) commonly used in Thailand. The rbcL barcode was selected for use in primers design for HRM analysis to produce standard melting profiles of the selected species. Melting data from the HRM assay using the designed rbcL primers showed that the three chosen species could be distinguished from each other. HRM curves of all fifteen test samples indicated that three of tested products did not contain the indicated species. Two closely related species (A. paniculata and R. nasutus), which have a high level of morphological similarity, were interchanged with one another in three tested products. Incorrect information on packaging and labels of the tested herbal products was the cause of the results shown here. Morphological similarity among the species of interest also hindered the collection process. The Bar-HRM method developed here proved useful in aiding in the identification and authentication of herbal species in processed samples. In the future, species authentication through Bar-HRM could be used to promote consumer trust, as well as raising the quality of herbal products.

  5. Bar-HRM for Authentication of Plant-Based Medicines: Evaluation of Three Medicinal Products Derived from Acanthaceae Species

    PubMed Central

    Osathanunkul, Maslin; Madesis, Panagiotis; de Boer, Hugo

    2015-01-01

    Medicinal plants are used as a popular alternative to synthetic drugs, both in developed and developing countries. The economic importance of the herbal and natural supplement industry is increasing every year. As the herbal industry grows, consumer safety is one issue that cannot be overlooked. Herbal products in Thai local markets are commonly sold without packaging or labels. Plant powders are stored in large bags or boxes, and therefore buying local herbal products poses a high risk of acquiring counterfeited, substituted and/or adulterated products. Due to these issues, a reliable method to authenticate products is needed. Here DNA barcoding was used in combination with High Resolution Melting analysis (Bar-HRM) to authenticate three medicinal Acanthaceae species (Acanthus ebracteatus, Andrographis paniculata and Rhinacanthus nasutus) commonly used in Thailand. The rbcL barcode was selected for use in primers design for HRM analysis to produce standard melting profiles of the selected species. Melting data from the HRM assay using the designed rbcL primers showed that the three chosen species could be distinguished from each other. HRM curves of all fifteen test samples indicated that three of tested products did not contain the indicated species. Two closely related species (A. paniculata and R. nasutus), which have a high level of morphological similarity, were interchanged with one another in three tested products. Incorrect information on packaging and labels of the tested herbal products was the cause of the results shown here. Morphological similarity among the species of interest also hindered the collection process. The Bar-HRM method developed here proved useful in aiding in the identification and authentication of herbal species in processed samples. In the future, species authentication through Bar-HRM could be used to promote consumer trust, as well as raising the quality of herbal products. PMID:26011474

  6. Spectral phase-based automatic calibration scheme for swept source-based optical coherence tomography systems

    NASA Astrophysics Data System (ADS)

    Ratheesh, K. M.; Seah, L. K.; Murukeshan, V. M.

    2016-11-01

    The automatic calibration in Fourier-domain optical coherence tomography (FD-OCT) systems allows for high resolution imaging with precise depth ranging functionality in many complex imaging scenarios, such as microsurgery. However, the accuracy and speed of the existing automatic schemes are limited due to the functional approximations and iterative operations used in their procedures. In this paper, we present a new real-time automatic calibration scheme for swept source-based optical coherence tomography (SS-OCT) systems. The proposed automatic calibration can be performed during scanning operation and does not require an auxiliary interferometer for calibration signal generation and an additional channel for its acquisition. The proposed method makes use of the spectral component corresponding to the sample surface reflection as the calibration signal. The spectral phase function representing the non-linear sweeping characteristic of the frequency-swept laser source is determined from the calibration signal. The phase linearization with improved accuracy is achieved by normalization and rescaling of the obtained phase function. The fractional-time indices corresponding to the equidistantly spaced phase intervals are estimated directly from the resampling function and are used to resample the OCT signals. The proposed approach allows for precise calibration irrespective of the path length variation induced by the non-planar topography of the sample or galvo scanning. The conceived idea was illustrated using an in-house-developed SS-OCT system by considering the specular reflection from a mirror and other test samples. It was shown that the proposed method provides high-performance calibration in terms of axial resolution and sensitivity without increasing computational and hardware complexity.

  7. Adapting a successful inquiry-based immersion program to create an Authentic, Hands- on, Field based Curriculum in Environmental Science at Barnard College

    NASA Astrophysics Data System (ADS)

    Kenna, T. C.; Pfirman, S.; Mailloux, B. J.; Martin, S.; Kelsey, R.; Bower, P.

    2008-12-01

    Adapting a successful inquiry-based immersion program to create an Authentic, Hands-on, Field based Curriculum in Environmental Science at Barnard College T. C. Kenna, S. Pfirman, B. J. Mailloux, M. Stute, R. Kelsey, and P. Bower By adapting a successful inquiry-based immersion program (SEA semester) to the typical college format of classes, we are improving the technical and quantitative skills of undergraduate women and minorities in environmental science and improving their critical thinking and problem-solving by exposing our students to open-ended real-world environmental issues. Our approach uses the Hudson River Estuary as a natural laboratory. In a series of hands-on inquiry-based activities, students use advanced equipment to collect data and samples. Each class session introduces new analytical and data analysis techniques. All classes have the connecting theme of the river. Working with real data is open-ended. Our major findings as indicated by surveys as well as journaling throughout the semester are that the field- based experience significantly contributed to student learning and engagement. Journaling responses indicated that nearly all students discussed the importance and excitement of an authentic research experience. Some students were frustrated with data irregularities, uncertainty in methods and data, and the general challenge of a curriculum with inherent ambiguity. The majority were satisfied with the aims of the course to provide an integrative experience. All students demonstrated transfer of learned skills. This project has had a significant impact on our undergraduate female students: several students have pursued senior thesis projects stemming from grant activities, stating that the field activities were the highlight of their semester. Some students love the experience and want more. Others decide that they want to pursue a different career. All learn how science is conducted and have a better foundation to understand concepts such

  8. Quantum-secret-sharing scheme based on local distinguishability of orthogonal multiqudit entangled states

    NASA Astrophysics Data System (ADS)

    Wang, Jingtao; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2017-02-01

    In this study, we propose the concept of judgment space to investigate the quantum-secret-sharing scheme based on local distinguishability (called LOCC-QSS). Because of the proposing of this conception, the property of orthogonal mutiqudit entangled states under restricted local operation and classical communication (LOCC) can be described more clearly. According to these properties, we reveal that, in the previous (k ,n )-threshold LOCC-QSS scheme, there are two required conditions for the selected quantum states to resist the unambiguous attack: (i) their k -level judgment spaces are orthogonal, and (ii) their (k -1 )-level judgment spaces are equal. Practically, if k scheme), it is very difficult to satisfy the two conditions simultaneously. In the current study, we further establish a simple encoding method, which can concurrently ease the selection of quantum states and ensure the scheme's security, i.e., even if the (k -1 )-level judgment spaces of the selected quantum states are not equal, these states can still be used for defeating the unambiguous attack. With this encoding method, we propose a more secure (k ,n )-threshold LOCC-QSS scheme, and give two specific examples for illustration.

  9. Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

    NASA Astrophysics Data System (ADS)

    Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

    The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

  10. A New Optical Scheme for a Polarimetric-Based Glucose Sensor

    NASA Technical Reports Server (NTRS)

    Ansari, Rafat R.; Boeckle, Stefan; Rovati, Luigi; Salzman, Jack A. (Technical Monitor)

    2002-01-01

    We describe a new optical scheme to perform polarimetric measurements to detect glucose concentration in the aqueous humor of a model eye. The ultimate aim is to apply this technique in designing a new instrument for measuring glucose levels in diabetic patients routinely, frequently, and non-invasively. The scheme exploits the Brewsterreflection of circularly polarized light off of the lens of the eye. Theoretically, this backreflected linearly polarized light on its way to the detector is expected to rotate its state of polarization due to the presence of glucose molecules in the aqueous humor of patients. An experimental laboratory setup based on this scheme was designed and tested by measuring a range of known concentration of glucose solutions dissolved in water.

  11. An adaptive scaling and biasing scheme for OFDM-based visible light communication systems.

    PubMed

    Wang, Zhaocheng; Wang, Qi; Chen, Sheng; Hanzo, Lajos

    2014-05-19

    Orthogonal frequency-division multiplexing (OFDM) has been widely used in visible light communication systems to achieve high-rate data transmission. Due to the nonlinear transfer characteristics of light emitting diodes (LEDs) and owing the high peak-to-average-power ratio of OFDM signals, the transmitted signal has to be scaled and biased before modulating the LEDs. In this contribution, an adaptive scaling and biasing scheme is proposed for OFDM-based visible light communication systems, which fully exploits the dynamic range of the LEDs and improves the achievable system performance. Specifically, the proposed scheme calculates near-optimal scaling and biasing factors for each specific OFDM symbol according to the distribution of the signals, which strikes an attractive trade-off between the effective signal power and the clipping-distortion power. Our simulation results demonstrate that the proposed scheme significantly improves the performance without changing the LED's emitted power, while maintaining the same receiver structure.

  12. Two-out-of-two color matching based visual cryptography schemes.

    PubMed

    Machizaud, Jacques; Fournel, Thierry

    2012-09-24

    Visual cryptography which consists in sharing a secret message between transparencies has been extended to color prints. In this paper, we propose a new visual cryptography scheme based on color matching. The stacked printed media reveal a uniformly colored message decoded by the human visual system. In contrast with the previous color visual cryptography schemes, the proposed one enables to share images without pixel expansion and to detect a forgery as the color of the message is kept secret. In order to correctly print the colors on the media and to increase the security of the scheme, we use spectral models developed for color reproduction describing printed colors from an optical point of view.

  13. LMIP/AAA: Local Authentication, Authorization and Accounting (AAA) Protocol for Mobile IP

    NASA Astrophysics Data System (ADS)

    Chenait, Manel

    Mobile IP represents a simple and scalable global mobility solution. However, it inhibits various vulnerabilities to malicious attacks and, therefore, requires the integration of appropriate security services. In this paper, we discuss two authentication schemes suggested for Mobile IP: standard authentication and Mobile IP/AAA authentication. In order to provide Mobile IP roaming services including identity verication, we propose an improvement to Mobile/AAA authentication scheme by applying a local politic key management in each domain, hence we reduce hando latency by avoiding the involvement of AAA infrastructure during mobile node roaming.

  14. Data Authentication Demonstration for Radionuclide Stations

    SciTech Connect

    Harris, Mark; Herrington, Pres; Miley, Harry; Ellis, J. Edward; McKinnon, David; St. Pierre, Devon

    1999-08-03

    Data authentication is required for certification of sensor stations in the International Monitoring System (IMS). Authentication capability has been previously demonstrated for continuous waveform stations (seismic and infrasound). This paper addresses data surety for the radionuclide stations in the IMS, in particular the Radionuclide Aerosol Sampler/Analyzer (RASA) system developed by Pacific Northwest National Laboratory (PNNL). Radionuclide stations communicate data by electronic mail using formats defined in IMS 1.0, Formats and Protocols for Messages. An open message authentication standard exists, called S/MIME (Secure/Multipurpose Internet Mail Extensions), which has been proposed for use with all IMS radionuclide station message communications. This standard specifies adding a digital signature and public key certificate as a MIME attachment to the e-mail message. It is advantageous because it allows authentication to be added to all IMS 1.0 messages in a standard format and is commercially supported in e-mail software. For command and control, the RASA system uses a networked Graphical User Interface (GUI) based upon Common Object Request Broker Architecture (CORBA) communications, which requires special authentication procedures. The authors have modified the RASA system to meet CTBTO authentication guidelines, using a FORTEZZA card for authentication functions. They demonstrated signing radionuclide data messages at the RASA, then sending, receiving, and verifying the messages at a data center. They demonstrated authenticating command messages and responses from the data center GUI to the RASA. Also, the particular authentication system command to change the private/public key pair and retrieve the new public key was demonstrated. This work shows that data surety meeting IMS guidelines may be immediately applied to IMS radionuclide systems.

  15. A study of the spreading scheme for viral marketing based on a complex network model

    NASA Astrophysics Data System (ADS)

    Yang, Jianmei; Yao, Canzhong; Ma, Weicheng; Chen, Guanrong

    2010-02-01

    Buzzword-based viral marketing, known also as digital word-of-mouth marketing, is a marketing mode attached to some carriers on the Internet, which can rapidly copy marketing information at a low cost. Viral marketing actually uses a pre-existing social network where, however, the scale of the pre-existing network is believed to be so large and so random, so that its theoretical analysis is intractable and unmanageable. There are very few reports in the literature on how to design a spreading scheme for viral marketing on real social networks according to the traditional marketing theory or the relatively new network marketing theory. Complex network theory provides a new model for the study of large-scale complex systems, using the latest developments of graph theory and computing techniques. From this perspective, the present paper extends the complex network theory and modeling into the research of general viral marketing and develops a specific spreading scheme for viral marking and an approach to design the scheme based on a real complex network on the QQ instant messaging system. This approach is shown to be rather universal and can be further extended to the design of various spreading schemes for viral marketing based on different instant messaging systems.

  16. Video compression based on enhanced EZW scheme and Karhunen-Loeve transform

    NASA Astrophysics Data System (ADS)

    Soloveyko, Olexandr M.; Musatenko, Yurij S.; Kurashov, Vitalij N.; Dubikovskiy, Vladislav A.

    2000-06-01

    The paper presents a new method for video compression based on the enhanced embedded zerotree wavelet (EZW) scheme. Recently, video codecs from the EZW family which use a 3D version of EZW or SPIHT algorithms showed better performance than the MPEG-2 compression algorithm. These algorithms have many advantages inherent for wavelet based schemes and EZW- like coders. Their most important advantages are good compression performance and scalability. However, they still allow improvement in several ways. First, as we recently showed, using Karhunen-Loeve (KL) transform instead of wavelet transform along the time axis improves compression ratio. Second, instead of the 3D EZW quantization scheme, we offer to use a convenient 2D quantization for every decorrelated frame adding one symbol `Strong Zero Tree', which means that every frame from a chosen set has a zero tree in the same location. The suggested compression algorithm based on KL transform, wavelet transform, and a new quantization scheme with strong zerotrees is free from some drawbacks of the plain 3D EZW codec. The presented codec shows 1 - 6 dB better results compared to the MPEG-2 compression algorithm on video sequences with small and medium motion.

  17. Multiscale deep drawing analysis of dual-phase steels using grain cluster-based RGC scheme

    NASA Astrophysics Data System (ADS)

    Tjahjanto, D. D.; Eisenlohr, P.; Roters, F.

    2015-06-01

    Multiscale modelling and simulation play an important role in sheet metal forming analysis, since the overall material responses at macroscopic engineering scales, e.g. formability and anisotropy, are strongly influenced by microstructural properties, such as grain size and crystal orientations (texture). In the present report, multiscale analysis on deep drawing of dual-phase steels is performed using an efficient grain cluster-based homogenization scheme. The homogenization scheme, called relaxed grain cluster (RGC), is based on a generalization of the grain cluster concept, where a (representative) volume element consists of p  ×  q  ×  r (hexahedral) grains. In this scheme, variation of the strain or deformation of individual grains is taken into account through the, so-called, interface relaxation, which is formulated within an energy minimization framework. An interfacial penalty term is introduced into the energy minimization framework in order to account for the effects of grain boundaries. The grain cluster-based homogenization scheme has been implemented and incorporated into the advanced material simulation platform DAMASK, which purposes to bridge the macroscale boundary value problems associated with deep drawing analysis to the micromechanical constitutive law, e.g. crystal plasticity model. Standard Lankford anisotropy tests are performed to validate the model parameters prior to the deep drawing analysis. Model predictions for the deep drawing simulations are analyzed and compared to the corresponding experimental data. The result shows that the predictions of the model are in a very good agreement with the experimental measurement.

  18. Multiview-based computer-aided detection scheme for breast masses

    SciTech Connect

    Zheng Bin; Leader, Joseph K.; Abrams, Gordon S.; Lu, Amy H.; Wallace, Luisa P.; Maitz, Glenn S.; Gur, David

    2006-09-15

    In this study, we developed and tested a new multiview-based computer-aided detection (CAD) scheme that aims to maintain the same case-based sensitivity level as a single-image-based scheme while substantially increasing the number of masses being detected on both ipsilateral views. An image database of 450 four-view examinations (1800 images) was assembled. In this database, 250 cases depicted malignant masses, of which 236 masses were visible on both views and 14 masses were visible only on one view. First, we detected suspected mass regions depicted on each image in the database using a single-image-based CAD. For each identified region (with detection score{>=}0.55), we then identified a matching strip of interest on the ipsilateral view based on the projected distance to the nipple along the centerline. By lowering CAD operating threshold inside the matching strip, we searched for a region located inside the strip and paired it with the original region. A multifeature-based artificial neural network scored the likelihood of the paired ''matched'' regions representing true-positive masses. All single (unmatched) regions except for those either with very high detection scores ({>=}0.85) or those located near the chest wall that cannot be matched on the other view were discarded. The original single-image-based CAD scheme detected 186 masses (74.4% case-based sensitivity) and 593 false-positive regions. Of the 186 identified masses, 91 were detected on two views (48.9%) and 95 were detected only on one view (51.1%). Of the false-positive detections, 54 were paired on the ipsilateral view inside the corresponding matching strips and the remaining 485 were not, which represented 539 case-based false-positive detections (0.3 per image). Applying the multiview-based CAD scheme, the same case-based sensitivity was maintained while cueing 169 of 186 masses (90.9%) on both views and at the same time reducing the case-based false-positive detection rate by 23.7% (from

  19. Authenticity and Constructivism in Education

    ERIC Educational Resources Information Center

    Splitter, Laurance J.

    2009-01-01

    This paper examines the concept of authenticity and its relevance in education, from a philosophical perspective. Under the heading of educational authenticity (EA), I critique Fred Newmann's views on authentic pedagogy and intellectual work. I argue against the notion that authentic engagement is usefully analyzed in terms of a relationship…

  20. A novel chaos-based bit-level permutation scheme for digital image encryption

    NASA Astrophysics Data System (ADS)

    Fu, Chong; Lin, Bin-bin; Miao, Yu-sheng; Liu, Xiao; Chen, Jun-jie

    2011-11-01

    Confidentiality is an important issue when digital images are transmitted over public networks, and encryption is the most useful technique employed for this purpose. Image encryption is somehow different from text encryption due to some inherent features of image such as bulk data capacity and high correlation among pixels, which are generally difficult to handle by conventional algorithms. Recently, chaos-based encryption has suggested a new and efficient way to deal with the intractable problems of fast and highly secure image encryption. This paper proposes a novel chaos-based bit-level permutation scheme for secure and efficient image cipher. To overcome the drawbacks of conventional permutation-only type image cipher, the proposed scheme introduced a significant diffusion effect in permutation procedure through a two-stage bit-level shuffling algorithm. The two-stage permutation operations are realized by chaotic sequence sorting algorithm and Arnold Cat map, respectively. Results of various types of analysis are interesting and indicate that the security level of the new scheme is competitive with that of permutation-diffusion type image cipher, while the computational complexity is much lower. Therefore the new scheme is a good candidate for real-time secure image communication applications.