Science.gov

Sample records for graphical password authentication

  1. Enhanced visual secret sharing for graphical password authentication

    NASA Astrophysics Data System (ADS)

    Rajendra, A. B.; Sheshadri, H. S.

    2013-03-01

    Password is a very common and widely used authentication method to provide security to valuable data. It is desirable to make password more memorable and easier for people to use. Traditionally passwords are alphanumeric, numbers & symbols. Some problems of normal password appear like stolen the password, forgetting the password, week password. Study shows that text-based passwords suffer with both security and authentication problems. To overcome these problems, Graphical passwords have been developed. Visual secret sharing (VSS) scheme is a secret sharing scheme in which an image is converted into shares. No information can be revealed by observing any share (Dotted image). The information about the original image will be revealed only after stacking sufficient number of shares (Dotted images). In this paper, we have used XNOR operation instead of OR operation and contrast of the decrypted image is clearer than existing Enhanced Visual Secret Sharing (EVSS) scheme. Also, we are presenting new approach to authenticate graphical password image using 2-out-of-2 EVSS scheme. Which can be used to protect machines with additional security.

  2. Active Authentication: Beyond Passwords

    DTIC Science & Technology

    2011-11-18

    to include locally relevant words (vegas, defcon) in guessing algorithm Add cracked passwords as dictionary words to guessing algorithm Start with...Pattern • Knuckle Pattern • Lip Pattern • Nail bed Pattern • Nose Pattern • Oto-acoustic Emissions • Palmprint • Retina Pattern • Skin...Palmprint Knuckle Pattern Pulse Electrocardiogram Electroencephalogram Face Geometry Lip Pattern Blue may be suitable for continuous monitoring

  3. Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

    NASA Astrophysics Data System (ADS)

    Sasaki, Yu; Wang, Lei; Ohta, Kazuo; Kunihiro, Noboru

    In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

  4. Password-based authenticated key exchange scheme using smart card

    NASA Astrophysics Data System (ADS)

    Liu, Hui; Zhong, Shaojun

    2013-03-01

    A protocol that allows any two entities to negotiate a shared session key is commonly called a key exchange protocol. If the protocol provides a function to authenticate each other, we call the protocol authenticated key exchange protocol (AKE). Password authentication key exchange (PAKE) is the AKE protocol in which the two entities share a humanmemorable password. Most of current PAKE relies on the existence of a public key infrastructure, which sometime is impossible for a certain environments such as low computational device due to the computation overhead. In this paper, we propose password-based authenticated key exchange using smart card. Compared to previous PAKE, our protocol is more efficient because our protocol is based on ECC. Thereby, the proposed protocol can be well applied to low computation device.

  5. Provably Secure Password-based Authentication in TLS

    SciTech Connect

    Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier; Moeller,Bodo; Pointcheval, David

    2005-12-20

    In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.

  6. An Efficient Password Authenticated Key Exchange Protocol with Bilinear Parings

    NASA Astrophysics Data System (ADS)

    Ding, Xiaofei; Wei, Fushan; Ma, Chuangui; Chen, Shumin

    In recent years, many password authenticated key exchange (PAKE) protocols have been proposed. However, many of them have been broken or have no security proof. In this paper, we propose an efficient password authenticated key exchange protocol using bilinear pairings. Compared with previous PAKE protocol using bilinear pairings, our protocol is quite efficient both in communication cost and computational cost. Moreover, this paper proves that the novel protocol is forward secrecy under the Bilinear Diffie-Hellman (BDH) assumption in the random oracle model.

  7. A Study on User Authentication Methodology Using Numeric Password and Fingerprint Biometric Information

    PubMed Central

    Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol

    2013-01-01

    The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility. PMID:24151601

  8. A study on user authentication methodology using numeric password and fingerprint biometric information.

    PubMed

    Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol; Kwak, Jin

    2013-01-01

    The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

  9. Secure password-based authenticated key exchange for web services

    SciTech Connect

    Liang, Fang; Meder, Samuel; Chevassut, Olivier; Siebenlist, Frank

    2004-11-22

    This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options in the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.

  10. Password authentication scheme based on the quadratic residue problem

    NASA Astrophysics Data System (ADS)

    Ali, Muhammad Helmi; Ismail, Eddie Shahril

    2017-04-01

    In this paper, we propose a new password-authentication scheme based on quadratic residue problem with the following advantages: the scheme does not require a verification file, and the scheme can withstand replay attacks and resist from the guessing and impersonation attacks. We next discuss the advantages of our designated scheme over other schemes in terms of security and efficiency.

  11. nPAKE + : A Hierarchical Group Password-Authenticated Key Exchange Protocol Using Different Passwords

    NASA Astrophysics Data System (ADS)

    Wan, Zhiguo; Deng, Robert H.; Bao, Feng; Preneel, Bart

    Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a hierarchical group PAKE protocol nPAKE + protocol under the setting where each party shares an independent password with a trusted server. The nPAKE + protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(logn). Additionally, the hierarchical feature of nPAKE + enables every subgroup obtains their own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.

  12. A remote password authentication scheme for multiserver architecture using neural networks.

    PubMed

    Li, L H; Lin, L C; Hwang, M S

    2001-01-01

    Conventional remote password authentication schemes allow a serviceable server to authenticate the legitimacy of a remote login user. However, these schemes are not used for multiserver architecture environments. We present a remote password authentication scheme for multiserver environments. The password authentication system is a pattern classification system based on an artificial neural network. In this scheme, the users only remember user identity and password numbers to log in to various servers. Users can freely choose their password. Furthermore, the system is not required to maintain a verification table and can withstand the replay attack.

  13. Facelock: familiarity-based graphical authentication

    PubMed Central

    McLachlan, Jane L.; Renaud, Karen

    2014-01-01

    Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised ‘facelock’, in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (<1% success rate). Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems. PMID:25024913

  14. One-Time Password Generation and Two-Factor Authentication Using Molecules and Light.

    PubMed

    Naren, Gaowa; Li, Shiming; Andréasson, Joakim

    2017-03-02

    Herein, we report the first example of one-time password (OTP) generation and two-factor authentication (2FA) using a molecular approach. OTPs are passwords that are valid for one entry only. For the next login session, a new, different password is generated. This brings the advantage that any undesired recording of a password will not risk the security of the authentication process. Our molecular realization of the OTP generator is based on a photochromic molecular triad where the optical input required to set the triad to the fluorescent form differs depending on the initial isomeric state.

  15. Weaknesses and drawbacks of a password authentication scheme using neural networks for multiserver architecture.

    PubMed

    Ku, Wei-Chi

    2005-07-01

    In 2001, Li et al. proposed a password authentication scheme for the multiserver architecture by using a pattern classification system based on neural networks. Herein, we demonstrate that Li et al's scheme is vulnerable to an offline password guessing attack and a privileged insider's attack, and is not reparable. Additionally, we show that Li et al.'s scheme has several drawbacks in practice.

  16. Improving computer security for authentication of users: influence of proactive password restrictions.

    PubMed

    Proctor, Robert W; Lien, Mei-Ching; Vu, Kim-Phuong L; Schultz, E Eugene; Salvendy, Gavriel

    2002-05-01

    Entering a username-password combination is a widely used procedure for identification and authentication in computer systems. However, it is a notoriously weak method, in that the passwords adopted by many users are easy to crack. In an attempt to improve security, proactive password checking may be used, in which passwords must meet several criteria to be more resistant to cracking. In two experiments, we examined the influence of proactive password restrictions on the time that it took to generate an acceptable password and to use it subsequently to long in. The required length was a minimum of five characters in Experiment 1 and eight characters in Experiment 2. In both experiments, one condition had only the length restriction, and the other had additional restrictions. The additional restrictions greatly increased the time it took to generate the password but had only a small effect on the time it took to use it subsequently to long in. For the five-character passwords, 75% were cracked when no other restrictions were imposed, and this was reduced to 33% with the additional restrictions. For the eight-character passwords, 17% were cracked with no other restrictions, and 12.5% with restrictions. The results indicate that increasing the minimum character length reduces crackability and increases security, regardless of whether additional restrictions are imposed.

  17. Improved chaotic maps-based password-authenticated key agreement using smart cards

    NASA Astrophysics Data System (ADS)

    Lin, Han-Yu

    2015-02-01

    Elaborating on the security of password-based authenticated key agreement, in this paper, the author cryptanalyzes a chaotic maps-based password-authenticated key agreement proposed by Guo and Chang recently. Specifically, their protocol could not achieve strong user anonymity due to a fixed parameter and a malicious adversary is able to derive the shared session key by manipulating the property of Chebyshev chaotic maps. Additionally, the author also presents an improved scheme to eliminate the above weaknesses and still maintain the efficiency.

  18. 31 CFR 363.19 - What should I do if I become aware that my password or other form of authentication has become...

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... that my password or other form of authentication has become compromised? 363.19 Section 363.19 Money... that my password or other form of authentication has become compromised? If you become aware that your password has become compromised, that any other form of authentication has been compromised, lost,...

  19. 31 CFR 363.19 - What should I do if I become aware that my password or other form of authentication has become...

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... that my password or other form of authentication has become compromised? 363.19 Section 363.19 Money... that my password or other form of authentication has become compromised? If you become aware that your password has become compromised, that any other form of authentication has been compromised, lost,...

  20. 31 CFR 363.19 - What should I do if I become aware that my password or other form of authentication has become...

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... that my password or other form of authentication has become compromised? 363.19 Section 363.19 Money... that my password or other form of authentication has become compromised? If you become aware that your password has become compromised, that any other form of authentication has been compromised, lost,...

  1. Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps.

    PubMed

    Lee, Tian-Fu; Hsiao, Chia-Hung; Hwang, Shi-Han; Lin, Tsung-Hung

    2017-01-01

    A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, which does not provide strong user anonymity and violates session key security. However, the improved scheme of Lin does not exhibit the freshness property and the validity of messages so it still fails to withstand denial-of-service and privileged-insider attacks. Additionally, a single malicious participant can predetermine the session key such that the improved scheme does not exhibit the contributory property of key agreements. This investigation discusses these weaknesses and proposes an enhanced smartcard-based password-authenticated key agreement scheme that utilizes extended chaotic maps. The session security of this enhanced scheme is based on the extended chaotic map-based Diffie-Hellman problem, and is proven in the real-or-random and the sequence of games models. Moreover, the enhanced scheme ensures the freshness of communicating messages by appending timestamps, and thereby avoids the weaknesses in previous schemes.

  2. Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps

    PubMed Central

    Lee, Tian-Fu; Hsiao, Chia-Hung; Hwang, Shi-Han

    2017-01-01

    A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, which does not provide strong user anonymity and violates session key security. However, the improved scheme of Lin does not exhibit the freshness property and the validity of messages so it still fails to withstand denial-of-service and privileged-insider attacks. Additionally, a single malicious participant can predetermine the session key such that the improved scheme does not exhibit the contributory property of key agreements. This investigation discusses these weaknesses and proposes an enhanced smartcard-based password-authenticated key agreement scheme that utilizes extended chaotic maps. The session security of this enhanced scheme is based on the extended chaotic map-based Diffie-Hellman problem, and is proven in the real-or-random and the sequence of games models. Moreover, the enhanced scheme ensures the freshness of communicating messages by appending timestamps, and thereby avoids the weaknesses in previous schemes. PMID:28759615

  3. Chaotic maps-based password-authenticated key agreement using smart cards

    NASA Astrophysics Data System (ADS)

    Guo, Cheng; Chang, Chin-Chen

    2013-06-01

    Password-based authenticated key agreement using smart cards has been widely and intensively researched. Inspired by the semi-group property of Chebyshev maps and key agreement protocols based on chaotic maps, we proposed a novel chaotic maps-based password-authenticated key agreement protocol with smart cards. In our protocol, we avoid modular exponential computing or scalar multiplication on elliptic curve used in traditional authenticated key agreement protocols using smart cards. Our analysis shows that our protocol has comprehensive characteristics and can withstand attacks, including the insider attack, replay attack, and others, satisfying essential security requirements. Performance analysis shows that our protocol can refrain from consuming modular exponential computing and scalar multiplication on an elliptic curve. The computational cost of our protocol compared with related protocols is acceptable.

  4. Simple group password-based authenticated key agreements for the integrated EPR information system.

    PubMed

    Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

    2013-04-01

    The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

  5. Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

    PubMed Central

    Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

  6. Password-only authenticated three-party key exchange with provable security in the standard model.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  7. Enhancing of a Password-Based Authentication Scheme Using Smart Cards

    NASA Astrophysics Data System (ADS)

    Lee, Youngsook; Won, Dongho

    A password based remote user authentication scheme is a two-party protocol whereby an authentication server in a distributed system confirms the identity of a remote individual logging on to the server over an untrusted, open network. This paper discusses the security of Chen et al.'s remote user authentication scheme making use of smart cards. They have recently presented an improved version of Lin, Shen, and Hwang's scheme. But, unlike their claims, in Chen et al.'s scheme, if an attacker gains access to some user's smart card and extracts the information stored in the smart card, he/she can easily find out the user's password. We show this by mounting a dictionary attack on the scheme. In addition, Chen et al.'s scheme does not support its main security goal of authenticating between a remote individual and the server. This is shown via a sever impersonation attack on the scheme. Motivated by these security flaws, we propose a more secure remote user authentication scheme that achieves both two-factor security and mutual authentication.

  8. A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks.

    PubMed

    Liu, Xin; Zhang, Ruisheng; Liu, Qidong

    2017-01-01

    Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research.

  9. A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks

    PubMed Central

    Zhang, Ruisheng; Liu, Qidong

    2017-01-01

    Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research. PMID:28135288

  10. On the security flaws in ID-based password authentication schemes for telecare medical information systems.

    PubMed

    Mishra, Dheerendra

    2015-01-01

    Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

  11. Password Authenticated Key Exchange Based on RSA in the Three-Party Settings

    NASA Astrophysics Data System (ADS)

    Dongna, E.; Cheng, Qingfeng; Ma, Chuangui

    A great deal of password authenticated key exchange (PAKE) protocols have been proposed in recent years. Most of them were based on Diffie-Hellman key exchange. While the approach of designing PAKE protocols with RSA is far from maturity and perfection. In fact, the existing PAKE protocols using RSA or other public-key cryptographic techniques provide an authenticated key exchange only between a client and a server. This paper presents a new efficient PAKE protocol using RSA in the three-party settings (3PAKE-RSA). The novel protocol can be resistant to e-residue attack and provably secure under the RSA assumption in the random oracle model.

  12. Security enhanced optical one-time password authentication method by using digital holography

    NASA Astrophysics Data System (ADS)

    Gil, Sang Keun; Jeon, Seok Hee; Jeong, Jong Rae

    2015-03-01

    We propose a new optical one-time password(OTP) authentication method by using digital holography, which enhances security strength in the cryptosystem compared to the conventional electronic OTP method. In this paper, a challenge-response optical OTP authentication based on two-factor authentication is presented by 2-step quadrature phase-shifting digital holography using orthogonal polarization, and two-way authentication is also performed using the challenge-response handshake in both directions. The ID (identification), PW (password) and OTP information are encrypted with a shared key by applying phase-shifting digital holography, and these encrypted information are verified each other by the shared key. Because the encrypted digital holograms which are transmitted to the other party are expressed as random distribution, it guards against a replay attack and results in higher security level. Optically, encrypted digital hologram in our method is Fourier transform hologram and is recorded on CCD with 256 gray-level quantized intensities. The proposed method has an advantage that it does not need a time-synchronized OTP and can be applied to various security services. Computer experiments show that the proposed method is suitable for high secure OTP authentication.

  13. A Secure Construction for Threshold Anonymous Password-Authenticated Key Exchange

    NASA Astrophysics Data System (ADS)

    Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

    At Indocrypt 2005, Viet et al., [21] have proposed an anonymous password-authenticated key exchange (PAKE) protocol and its threshold construction both of which are designed for client's password-based authentication and anonymity against a passive server, who does not deviate the protocol. In this paper, we first point out that their threshold construction is completely insecure against off-line dictionary attacks. For the threshold t > 1, we propose a secure threshold anonymous PAKE (for short, TAP) protocol with the number of clients n upper-bounded, such that n\\leq 2 \\sqrt{N-1} -1, where N is a dictionary size of passwords. We rigorously prove that the TAP protocol has semantic security of session keys in the random oracle model by showing the reduction to the computational Diffie-Hellman problem. In addition, the TAP protocol provides unconditional anonymity against a passive server. For the threshold t=1, we propose an efficient anonymous PAKE protocol that significantly improves efficiency in terms of computation costs and communication bandwidth compared to the original (not threshold) anonymous PAKE protocol [21].

  14. Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

    PubMed Central

    Xie, Qi; Hu, Bin; Dong, Na; Wong, Duncan S.

    2014-01-01

    Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS. PMID:25047235

  15. Anonymous three-party password-authenticated key exchange scheme for Telecare Medical Information Systems.

    PubMed

    Xie, Qi; Hu, Bin; Dong, Na; Wong, Duncan S

    2014-01-01

    Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.

  16. Anonymous Password-Authenticated Key Exchange: New Construction and Its Extensions

    NASA Astrophysics Data System (ADS)

    Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

    An anonymous password-authenticated key exchange (anonymous PAKE) protocol is designed to provide both password-only authentication and user anonymity against a semi-honest server, who follows the protocol honestly. Very recently, Yang and Zhang [25] have proposed a new anonymous PAKE (NAPAKE) protocol that is claimed efficient compared to the previous constructions. In this paper, we propose a very-efficient anonymous PAKE (called, VEAP) protocol that provides the most efficiency among their kinds in terms of computation and communication costs. The VEAP protocol guarantees semantic security of session keys in the random oracle model under the chosen target CDH problem, and unconditional user anonymity against a semi-honest server. If the pre-computation is allowed, both the user and the server are required to compute only one modular exponentiation, respectively. Surprisingly, this is the same computation cost of the well-known Diffie-Hellman protocol that does not provide authentication at all. In addition, we extend the VEAP protocol in two ways: the first is designed to reduce the communication costs of the VEAP protocol and the second shows that stripping off anonymity parts from the VEAP protocol results in a new PAKE protocol.

  17. Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

    SciTech Connect

    Chevassut, Olivier; Milner, Joseph; Pointcheval, David

    2008-04-21

    The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on an analysis of relevant patents in the area.

  18. Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

    NASA Astrophysics Data System (ADS)

    Xie, Qi; Hu, Bin; Chen, Ke-Fei; Liu, Wen-Hao; Tan, Xiao

    2015-11-01

    In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. Project supported by the Natural Science Foundation of Zhejiang Province, China (Grant No. LZ12F02005), the Major State Basic Research Development Program of China (Grant No. 2013CB834205), and the National Natural Science Foundation of China (Grant No. 61070153).

  19. Password-only authenticated three-party key exchange proven secure against insider dictionary attacks.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Paik, Juryon; Won, Dongho

    2014-01-01

    While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.

  20. Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks

    PubMed Central

    Nam, Junghyun; Choo, Kim-Kwang Raymond

    2014-01-01

    While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol. PMID:25309956

  1. A password-based user authentication scheme for the integrated EPR information system.

    PubMed

    Wu, Zhen-Yu; Chung, Yufang; Lai, Feipei; Chen, Tzer-Shyong

    2012-04-01

    With the rapid development of the Internet, digitization and electronic orientation are required in various applications of our daily life. For e-medicine, establishing Electronic patient records (EPRs) for all the patients has become the top issue during the last decade. Simultaneously, constructing an integrated EPR information system of all the patients is beneficial because it can provide medical institutions and the academia with most of the patients' information in details for them to make correct decisions and clinical decisions, to maintain and analyze patients' health. Also beneficial to doctors and scholars, the EPR system can give them record linkage for researches, payment audits, or other services bound to be developed and integrated into medicine. To tackle the illegal access and to prevent the information from theft during transmission over the insecure Internet, we propose a password-based user authentication scheme suitable for information integration.

  2. Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer

    NASA Astrophysics Data System (ADS)

    Mannan, Mohammad; van Oorschot, P. C.

    Keylogging and phishing attacks can extract user identity and sensitive account information for unauthorized access to users' financial accounts. Most existing or proposed solutions are vulnerable to session hijacking attacks. We propose a simple approach to counter these attacks, which cryptographically separates a user's long-term secret input from (typically untrusted) client PCs; a client PC performs most computations but has access only to temporary secrets. The user's long-term secret (typically short and low-entropy) is input through an independent personal trusted device such as a cellphone. The personal device provides a user's long-term secrets to a client PC only after encrypting the secrets using a pre-installed, "correct" public key of a remote service (the intended recipient of the secrets). The proposed protocol (MP-Auth) realizes such an approach, and is intended to safeguard passwords from keyloggers, other malware (including rootkits), phishing attacks and pharming, as well as to provide transaction security to foil session hijacking. We report on a prototype implementation of MP-Auth, and provide a comparison of web authentication techniques that use an additional factor of authentication (e.g. a cellphone, PDA or hardware token).

  3. Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing

    PubMed Central

    Fujiwara, M.; Waseda, A.; Nojima, R.; Moriai, S.; Ogata, W.; Sasaki, M.

    2016-01-01

    Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir’s (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km). PMID:27363566

  4. Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing.

    PubMed

    Fujiwara, M; Waseda, A; Nojima, R; Moriai, S; Ogata, W; Sasaki, M

    2016-07-01

    Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir's (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km).

  5. Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing

    NASA Astrophysics Data System (ADS)

    Fujiwara, M.; Waseda, A.; Nojima, R.; Moriai, S.; Ogata, W.; Sasaki, M.

    2016-07-01

    Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir’s (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km).

  6. An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.

    PubMed

    Moon, Jongho; Choi, Younsung; Kim, Jiye; Won, Dongho

    2016-03-01

    Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.

  7. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

    PubMed

    Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroaki; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

    2015-01-01

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

  8. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

    PubMed Central

    Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

    2015-01-01

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic. PMID:26580963

  9. A framework for password selection. [Password recommendations

    SciTech Connect

    De Alvare', A.M.; Schultz, E.E. Jr.

    1988-01-01

    A major problem in computer security is intrusion into systems due to compromised authentication procedures. This paper focuses on the most commonly used authentication procedure--use of passwords. We have developed a framework for a methodology to estimate the guessability of passwords. We assume that passwords are usually based on a simple rule. If someone discovers one of a series of rule-based passwords, it is easier to guess other passwords. The framework we propose is that computer security experts can conduct guessability studies on a large number of passwords which are candidates for assignment to users. People who attempt to guess what a password is can be provided with cues, such as what a password for another account in the system is or a nickname. Hit rates (the percentage of passwords correctly guessed within a limited number of attempts) can then be obtained. This method can be used to develop metrics for guessability of classes of passwords. A system manager might utilize results of guessability studies by encouraging users to avoid choosing passwords which are closely associated with account names or which have been shown to be highly vulnerable to guessing, or by not assigning passwords which are from vulnerable classes of passwords. A pilot study confirmed the feasibility of this framework. Participants were given 20 attempts to guess an eight-character password which was either a common English word or two unrelated words joined by a control character (eight characters in all). The common English word was vulnerable to guessing, but only when cues about this word were provided. Participants never guessed the other password, however, even when cues were provided. The results not only demonstrate feasibility of our framework, but also suggest guidelines for selecting passwords which are less likely to result in compromised authentication procedures. 6 refs., 1 fig.

  10. A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

    PubMed

    Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

    2013-06-01

    The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

  11. An Efficient and Provably Secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement Protocol with Smart Cards

    NASA Astrophysics Data System (ADS)

    Jin, Wenting; Xu, Jing

    Cross-realm client-to-client password-authenticated key agreement (C2C-PAKA) protocols provide an authenticated key exchange between two clients of different realms, who only share their passwords with their own servers. Recently, several such cross-realm C2C-PAKA protocols have been suggested in the private-key (symmetric) setting, but all of these protocols are found to be vulnerable to password-compromise impersonation attacks. In this paper, we propose our innovative C2C- PAKA-SC protocol in which smart cards are first utilized in the cross-realm setting so that it can resist all types of common attacks including password-compromise impersonation attacks and provide improved efficiency. Moveover, we modify the original formal security model to adapt our proposed protocol and present a corresponding security proof.

  12. Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

    PubMed

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Xie, Dong; Yang, Yixian

    2015-06-01

    The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

  13. A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

    PubMed

    Das, Ashok Kumar

    2015-03-01

    An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

  14. An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity

    PubMed Central

    Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

    2016-01-01

    User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.’s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.’s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance. PMID:27101305

  15. An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity.

    PubMed

    Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

    2016-01-01

    User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.'s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.'s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance.

  16. 31 CFR 363.19 - What should I do if I become aware that my password or other form of authentication has become...

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 31 Money and Finance: Treasury 2 2014-07-01 2014-07-01 false What should I do if I become aware that my password or other form of authentication has become compromised? 363.19 Section 363.19 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) FISCAL SERVICE, DEPARTMENT...

  17. 31 CFR 363.19 - What should I do if I become aware that my password or other form of authentication has become...

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 31 Money and Finance:Treasury 2 2011-07-01 2011-07-01 false What should I do if I become aware that my password or other form of authentication has become compromised? 363.19 Section 363.19 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) FISCAL SERVICE, DEPARTMENT...

  18. Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

    PubMed

    Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

    2016-10-01

    Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security

  19. The Password Problem

    SciTech Connect

    Walkup, Elizabeth

    2016-06-01

    Passwords are an ubiquitous, established part of the Internet today, but they are also a huge security headache. Single sign-on, OAuth, and password managers are some of the solutions to this problem. OAuth is a new, popular method that allows people to use large, common authentication providers for many web applications. However, it comes at the expense of some privacy: OAuth makes users easy to track across websites, applications, and devices. Password managers put the power in the hands of the users, but this vulnerability survey reveals that you have to be extremely careful which program you choose. All in all, password managers are the solution of choice for home users and small organizations, but large companies will probably want to invest in their own SSO solutions.

  20. An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

    PubMed

    Das, Ashok Kumar; Bruhadeshwar, Bezawada

    2013-10-01

    Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

  1. An efficient biometric and password-based remote user authentication using smart card for Telecare Medical Information Systems in multi-server environment.

    PubMed

    Maitra, Tanmoy; Giri, Debasis

    2014-12-01

    The medical organizations have introduced Telecare Medical Information System (TMIS) to provide a reliable facility by which a patient who is unable to go to a doctor in critical or urgent period, can communicate to a doctor through a medical server via internet from home. An authentication mechanism is needed in TMIS to hide the secret information of both parties, namely a server and a patient. Recent research includes patient's biometric information as well as password to design a remote user authentication scheme that enhances the security level. In a single server environment, one server is responsible for providing services to all the authorized remote patients. However, the problem arises if a patient wishes to access several branch servers, he/she needs to register to the branch servers individually. In 2014, Chuang and Chen proposed an remote user authentication scheme for multi-server environment. In this paper, we have shown that in their scheme, an non-register adversary can successfully logged-in into the system as a valid patient. To resist the weaknesses, we have proposed an authentication scheme for TMIS in multi-server environment where the patients can register to a root telecare server called registration center (RC) in one time to get services from all the telecare branch servers through their registered smart card. Security analysis and comparison shows that our proposed scheme provides better security with low computational and communication cost.

  2. A Security Solution for IEEE 802.11's Ad-hoc Mode:Password-Authentication and Group Diffie-Hellman Key Exchange

    SciTech Connect

    Emmanuel, Bresson; Olivier, Chevassut; David, Pointcheval

    2005-10-01

    The IEEE 802 standards ease the deployment of networkinginfrastructures and enable employers to accesscorporate networks whiletraveling. These standards provide two modes of communication calledinfrastructure and ad-hoc modes. A security solution for the IEEE802.11's infrastructure mode took several years to reach maturity andfirmware are still been upgraded, yet a solution for the ad-hoc modeneeds to be specified. The present paper is a first attempt in thisdirection. It leverages the latest developments in the area ofpassword-based authentication and (group) Diffie-Hellman key exchange todevelop a provably-secure key-exchange protocol for IEEE 802.11's ad-hocmode. The protocol allows users to securely join and leave the wirelessgroup at time, accommodates either a single-shared password orpairwise-shared passwords among the group members, or at least with acentral server; achieves security against dictionary attacks in theideal-hash model (i.e. random-oracles). This is, to the best of ourknowledge, the first such protocol to appear in the cryptographicliterature.

  3. Strong Password-Based Authentication in TLS Using the Three-PartyGroup Diffie-Hellman Protocol

    SciTech Connect

    Abdalla, Michel; Bresson, Emmanuel; Chevassut, Olivier; Moeller,Bodo; Pointcheval, David

    2006-08-26

    The Internet has evolved into a very hostile ecosystem where"phishing'' attacks are common practice. This paper shows that thethree-party group Diffie-Hellman key exchange can help protect againstthese attacks. We have developed a suite of password-based cipher suitesfor the Transport Layer Security (TLS) protocol that are not onlyprovably secure but also assumed to be free from patent and licensingrestrictions based on an analysis of relevant patents in thearea.

  4. Are Password Management Applications Viable? An Analysis of User Training and Reactions

    ERIC Educational Resources Information Center

    Ciampa, Mark

    2011-01-01

    Passwords have the distinction of being the most widely-used form of authentication--and the most vulnerable. With the dramatic increase today in the number of accounts that require passwords, overwhelmed users usually resort to creating weak passwords or reusing the same password for multiple accounts, thus making passwords the weakest link in…

  5. A proactive password checker

    NASA Technical Reports Server (NTRS)

    Bishop, Matt

    1990-01-01

    Password selection has long been a difficult issue; traditionally, passwords are either assigned by the computer or chosen by the user. When the computer does the assignment, the passwords are often hard to remember; when the user makes the selection, the passwords are often easy to guess. This paper describes a technique, and a mechanism, to allow users to select passwords which to them are easy to remember but to others would be very difficult to guess. The technique is site, user, and group compatible, and allows rapid changing of constraints imposed upon the password. Although experience with this technique is limited, it appears to have much promise.

  6. Authentication systems for securing clinical documentation workflows. A systematic literature review.

    PubMed

    Schwartze, J; Haarbrandt, B; Fortmeier, D; Haux, R; Seidel, C

    2014-01-01

    Integration of electronic signatures embedded in health care processes in Germany challenges health care service and supply facilities. The suitability of the signature level of an eligible authentication procedure is confirmed for a large part of documents in clinical practice. However, the concrete design of such a procedure remains unclear. To create a summary of usable user authentication systems suitable for clinical workflows. A Systematic literature review based on nine online bibliographic databases. Search keywords included authentication, access control, information systems, information security and biometrics with terms user authentication, user identification and login in title or abstract. Searches were run between 7 and 12 September 2011. Relevant conference proceedings were searched manually in February 2013. Backward reference search of selected results was done. Only publications fully describing authentication systems used or usable were included. Algorithms or purely theoretical concepts were excluded. Three authors did selection independently. DATA EXTRACTION AND ASSESSMENT: Semi-structured extraction of system characteristics was done by the main author. Identified procedures were assessed for security and fulfillment of relevant laws and guidelines as well as for applicability. Suitability for clinical workflows was derived from the assessments using a weighted sum proposed by Bonneau. Of 7575 citations retrieved, 55 publications meet our inclusion criteria. They describe 48 different authentication systems; 39 were biometric and nine graphical password systems. Assessment of authentication systems showed high error rates above European CENELEC standards and a lack of applicability of biometric systems. Graphical passwords did not add overall value compared to conventional passwords. Continuous authentication can add an additional layer of safety. Only few systems are suitable partially or entirely for use in clinical processes. Suitability

  7. A New Advanced User Authentication and Confidentiality Security Service

    NASA Astrophysics Data System (ADS)

    Majumder, Sanjay; Chakraborty, Sanjay; Das, Suman

    2014-05-01

    Network & internet security is the burning question of today's world and they are deeply related to each other for secure successful data transmission. Network security approach is totally based on the concept of network security services. In this paper, a new system of network security service is implemented which is more secure than conventional network security services. This technique is mainly deals with two essential network security services, one is user authentication and other is data confidentiality. For user authentication this paper introduces Graphical Username & Voice Password approaches which provides better security than conventional username & password authentication process. In data confidentiality section this paper introduces two layer private key for both message encryption & decryption which is mainly applicable on 8 bit plain text data. This paper also provides the hints of introducing other two network security services (integrity and non-repudiation) as a future work.

  8. Survey of User Authentication Mechanisms.

    DTIC Science & Technology

    1996-09-01

    security. It taxonomizes the existing inventory of user authentication mechanisms such as biometrics, challenge/response, password, smart card and token. The...It taxonomizes the existing inventory of user authentication mechanisms such as biometrics, challenge/response, password, smart card and token.

  9. A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

    PubMed

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

    2014-09-01

    Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

  10. Strengthening Authentication

    ERIC Educational Resources Information Center

    Gale, Doug

    2007-01-01

    The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

  11. Strengthening Authentication

    ERIC Educational Resources Information Center

    Gale, Doug

    2007-01-01

    The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

  12. Simple quantum password checking

    NASA Astrophysics Data System (ADS)

    Garcia-Escartin, Juan Carlos; Chamorro-Posada, Pedro

    2015-06-01

    We present a quantum password checking protocol where secrecy is protected by the laws of quantum mechanics. The passwords are encoded in quantum systems that can be compared but have a dimension too small to allow reading the encoded bits. We study the protocol under different replay attacks and show it is robust even for poorly chosen passwords. We also describe a possible implementation with conventional optical elements.

  13. The Effect of Password Management Procedures on the Entropy of User Selected Passwords

    ERIC Educational Resources Information Center

    Enamait, John D.

    2012-01-01

    Maintaining the security of information contained within computer systems poses challenges for users and administrators. Attacks on information systems continue to rise. Specifically, attacks that target user authentication are increasingly popular. These attacks are based on the common perception that traditional alphanumeric passwords are weak…

  14. The Effect of Password Management Procedures on the Entropy of User Selected Passwords

    ERIC Educational Resources Information Center

    Enamait, John D.

    2012-01-01

    Maintaining the security of information contained within computer systems poses challenges for users and administrators. Attacks on information systems continue to rise. Specifically, attacks that target user authentication are increasingly popular. These attacks are based on the common perception that traditional alphanumeric passwords are weak…

  15. Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects' Information

    PubMed Central

    Ho, Peng Foong; Kam, Yvonne Hwei-Syn; Wee, Mee Chin

    2014-01-01

    Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to “shoulder-surfing” attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user's actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set's input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user's actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack. PMID:24991649

  16. Preventing shoulder-surfing attack with the concept of concealing the password objects' information.

    PubMed

    Ho, Peng Foong; Kam, Yvonne Hwei-Syn; Wee, Mee Chin; Chong, Yu Nam; Por, Lip Yee

    2014-01-01

    Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to "shoulder-surfing" attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user's actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set's input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user's actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack.

  17. 31 CFR 363.17 - Who is liable if someone else accesses my TreasuryDirect ® account using my password?

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... accesses my TreasuryDirect ® account using my password? 363.17 Section 363.17 Money and Finance: Treasury... using my password? You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions...

  18. 31 CFR 363.17 - Who is liable if someone else accesses my TreasuryDirect ® account using my password?

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... my TreasuryDirect ® account using my password? 363.17 Section 363.17 Money and Finance: Treasury... using my password? You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions...

  19. 31 CFR 363.17 - Who is liable if someone else accesses my TreasuryDirect ® account using my password?

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... accesses my TreasuryDirect ® account using my password? 363.17 Section 363.17 Money and Finance: Treasury... using my password? You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions...

  20. 31 CFR 363.17 - Who is liable if someone else accesses my TreasuryDirect ® account using my password?

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... my TreasuryDirect ® account using my password? 363.17 Section 363.17 Money and Finance: Treasury... using my password? You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions...

  1. 31 CFR 363.17 - Who is liable if someone else accesses my TreasuryDirect ® account using my password?

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... my TreasuryDirect ® account using my password? 363.17 Section 363.17 Money and Finance: Treasury... using my password? You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions...

  2. Graphics

    ERIC Educational Resources Information Center

    Post, Susan

    1975-01-01

    An art teacher described an elective course in graphics which was designed to enlarge a student's knowledge of value, color, shape within a shape, transparency, line and texture. This course utilized the technique of working a multi-colored print from a single block that was first introduced by Picasso. (Author/RK)

  3. Advanced Password Tips and Tricks

    MedlinePlus

    ... computer security . Tagged with: computer security , data breach , identity theft , online , online safety , password Blog Topics: Privacy, Identity & Online Security Comments MELVIN COVIL | July 30, 2015 | ...

  4. Advanced Password Tips and Tricks

    MedlinePlus

    ... computer security . Tagged with: computer security , data breach , identity theft , online , online safety , password Blog Topics: Privacy, Identity & ... Security Blog Advanced password tips and tricks Video & Media Scam Alerts Get privacy and identity updates by email Looking for business guidance on ...

  5. Geospatial Authentication

    NASA Technical Reports Server (NTRS)

    Lyle, Stacey D.

    2009-01-01

    A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time has been developed. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server. The Geospatial Authentication software has two parts Server and Client. The server software is a virtual private network (VPN) developed in Linux operating system using Perl programming language. The server can be a stand-alone VPN server or can be combined with other applications and services. The client software is a GUI Windows CE software, or Mobile Graphical Software, that allows users to authenticate into a network. The purpose of the client software is to pass the needed satellite information to the server for authentication.

  6. A study of the particularities of an authentication system with a method of an asymmetric holographic encryption based on the DRPE to protect the passwords of the technical devices

    NASA Astrophysics Data System (ADS)

    Nalegaev, S. S.; Krasnov, V. V.

    2016-08-01

    The present work is devoted to research the peculiarities of an authentication system of the technical devices with the use of an optical asymmetric holographic encryption on the basis of the Double Random Phase Encoding (DRPE). The series of the numerical experiments was performed to implement the encryption and the decryption of the initial image. The angular spectrum approach was used as a tool for the simulation of the propagation of the light in the free space forward and backward along the whole optical scheme of the DRPE. In the present work the particularities of the authentication system based on an asymmetric approach of the holographic encryption method DRPE were studied.

  7. Interception and modification of network authentication packets with the purpose of allowing alternative authentication modes

    DOEpatents

    Kent, Alexander Dale

    2008-09-02

    Methods and systems in a data/computer network for authenticating identifying data transmitted from a client to a server through use of a gateway interface system which are communicately coupled to each other are disclosed. An authentication packet transmitted from a client to a server of the data network is intercepted by the interface, wherein the authentication packet is encrypted with a one-time password for transmission from the client to the server. The one-time password associated with the authentication packet can be verified utilizing a one-time password token system. The authentication packet can then be modified for acceptance by the server, wherein the response packet generated by the server is thereafter intercepted, verified and modified for transmission back to the client in a similar but reverse process.

  8. The weak-password problem: Chaos, criticality, and encrypted p-CAPTCHAs

    NASA Astrophysics Data System (ADS)

    Laptyeva, T. V.; Flach, S.; Kladko, K.

    2011-09-01

    Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak-password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors, we design an algorithm that strengthens the security of passwords. The core idea of our simple method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using the evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective. We expect our approach to have wide applications for authentication and encryption technologies.

  9. Information System Security: User Authentication Protection at Central Design Activities

    DTIC Science & Technology

    2007-11-02

    passwords from an insider attack. One-time passwords from a smart card , token, or encrypted challenge/response dialog offered increased protection...improve user authentication procedures, such as a smart card . The June 7, 2001, Security Wire Digest reports that an attacker gained access to the

  10. An Enhanced Secure Authentication Scheme with Anonymity for Wireless Environments

    NASA Astrophysics Data System (ADS)

    Jeon, Woongryul; Kim, Jeeyeon; Nam, Junghyun; Lee, Youngsook; Won, Dongho

    As anonymity increasingly becomes a necessary and legitimate aim in many applications, a number of anonymous authentication schemes have been suggested over the years. Among the many schemes is Lee and Kwon's password-based authentication scheme for wireless environments. Compared with previous schemes, Lee and Kwon's scheme not only improves anonymity by employing random temporary IDs but also provides user-friendliness by allowing human-memorable passwords. In this letter, we point out that Lee and Kwon's scheme, despite its many merits, is vulnerable to off-line password guessing attacks and a forgery attack. In addition, we show how to eliminate these vulnerabilities.

  11. PASSWORD: Organizing Exits from the Resource Room.

    ERIC Educational Resources Information Center

    Johnson, Linda K.

    1990-01-01

    The article offers a classroom management technique, PASSWORD, that facilitates the smooth transition of handicapped students from the resource room to the regular class. Students are each asked a "code question," usually a review question, the answer to which is the password for leaving the resource room. (DB)

  12. PASSWORD: Organizing Exits from the Resource Room.

    ERIC Educational Resources Information Center

    Johnson, Linda K.

    1990-01-01

    The article offers a classroom management technique, PASSWORD, that facilitates the smooth transition of handicapped students from the resource room to the regular class. Students are each asked a "code question," usually a review question, the answer to which is the password for leaving the resource room. (DB)

  13. User Authentication and Authorization Challenges in a Networked Library Environment.

    ERIC Educational Resources Information Center

    Machovec, George S.

    1997-01-01

    Discusses computer user authentication and authorization issues when libraries need to let valid users access databases and information services without making the process too difficult for either party. Common solutions are explained, including filtering, passwords, and kerberos (cryptographic authentication scheme for secure use over public…

  14. An efficient three-party password-based key agreement protocol using extended chaotic maps

    NASA Astrophysics Data System (ADS)

    Shu, Jian

    2015-06-01

    Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Attari M A 2014 “An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps”, Nonlinear Dynamics 77(7): 399-411] proposed a three-party key agreement protocol by using the extended chaotic maps. They claimed that their protocol could achieve strong security. In the present paper, we analyze Farash et al.’s protocol and point out that this protocol is vulnerable to off-line password guessing attack and suffers communication burden. To handle the issue, we propose an efficient three-party password-based key agreement protocol using extended chaotic maps, which uses neither symmetric cryptosystems nor the server’s public key. Compared with the relevant schemes, our protocol provides better performance in terms of computation and communication. Therefore, it is suitable for practical applications. Project supported by the National Natural Science Foundation of China (Grant No. 61462033).

  15. An improved authentication scheme for telecare medicine information systems.

    PubMed

    Wei, Jianghong; Hu, Xuexian; Liu, Wenfen

    2012-12-01

    The telecare medicine information system enables or supports health-care delivery services. In order to safeguard patients' privacy, such as telephone number, medical record number, health information, etc., a secure authentication scheme will thus be in demand. Recently, Wu et al. proposed a smart card based password authentication scheme for the telecare medicine information system. Later, He et al. pointed out that Wu et al.'s scheme could not resist impersonation attacks and insider attacks, and then presented a new scheme. In this paper, we show that both of them fail to achieve two-factor authentication as smart card based password authentication schemes should achieve. We also propose an improved authentication scheme for the telecare medicine information system, and demonstrate that the improved one satisfies the security requirements of two-factor authentication and is also efficient.

  16. A Comparison of Password Techniques for Multilevel Authentication Mechanisms

    DTIC Science & Technology

    1990-06-01

    to 87.4%. The questions that had the lowest success rate dealt with an individual’s favorite restaurant, actor or actress , and choice of alternative...favorite actor or actress ? 58% What is your favorite flower? 87% What is your favorite dessert? 66% What is your favorite vegetable? 75% What is your...would it be? A-3 11. What is the last name of your favorite actor or actress ? 12. What is your favorite flower? 13. What is your favorite dessert? 14

  17. A voice password system for access security

    SciTech Connect

    Birnbaum, M.; Cohen, L.A.; Welsh, F.X.

    1986-09-01

    A voice password system for access security using speaker verification technology has been designed for use over dial-up telephone lines. The voice password system (VPS) can provide secure access to telephone networks, computers, rooms, and buildings. It also has application in office automation systems, electric funds transfer, and ''smart cards'' (interactive computers embedded in credit-card-sized packages). As increasing attention is focused on access security in the public, private, and government sectors, the voice password system can provide a timely solution to the security dilemma. The VPS uses modes of communication available to almost everyone (the human voice and the telephone). A user calls the VPS, enters his or her identification number (ID) by touch-tone telephone, and then speaks a password. This is usually a phrase or a sentence of about seven syllables. On initial calls, the VPS creates a model of the user's voice, called a reference template, and labels it with the caller's unique user ID. To gain access later, the user calls the system, enters the proper user ID, and speaks the password phrase. The VPS compares the user's stored reference template with the spoken password and produces a distance score.

  18. A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

    PubMed

    Mishra, Raghavendra; Barnwal, Amit Kumar

    2015-05-01

    The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

  19. Biometrics based authentication scheme for session initiation protocol.

    PubMed

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

  20. Simpler and Safer: One Password Opens Many Online Doors

    ERIC Educational Resources Information Center

    Carnevale, Dan

    2007-01-01

    Going online nowadays often requires more log-ins and passwords than most people can remember. Faculty and staff members will sometimes write their various passwords on yellow sticky notes and post them on their computer monitors--leaving confidential data wide open to any passer-by. What if there were just one password? A single log-on for e-mail…

  1. Simpler and Safer: One Password Opens Many Online Doors

    ERIC Educational Resources Information Center

    Carnevale, Dan

    2007-01-01

    Going online nowadays often requires more log-ins and passwords than most people can remember. Faculty and staff members will sometimes write their various passwords on yellow sticky notes and post them on their computer monitors--leaving confidential data wide open to any passer-by. What if there were just one password? A single log-on for e-mail…

  2. Comparing Intentions to Use University-Provided vs Vendor-Provided Multibiometric Authentication in Online Exams

    ERIC Educational Resources Information Center

    Levy, Yair; Ramim, Michelle M.; Furnell, Steven M.; Clarke, Nathan L.

    2011-01-01

    Purpose: Concerns for information security in e-learning systems have been raised previously. In the pursuit for better authentication approaches, few schools have implemented students' authentication during online exams beyond passwords. This paper aims to assess e-learners' intention to provide multibiometric data and use of multibiometrics…

  3. Comparing Intentions to Use University-Provided vs Vendor-Provided Multibiometric Authentication in Online Exams

    ERIC Educational Resources Information Center

    Levy, Yair; Ramim, Michelle M.; Furnell, Steven M.; Clarke, Nathan L.

    2011-01-01

    Purpose: Concerns for information security in e-learning systems have been raised previously. In the pursuit for better authentication approaches, few schools have implemented students' authentication during online exams beyond passwords. This paper aims to assess e-learners' intention to provide multibiometric data and use of multibiometrics…

  4. Authentication techniques for smart cards

    SciTech Connect

    Nelson, R.A.

    1994-02-01

    Smart card systems are most cost efficient when implemented as a distributed system, which is a system without central host interaction or a local database of card numbers for verifying transaction approval. A distributed system, as such, presents special card and user authentication problems. Fortunately, smart cards offer processing capabilities that provide solutions to authentication problems, provided the system is designed with proper data integrity measures. Smart card systems maintain data integrity through a security design that controls data sources and limits data changes. A good security design is usually a result of a system analysis that provides a thorough understanding of the application needs. Once designers understand the application, they may specify authentication techniques that mitigate the risk of system compromise or failure. Current authentication techniques include cryptography, passwords, challenge/response protocols, and biometrics. The security design includes these techniques to help prevent counterfeit cards, unauthorized use, or information compromise. This paper discusses card authentication and user identity techniques that enhance security for microprocessor card systems. It also describes the analysis process used for determining proper authentication techniques for a system.

  5. [Application of password manager software in health care].

    PubMed

    Ködmön, József

    2016-12-01

    When using multiple IT systems, handling of passwords in a secure manner means a potential source of problem. The most frequent issues are choosing the appropriate length and complexity, and then remembering the strong passwords. Password manager software provides a good solution for this problem, while greatly increasing the security of sensitive medical data. This article introduces a password manager software and provides basic information of the application. It also discusses how to select a really secure password manager software and suggests a practical application to efficient, safe and comfortable use for health care. Orv. Hetil., 2016, 157(52), 2066-2073.

  6. Assessment of Web-Based Authentication Methods in the U.S.: Comparing E-Learning Systems to Internet Healthcare Information Systems

    ERIC Educational Resources Information Center

    Mattord, Herbert J.

    2012-01-01

    Organizations continue to rely on password-based authentication methods to control access to many Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in Web-based information systems (IS). It developed an Authentication Method System Index (AMSI) to analyze collected data from…

  7. Assessment of Web-Based Authentication Methods in the U.S.: Comparing E-Learning Systems to Internet Healthcare Information Systems

    ERIC Educational Resources Information Center

    Mattord, Herbert J.

    2012-01-01

    Organizations continue to rely on password-based authentication methods to control access to many Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in Web-based information systems (IS). It developed an Authentication Method System Index (AMSI) to analyze collected data from…

  8. KENNEDY SPACE CENTER, FLA. - The Rocket Garden at the KSC Visitor Complex features eight authentic rockets from the past, including a Mercury-Atlas rocket. The garden also features a climb-in Mercury, Gemino and Apollo capsule replicas, seating pods and informative graphic elements.

    NASA Image and Video Library

    2003-07-22

    KENNEDY SPACE CENTER, FLA. - The Rocket Garden at the KSC Visitor Complex features eight authentic rockets from the past, including a Mercury-Atlas rocket. The garden also features a climb-in Mercury, Gemino and Apollo capsule replicas, seating pods and informative graphic elements.

  9. Vein matching using artificial neural network in vein authentication systems

    NASA Astrophysics Data System (ADS)

    Noori Hoshyar, Azadeh; Sulaiman, Riza

    2011-10-01

    Personal identification technology as security systems is developing rapidly. Traditional authentication modes like key; password; card are not safe enough because they could be stolen or easily forgotten. Biometric as developed technology has been applied to a wide range of systems. According to different researchers, vein biometric is a good candidate among other biometric traits such as fingerprint, hand geometry, voice, DNA and etc for authentication systems. Vein authentication systems can be designed by different methodologies. All the methodologies consist of matching stage which is too important for final verification of the system. Neural Network is an effective methodology for matching and recognizing individuals in authentication systems. Therefore, this paper explains and implements the Neural Network methodology for finger vein authentication system. Neural Network is trained in Matlab to match the vein features of authentication system. The Network simulation shows the quality of matching as 95% which is a good performance for authentication system matching.

  10. How to Speak an Authentication Secret Securely from an Eavesdropper

    NASA Astrophysics Data System (ADS)

    O'Gorman, Lawrence; Brotman, Lynne; Sammon, Michael

    When authenticating over the telephone or mobile headphone, the user cannot always assure that no eavesdropper hears the password or authentication secret. We describe an eavesdropper-resistant, challenge-response authentication scheme for spoken authentication where an attacker can hear the user’s voiced responses. This scheme entails the user to memorize a small number of plaintext-ciphertext pairs. At authentication, these are challenged in random order and interspersed with camouflage elements. It is shown that the response can be made to appear random so that no information on the memorized secret can be learned by eavesdroppers. We describe the method along with parameter value tradeoffs of security strength, authentication time, and memory effort. This scheme was designed for user authentication of wireless headsets used for hands-free communication by healthcare staff at a hospital.

  11. Pass or fail: A new test for password legitimacy

    SciTech Connect

    Cherry, A.; Henderson, M.W.; Nickless, W.K.; Olson, R.; Rackow, G.

    1992-09-25

    While other programs check for bad passwords after the fact, it in important to have good passwords at all times, not just after the latest Crack run. To this end we have modified Larry Wall`s Perl password program and added, among other features, the ability to check a sorted list of all the ``bad passwords`` that Crack will generate, given all the dictionaries that we could get our hands on (107 MB of unique words, so far). The combination of improvements has turned publicly available code into a powerful tool that can aid sites in the maintenance of local security.

  12. Pass or fail: A new test for password legitimacy

    SciTech Connect

    Cherry, A.; Henderson, M.W.; Nickless, W.K.; Olson, R.; Rackow, G.

    1992-09-25

    While other programs check for bad passwords after the fact, it in important to have good passwords at all times, not just after the latest Crack run. To this end we have modified Larry Wall's Perl password program and added, among other features, the ability to check a sorted list of all the bad passwords'' that Crack will generate, given all the dictionaries that we could get our hands on (107 MB of unique words, so far). The combination of improvements has turned publicly available code into a powerful tool that can aid sites in the maintenance of local security.

  13. Improved dynamic ID-based authentication scheme for telecare medical information systems.

    PubMed

    Cao, Tianjie; Zhai, Jingxuan

    2013-04-01

    In order to protect users' identity privacy, Chen et al. proposed an efficient dynamic ID-based authentication scheme for telecare medical information systems. However, Chen et al.'s scheme has some weaknesses. In Chen et al.'s scheme, an attacker can track a user by a linkability attack or an off-line identity guessing attack. Chen et al.'s scheme is also vulnerable to an off-line password guessing attack and an undetectable on-line password guessing attack when user's smart card is stolen. In server side, Chen et al.'s scheme needs large computational load to authentication a legal user or reject an illegal user. To remedy the weaknesses in Chen et al.'s scheme, we propose an improved smart card based password authentication scheme. Our analysis shows that the improved scheme can overcome the weaknesses in Chen et al.'s scheme.

  14. Security enhanced multi-factor biometric authentication scheme using bio-hash function

    PubMed Central

    Lee, Youngsook; Moon, Jongho

    2017-01-01

    With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. PMID:28459867

  15. Security enhanced multi-factor biometric authentication scheme using bio-hash function.

    PubMed

    Choi, Younsung; Lee, Youngsook; Moon, Jongho; Won, Dongho

    2017-01-01

    With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

  16. Password Complexity Recommendations: xez and pAxat8Um or P4$$w0rd!!!!

    DTIC Science & Technology

    2014-10-01

    the-line (at the time of writing ) NVidia GTX Titan cards [7]. The speed here are added for comparison. One can see that the much bigger and newer SHA...password2014 Suffix symbol password! Prefix numbers 0password, 1password, ..., 9password, ... 2014password Remove vowels psswrd Repeat...seen that the sweet spot seems to be 11 characters at the time of writing . Add one character if you are feeling paranoid or for very important sites. For

  17. The console password feature for DEC workstations

    SciTech Connect

    Van Lehn, A.L.

    1993-10-01

    New VAXstations and all DECstations offer a ``hardware`` password feature that, when enabled, restricts unauthorized access to your system console terminal when turned on or restarted. VAXstation 3100s shipped after July, 1989 offer this feature. A description of this feature should be part of the Hardware User Guide for your workstation; however, some of the early systems did not document this security enhancement. This document is based on the author`s investigation as well as information provided by the Digital Equipment Corporation.

  18. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks

    PubMed Central

    Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

    2015-01-01

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost. PMID:26633396

  19. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

    PubMed

    Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

    2015-11-30

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

  20. Implications of What Children Know about Computer Passwords

    ERIC Educational Resources Information Center

    Coggins, Porter E.

    2013-01-01

    The purpose of this article is to present several implications and recommendations regarding what elementary school children, aged 9-12 years, know about computer passwords and what they know about why computer passwords are important. Student knowledge can then be used to make relevant curriculum decisions based in conjunction with applicable…

  1. Implications of What Children Know about Computer Passwords

    ERIC Educational Resources Information Center

    Coggins, Porter E.

    2013-01-01

    The purpose of this article is to present several implications and recommendations regarding what elementary school children, aged 9-12 years, know about computer passwords and what they know about why computer passwords are important. Student knowledge can then be used to make relevant curriculum decisions based in conjunction with applicable…

  2. Centralized Authentication with Kerberos 5, Part I

    SciTech Connect

    Wachsmann, A

    2004-06-09

    Account administration in a distributed Unix/Linux environment can become very complicated and messy if done by hand. Large sites use special tools to deal with this problem. I will describe how even very small installations like your three computer network at home can take advantage of the very same tools. The problem in a distributed environment is that password and shadow files need to be changed individually on each machine if an account change occurs. Account changes include: password change, addition/removal of accounts, name change of an account (UID/GID changes are a big problem in any case), additional or removed login privileges to a (group of) computer(s), etc. In this article, I will show how Kerberos 5 solves the authentication problem in a distributed computing environment. A second article will describe a solution for the authorization problem.

  3. An authentication scheme for secure access to healthcare services.

    PubMed

    Khan, Muhammad Khurram; Kumari, Saru

    2013-08-01

    Last few decades have witnessed boom in the development of information and communication technologies. Health-sector has also been benefitted with this advancement. To ensure secure access to healthcare services some user authentication mechanisms have been proposed. In 2012, Wei et al. proposed a user authentication scheme for telecare medical information system (TMIS). Recently, Zhu pointed out offline password guessing attack on Wei et al.'s scheme and proposed an improved scheme. In this article, we analyze both of these schemes for their effectiveness in TMIS. We show that Wei et al.'s scheme and its improvement proposed by Zhu fail to achieve some important characteristics necessary for secure user authentication. We find that security problems of Wei et al.'s scheme stick with Zhu's scheme; like undetectable online password guessing attack, inefficacy of password change phase, traceability of user's stolen/lost smart card and denial-of-service threat. We also identify that Wei et al.'s scheme lacks forward secrecy and Zhu's scheme lacks session key between user and healthcare server. We therefore propose an authentication scheme for TMIS with forward secrecy which preserves the confidentiality of air messages even if master secret key of healthcare server is compromised. Our scheme retains advantages of Wei et al.'s scheme and Zhu's scheme, and offers additional security. The security analysis and comparison results show the enhanced suitability of our scheme for TMIS.

  4. Smartphone-based secure authenticated session sharing in Internet of Personal Things

    NASA Astrophysics Data System (ADS)

    Krishnan, Ram; Ninglekhu, Jiwan

    2015-03-01

    In the context of password-based authentication, a user can only memorize limited number of usernames and passwords. They are generally referred to as user-credentials. Longer character length of passwords further adds complication in mastering them. The expansion of the Internet and our growing dependency on it, has made it almost impossible for us to handle the big pool of user-credentials. Using simple, same or similar passwords is considered a poor practice, as it can easily be compromised by password cracking tools and social engineering attacks. Therefore, a robust and painless technique to manage personal credentials for websites is desirable. In this paper, a novel technique for user-credentials management via a smart mobile device such as a smartphone in a local network is proposed. We present a secure user-credential management scheme in which user's account login (username) and password associated with websites domain name is saved into the mobile device's database using a mobile application. We develop a custom browser extension application for client and use it to import user's credentials linked with the corresponding website from the mobile device via the local Wi-Fi network connection. The browser extension imports and identifies the authentication credentials and pushes them into the target TextBox locations in the webpage, ready for the user to execute. This scheme is suitably demonstrated between two personal devices in a local network.

  5. Strong authentication scheme for telecare medicine information systems.

    PubMed

    Pu, Qiong; Wang, Jian; Zhao, Rongyong

    2012-08-01

    The telecare medicine information system enables or supports health-care delivery services. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. In this paper, we propose a generic construction of smart-card-based password authentication protocol and prove its security. The proposed framework is superior to previous schemes in three following aspects : (1) our scheme is a true two-factor authentication scheme. (2) our scheme can yield a forward secure two-factor authentication scheme with user anonymity when appropriately instantiated. (3) our scheme utilizes each user's unique identity to accomplish the user authentication and does not need to store or verify others's certificates. And yet, our scheme is still reasonably efficient and can yield such a concrete scheme that is even more efficient than previous schemes. Therefore the end result is more practical for the telecare medicine system.

  6. A Secured Authentication Protocol for SIP Using Elliptic Curves Cryptography

    NASA Astrophysics Data System (ADS)

    Chen, Tien-Ho; Yeh, Hsiu-Lien; Liu, Pin-Chuan; Hsiang, Han-Chen; Shih, Wei-Kuan

    Session initiation protocol (SIP) is a technology regularly performed in Internet Telephony, and Hyper Text Transport Protocol (HTTP) as digest authentication is one of the major methods for SIP authentication mechanism. In 2005, Yang et al. pointed out that HTTP could not resist server spoofing attack and off-line guessing attack and proposed a secret authentication with Diffie-Hellman concept. In 2009, Tsai proposed a nonce based authentication protocol for SIP. In this paper, we demonstrate that their protocol could not resist the password guessing attack and insider attack. Furthermore, we propose an ECC-based authentication mechanism to solve their issues and present security analysis of our protocol to show that ours is suitable for applications with higher security requirement.

  7. The Use of Passwords for Controlled Access to Computer Resources. Computer Science & Technology.

    ERIC Educational Resources Information Center

    Wood, Helen M.

    This paper considers the generation of passwords and their effective application to the problem of controlling access to computer resources. After describing the need for and uses of passwords, password schemes are categorized according to selection technique, lifetime, physical characteristics, and information content. Password protection, both…

  8. The Use of Passwords for Controlled Access to Computer Resources. Computer Science & Technology.

    ERIC Educational Resources Information Center

    Wood, Helen M.

    This paper considers the generation of passwords and their effective application to the problem of controlling access to computer resources. After describing the need for and uses of passwords, password schemes are categorized according to selection technique, lifetime, physical characteristics, and information content. Password protection, both…

  9. Group Management Method of RFID Passwords for Privacy Protection

    NASA Astrophysics Data System (ADS)

    Kobayashi, Yuichi; Kuwana, Toshiyuki; Taniguchi, Yoji; Komoda, Norihisa

    When RFID tag is used in the whole item lifecycle including a consumer scene or a recycle scene, we have to protect consumer privacy in the state that RFID tag is stuck on an item. We use the low cost RFID tag that has the access control function using a password, and we propose a method which manages RFID tags by passwords identical to each group of RFID tags. This proposal improves safety of RFID system because the proposal method is able to reduce the traceability for a RFID tag, and hold down the influence for disclosure of RFID passwords in the both scenes.

  10. A molecular keypad lock: a photochemical device capable of authorizing password entries.

    PubMed

    Margulies, David; Felder, Clifford E; Melman, Galina; Shanzer, Abraham

    2007-01-17

    This paper describes a new concept in the way information can be protected at the molecular scale. By harnessing the principles of molecular Boolean logic, we have designed a molecular device that mimics the operation of an electronic keypad lock, e.g., a common security circuit used for numerous applications, in which access to an object or data is to be restricted to a limited number of persons. What distinguishes this lock from a simple molecular logic gate is the fact that its output signals are dependent not only on the proper combination of the inputs but also on the correct order by which these inputs are introduced. In other words, one needs to know the exact passwords that open this lock. The different password entries are coded by a combination of two chemical and one optical input signals, which can activate, separately, blue or green fluorescence output channels from pyrene or fluorescein fluorophores. The information in each channel is a single-bit light output signal that can be used to authorize a user, to verify authentication of a product, or to initiate a higher process. This development not only opens the way for a new class of molecular decision-making devices but also adds a new dimension of protection to existing defense technologies, such as cryptography and steganography, previously achieved with molecules.

  11. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    PubMed

    Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  12. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

    PubMed Central

    Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

  13. Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

    PubMed

    An, Younghwa

    2012-01-01

    Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  14. Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

    PubMed Central

    An, Younghwa

    2012-01-01

    Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. PMID:22899887

  15. Cryptanalysis of Password Protection of Oracle Database Management System (DBMS)

    NASA Astrophysics Data System (ADS)

    Koishibayev, Timur; Umarova, Zhanat

    2016-04-01

    This article discusses the currently available encryption algorithms in the Oracle database, also the proposed upgraded encryption algorithm, which consists of 4 steps. In conclusion we make an analysis of password encryption of Oracle Database.

  16. User-Centered Authentication: LDAP, WRAP, X.509, XML (SIG LAN: Library Automation and Networks).

    ERIC Educational Resources Information Center

    Coble, Jim

    2000-01-01

    Presents an abstract for a planned panel session on technologies for user-centered authentication and authorization currently deployed in pilot or production implementations in academic computing. Presentations included: "Implementing LSAP for Single-Password Access to Campus Resources" (Layne Nordgren); "Implementing a Scalable…

  17. IVOA Single-Sign-On Profile: Authentication Mechanisms Version 1.01

    NASA Astrophysics Data System (ADS)

    Rixon, Guy; Graham, Matthew; Grid andWeb Services Working Group; Rixon, Guy; Graham, Matthew

    2008-01-01

    Approved client-server authentication mechanisms are described for the IVOA single-sign-on profile: digital signatures (for SOAP services); TLS with passwords (for user sign-on points); TLS with client certificates (for everything else). Normative rules are given for the implementation of these mechanisms, mainly by reference to pre-existing standards.

  18. User-Centered Authentication: LDAP, WRAP, X.509, XML (SIG LAN: Library Automation and Networks).

    ERIC Educational Resources Information Center

    Coble, Jim

    2000-01-01

    Presents an abstract for a planned panel session on technologies for user-centered authentication and authorization currently deployed in pilot or production implementations in academic computing. Presentations included: "Implementing LSAP for Single-Password Access to Campus Resources" (Layne Nordgren); "Implementing a Scalable…

  19. Geospatial Authentication

    NASA Technical Reports Server (NTRS)

    Lyle, Stacey D.

    2009-01-01

    A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server.

  20. A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System.

    PubMed

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi; Wang, Chun-Cheng

    2015-11-01

    To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

  1. An efficient and robust RSA-based remote user authentication for telecare medical information systems.

    PubMed

    Giri, Debasis; Maitra, Tanmoy; Amin, Ruhul; Srivastava, P D

    2015-01-01

    It is not always possible for a patient to go to a doctor in critical or urgent period. Telecare Medical Information Systems (TMIS) provides a facility by which a patient can communicate to a doctor through a medical server via internet from home. To hide the secret information of both parties (a server and a patient), an authentication mechanism is needed in TMIS. In 2013, Khan and Kumari proposed the authentication schemes for TMIS. In this paper, we have shown that Khan and Kumari's scheme is insecure against off-line password guessing attack. We have also shown that Khan and Kumari's scheme does not provide any security if the password of a patient is compromised. To improve the security and efficiency, a new authentication scheme for TMIS has been proposed in this paper. Further, the proposed scheme can resist all possible attacks and has better performance than the related schemes published earlier.

  2. Authentic leadership.

    PubMed

    Kerfoot, Karlene

    2006-12-01

    There is leadership, and then there is authentic leadership. If you are not willing to engage from your heart, to passionately work to create a greater quality of work life for front-line staff every day, and to push yourself to the ultimate limit to make that happen, you might be a leader, but you will not be perceived as an authentic leader. Authentic leaders love, challenge people to do what they didn't believe was possible, and generate the energy to make the impossible possible by their passion for their people, their patients, and for doing the right thing. Thankfully, there are leaders who are willing to live on the edge, model their love, and inspire people to change the world. Will you be one of them?

  3. Authentic leadership.

    PubMed

    Kerfoot, Karlene

    2006-10-01

    There is leadership, and then there is authentic leadership. If you are not willing to engage from your heart, to passionately work to create a greater quality of work life for front-line staff every day, and to push yourself to the ultimate limit to make that happen, you might be a leader, but you will not be perceived as an authentic leader. Authentic leaders love, challenge people to do what they didn't believe was possible, and generate the energy to make the impossible possible by their passion for their people, their patients, and for doing the right thing. Thankfully, there are leaders who are willing to live on the edge, model their love, and inspire people to change the world. Will you be one of them?

  4. Authenticating cache.

    SciTech Connect

    Smith, Tyler Barratt; Urrea, Jorge Mario

    2012-06-01

    The aim of the Authenticating Cache architecture is to ensure that machine instructions in a Read Only Memory (ROM) are legitimate from the time the ROM image is signed (immediately after compilation) to the time they are placed in the cache for the processor to consume. The proposed architecture allows the detection of ROM image modifications during distribution or when it is loaded into memory. It also ensures that modified instructions will not execute in the processor-as the cache will not be loaded with a page that fails an integrity check. The authenticity of the instruction stream can also be verified in this architecture. The combination of integrity and authenticity assurance greatly improves the security profile of a system.

  5. A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

    PubMed

    Lee, Tian-Fu; Liu, Chuan-Ming

    2013-06-01

    A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

  6. A Secure Mobile-Based Authentication System for e-Banking

    NASA Astrophysics Data System (ADS)

    Rifà-Pous, Helena

    Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable. We propose a challenge-response based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.

  7. Cryptanalysis and improvement of Yan et al.'s biometric-based authentication scheme for telecare medicine information systems.

    PubMed

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Chaturvedi, Ankita; Kumari, Saru; Khan, Muhammad Khurram

    2014-06-01

    Remote user authentication is desirable for a Telecare Medicine Information System (TMIS) for the safety, security and integrity of transmitted data over the public channel. In 2013, Tan presented a biometric based remote user authentication scheme and claimed that his scheme is secure. Recently, Yan et al. demonstrated some drawbacks in Tan's scheme and proposed an improved scheme to erase the drawbacks of Tan's scheme. We analyze Yan et al.'s scheme and identify that their scheme is vulnerable to off-line password guessing attack, and does not protect anonymity. Moreover, in their scheme, login and password change phases are inefficient to identify the correctness of input where inefficiency in password change phase can cause denial of service attack. Further, we design an improved scheme for TMIS with the aim to eliminate the drawbacks of Yan et al.'s scheme.

  8. Computer Graphics.

    ERIC Educational Resources Information Center

    Halpern, Jeanne W.

    1970-01-01

    Computer graphics have been called the most exciting development in computer technology. At the University of Michigan, three kinds of graphics output equipment are now being used: symbolic printers, line plotters or drafting devices, and cathode-ray tubes (CRT). Six examples are given that demonstrate the range of graphics use at the University.…

  9. Patient confidentiality and telephone consultations: time for a password.

    PubMed

    Sokol, D K; Car, J

    2006-12-01

    Although telephone consultations are widely used in the delivery of healthcare, they are vulnerable to breaches of patient confidentiality. Current guidelines on telephone consultations do not address adequately the issue of confidentiality. In this paper, we propose a solution to the a password system to control access to patient information. Authorised persons will be offered the option of selecting a password which they will use to validate their request for information over the telephone. This simple yet stringent method of access control should improve security while allowing the continuing evolution of telephone consultations.

  10. Patient confidentiality and telephone consultations: time for a password

    PubMed Central

    Sokol, D K; Car, J

    2006-01-01

    Although telephone consultations are widely used in the delivery of healthcare, they are vulnerable to breaches of patient confidentiality. Current guidelines on telephone consultations do not address adequately the issue of confidentiality. In this paper, we propose a solution to the problem: a password system to control access to patient information. Authorised persons will be offered the option of selecting a password which they will use to validate their request for information over the telephone. This simple yet stringent method of access control should improve security while allowing the continuing evolution of telephone consultations. PMID:17145905

  11. RUASN: A Robust User Authentication Framework for Wireless Sensor Networks

    PubMed Central

    Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

    2011-01-01

    In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost. PMID:22163888

  12. Usable Human Authentication: A Quantitative Treatment

    DTIC Science & Technology

    2014-06-30

    papers and even comics about selecting strong individual passwords, there is very little work on password management schemes?systematic strategies to help...as using the same passwords for multiple accounts and selecting weak passwords. While there are many books, articles, papers and even comics about...books, papers and even comics about selecting strong individual passwords [4, 46, 49, 82, 109, 132, 146, 162], there is very little work on password

  13. Optical hierarchical authentication based on interference and hash function.

    PubMed

    He, Wenqi; Peng, Xiang; Meng, Xiangfeng; Liu, Xiaoli

    2012-11-10

    We propose a method to achieve the purpose of hierarchical authentication on the basis of two beams' interference and the one-way hash function. For this security protection system, only if the "phase key" and the password-controlled "phase lock" of a user are verified simultaneously can one obtain a permission to visit the confidential resources of the system. Moreover, this scheme can not only check the legality of the users but also verify their identity levels so as to grant them corresponding hierarchical access permissions. The authentication process is straightforward; the phase key and the password-controlled phase lock of one user are loading on two spatial light modulators in advance, by which two coherent beams are modulated and then interfere with each other at the output plane leading to an output image. By comparing the output image with all the standard certification images in the database, the system can thus verify the user's identity. However, the system designing process involves an iterative modified phase retrieval algorithm. For an authorized user, a phase lock is first created based on a "digital fingerprint," which is the result of a hash function on a preselected user password. The corresponding phase key can then be determined by use of the phase lock and a designated standard certification image. Theoretical analysis and computer simulations both validate the effectiveness of our method.

  14. 21 CFR 11.300 - Controls for identification codes/passwords.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 21 Food and Drugs 1 2013-04-01 2013-04-01 false Controls for identification codes/passwords. 11... identification codes/passwords. Persons who use electronic signatures based upon use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls...

  15. 21 CFR 11.300 - Controls for identification codes/passwords.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 21 Food and Drugs 1 2011-04-01 2011-04-01 false Controls for identification codes/passwords. 11... identification codes/passwords. Persons who use electronic signatures based upon use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls...

  16. 27 CFR 73.12 - What security controls must I use for identification codes and passwords?

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... must I use for identification codes and passwords? 73.12 Section 73.12 Alcohol, Tobacco Products and... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure...

  17. 27 CFR 73.12 - What security controls must I use for identification codes and passwords?

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... I use for identification codes and passwords? 73.12 Section 73.12 Alcohol, Tobacco Products and... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure...

  18. 27 CFR 73.12 - What security controls must I use for identification codes and passwords?

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... must I use for identification codes and passwords? 73.12 Section 73.12 Alcohol, Tobacco Products and... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure...

  19. 21 CFR 11.300 - Controls for identification codes/passwords.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 21 Food and Drugs 1 2010-04-01 2010-04-01 false Controls for identification codes/passwords. 11... identification codes/passwords. Persons who use electronic signatures based upon use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls...

  20. 21 CFR 11.300 - Controls for identification codes/passwords.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 1 2014-04-01 2014-04-01 false Controls for identification codes/passwords. 11... identification codes/passwords. Persons who use electronic signatures based upon use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls...

  1. 27 CFR 73.12 - What security controls must I use for identification codes and passwords?

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... must I use for identification codes and passwords? 73.12 Section 73.12 Alcohol, Tobacco Products and... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure...

  2. 27 CFR 73.12 - What security controls must I use for identification codes and passwords?

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... must I use for identification codes and passwords? 73.12 Section 73.12 Alcohol, Tobacco Products and... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure...

  3. Applications of Multi-Channel Safety Authentication Protocols in Wireless Networks.

    PubMed

    Chen, Young-Long; Liau, Ren-Hau; Chang, Liang-Yu

    2016-01-01

    People can use their web browser or mobile devices to access web services and applications which are built into these servers. Users have to input their identity and password to login the server. The identity and password may be appropriated by hackers when the network environment is not safe. The multiple secure authentication protocol can improve the security of the network environment. Mobile devices can be used to pass the authentication messages through Wi-Fi or 3G networks to serve as a second communication channel. The content of the message number is not considered in a multiple secure authentication protocol. The more excessive transmission of messages would be easier to collect and decode by hackers. In this paper, we propose two schemes which allow the server to validate the user and reduce the number of messages using the XOR operation. Our schemes can improve the security of the authentication protocol. The experimental results show that our proposed authentication protocols are more secure and effective. In regard to applications of second authentication communication channels for a smart access control system, identity identification and E-wallet, our proposed authentication protocols can ensure the safety of person and property, and achieve more effective security management mechanisms.

  4. System and method for authentication

    DOEpatents

    Duerksen, Gary L.; Miller, Seth A.

    2015-12-29

    Described are methods and systems for determining authenticity. For example, the method may include providing an object of authentication, capturing characteristic data from the object of authentication, deriving authentication data from the characteristic data of the object of authentication, and comparing the authentication data with an electronic database comprising reference authentication data to provide an authenticity score for the object of authentication. The reference authentication data may correspond to one or more reference objects of authentication other than the object of authentication.

  5. How secure is your information system? An investigation into actual healthcare worker password practices.

    PubMed

    Cazier, Joseph A; Medlin, B Dawn

    2006-09-27

    For most healthcare information systems, passwords are the first line of defense in keeping patient and administrative records private and secure. However, this defense is only as strong as the passwords employees chose to use. A weak or easily guessed password is like an open door to the medical records room, allowing unauthorized access to sensitive information. In this paper, we present the results of a study of actual healthcare workers' password practices. In general, the vast majority of these passwords have significant security problems on several dimensions. Implications for healthcare professionals are discussed.

  6. How Secure Is Your Information System? An Investigation into Actual Healthcare Worker Password Practices

    PubMed Central

    Cazier, Joseph A; Medlin, B. Dawn

    2006-01-01

    For most healthcare information systems, passwords are the first line of defense in keeping patient and administrative records private and secure. However, this defense is only as strong as the passwords employees chose to use. A weak or easily guessed password is like an open door to the medical records room, allowing unauthorized access to sensitive information. In this paper, we present the results of a study of actual healthcare workers' password practices. In general, the vast majority of these passwords have significant security problems on several dimensions. Implications for healthcare professionals are discussed. PMID:18066366

  7. A Multimodal User Authentication System Using Faces and Gestures

    PubMed Central

    Choi, Hyunsoek; Park, Hyeyoung

    2015-01-01

    As a novel approach to perform user authentication, we propose a multimodal biometric system that uses faces and gestures obtained from a single vision sensor. Unlike typical multimodal biometric systems using physical information, the proposed system utilizes gesture video signals combined with facial images. Whereas physical information such as face, fingerprints, and iris is fixed and not changeable, behavioral information such as gestures and signatures can be freely changed by the user, similar to a password. Therefore, it can be a countermeasure when the physical information is exposed. We aim to investigate the potential possibility of using gestures as a signal for biometric system and the robustness of the proposed multimodal user authentication system. Through computational experiments on a public database, we confirm that gesture information can help to improve the authentication performance. PMID:26247018

  8. Robust anonymous authentication scheme for telecare medical information systems.

    PubMed

    Xie, Qi; Zhang, Jun; Dong, Na

    2013-04-01

    Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

  9. Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

    PubMed

    Li, Xiong; Niu, Jianwei; Karuppiah, Marimuthu; Kumari, Saru; Wu, Fan

    2016-12-01

    Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

  10. A robust and effective smart-card-based remote user authentication mechanism using hash function.

    PubMed

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

  11. A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

    PubMed Central

    Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme. PMID:24892078

  12. NATURAL graphics

    NASA Technical Reports Server (NTRS)

    Jones, R. H.

    1984-01-01

    The hardware and software developments in computer graphics are discussed. Major topics include: system capabilities, hardware design, system compatibility, and software interface with the data base management system.

  13. Passwords Usage and Human Memory Limitations: A Survey across Age and Educational Background

    PubMed Central

    Pilar, Denise Ranghetti; Jaeger, Antonio; Gomes, Carlos F. A.; Stein, Lilian Milnitsky

    2012-01-01

    The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were interviewed, with ages ranging from 18 to 93 years, and education level ranging from grade school to graduate degree. Contrary to our expectations, effects of cognitive decline due to aging were not observed on memory performance for passwords. The results suggested instead, that the number of password uses was the most influential factor on memory performance. That is, as the number of circumstances in which individuals utilized passwords increased, the incidence of forgotten and mixed-up passwords also increased. The theoretical significance of these findings and their implications for good practices on password usage are discussed. PMID:23227232

  14. A Strategic Design of an Opto-Chemical Security Device with Resettable and Reconfigurable Password Based Upon Dual Channel Two-in-One Chemosensor Molecule

    PubMed Central

    Majumdar, Tapas; Haldar, Basudeb; Mallick, Arabinda

    2017-01-01

    A simple strategy is proposed to design and develop an intelligent device based on dual channel ion responsive spectral properties of a commercially available molecule, harmine (HM). The system can process different sets of opto-chemical inputs generating different patterns as fluorescence outputs at specific wavelengths which can provide an additional level of protection exploiting both password and pattern recognitions. The proposed system could have the potential to come up with highly secured combinatorial locks at the molecular level that could pose valuable real time and on-site applications for user authentication. PMID:28216657

  15. A Strategic Design of an Opto-Chemical Security Device with Resettable and Reconfigurable Password Based Upon Dual Channel Two-in-One Chemosensor Molecule.

    PubMed

    Majumdar, Tapas; Haldar, Basudeb; Mallick, Arabinda

    2017-02-20

    A simple strategy is proposed to design and develop an intelligent device based on dual channel ion responsive spectral properties of a commercially available molecule, harmine (HM). The system can process different sets of opto-chemical inputs generating different patterns as fluorescence outputs at specific wavelengths which can provide an additional level of protection exploiting both password and pattern recognitions. The proposed system could have the potential to come up with highly secured combinatorial locks at the molecular level that could pose valuable real time and on-site applications for user authentication.

  16. A Strategic Design of an Opto-Chemical Security Device with Resettable and Reconfigurable Password Based Upon Dual Channel Two-in-One Chemosensor Molecule

    NASA Astrophysics Data System (ADS)

    Majumdar, Tapas; Haldar, Basudeb; Mallick, Arabinda

    2017-02-01

    A simple strategy is proposed to design and develop an intelligent device based on dual channel ion responsive spectral properties of a commercially available molecule, harmine (HM). The system can process different sets of opto-chemical inputs generating different patterns as fluorescence outputs at specific wavelengths which can provide an additional level of protection exploiting both password and pattern recognitions. The proposed system could have the potential to come up with highly secured combinatorial locks at the molecular level that could pose valuable real time and on-site applications for user authentication.

  17. The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers

    DTIC Science & Technology

    2014-07-07

    web. For exam- ple, browsers share authentication tokens such as cook- ies across applications (including across applications and extensions), leading...LastPass bookmarklet to log in to dropbox.com. At the Dropbox entry point, Alice clicks on her LastPass bookmarklet, which includes the token ...8: LastPass OTP Creation. Note the absence of any CSRF token in the request in Step 1. 1 h|rand_encrypted_key lastpass.com/otp.php LastPass save

  18. Graphic Storytelling

    ERIC Educational Resources Information Center

    Thompson, John

    2009-01-01

    Graphic storytelling is a medium that allows students to make and share stories, while developing their art communication skills. American comics today are more varied in genre, approach, and audience than ever before. When considering the impact of Japanese manga on the youth, graphic storytelling emerges as a powerful player in pop culture. In…

  19. Business Graphics

    NASA Technical Reports Server (NTRS)

    1987-01-01

    Genigraphics Corporation's Masterpiece 8770 FilmRecorder is an advanced high resolution system designed to improve and expand a company's in-house graphics production. GRAFTIME/software package was designed to allow office personnel with minimal training to produce professional level graphics for business communications and presentations. Products are no longer being manufactured.

  20. Graphic Storytelling

    ERIC Educational Resources Information Center

    Thompson, John

    2009-01-01

    Graphic storytelling is a medium that allows students to make and share stories, while developing their art communication skills. American comics today are more varied in genre, approach, and audience than ever before. When considering the impact of Japanese manga on the youth, graphic storytelling emerges as a powerful player in pop culture. In…

  1. Authentic Teachers: Student Criteria Perceiving Authenticity of Teachers

    ERIC Educational Resources Information Center

    De Bruyckere, Pedro; Kirschner, Paul A.

    2016-01-01

    Authenticity is seen by many as a key for good learning and education. There is talk of authentic instruction, authentic learning, authentic problems, authentic assessment, authentic tools and authentic teachers. The problem is that while authenticity is an often-used adjective describing almost all aspects of teaching and learning, the concept…

  2. Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

    PubMed

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

  3. Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

    PubMed Central

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme. PMID:25276847

  4. A biometric authentication model using hand gesture images

    PubMed Central

    2013-01-01

    A novel hand biometric authentication method based on measurements of the user’s stationary hand gesture of hand sign language is proposed. The measurement of hand gestures could be sequentially acquired by a low-cost video camera. There could possibly be another level of contextual information, associated with these hand signs to be used in biometric authentication. As an analogue, instead of typing a password ‘iloveu’ in text which is relatively vulnerable over a communication network, a signer can encode a biometric password using a sequence of hand signs, ‘i’ , ‘l’ , ‘o’ , ‘v’ , ‘e’ , and ‘u’. Subsequently the features from the hand gesture images are extracted which are integrally fuzzy in nature, to be recognized by a classification model for telling if this signer is who he claimed himself to be, by examining over his hand shape and the postures in doing those signs. It is believed that everybody has certain slight but unique behavioral characteristics in sign language, so are the different hand shape compositions. Simple and efficient image processing algorithms are used in hand sign recognition, including intensity profiling, color histogram and dimensionality analysis, coupled with several popular machine learning algorithms. Computer simulation is conducted for investigating the efficacy of this novel biometric authentication model which shows up to 93.75% recognition accuracy. PMID:24172288

  5. An improved anonymous authentication scheme for telecare medical information systems.

    PubMed

    Wen, Fengtong; Guo, Dianli

    2014-05-01

    Telecare medical information system (TMIS) constructs an efficient and convenient connection between patients and the medical server. The patients can enjoy medical services through public networks, and hence the protection of patients' privacy is very significant. Very recently, Wu et al. identified Jiang et al.'s authentication scheme had some security drawbacks and proposed an enhanced authentication scheme for TMIS. However, we analyze Wu et al.'s scheme and show that their scheme suffers from server spoofing attack, off-line password guessing attack, impersonation attack. Moreover, Wu et al.'s scheme fails to preserve the claimed patient anonymity and its password change phase is unfriendly and inefficient. Thereby, we present a novel anonymous authentication scheme for telecare medical information systems to eliminate the aforementioned faults. Besides, We demonstrate the completeness of the proposed scheme through the BAN logic. Furthermore, the security of our proposed scheme is proven through Bellare and Rogaways model. Compared with the related existing schemes, our scheme is more secure.

  6. A biometric authentication model using hand gesture images.

    PubMed

    Fong, Simon; Zhuang, Yan; Fister, Iztok; Fister, Iztok

    2013-10-30

    A novel hand biometric authentication method based on measurements of the user's stationary hand gesture of hand sign language is proposed. The measurement of hand gestures could be sequentially acquired by a low-cost video camera. There could possibly be another level of contextual information, associated with these hand signs to be used in biometric authentication. As an analogue, instead of typing a password 'iloveu' in text which is relatively vulnerable over a communication network, a signer can encode a biometric password using a sequence of hand signs, 'i' , 'l' , 'o' , 'v' , 'e' , and 'u'. Subsequently the features from the hand gesture images are extracted which are integrally fuzzy in nature, to be recognized by a classification model for telling if this signer is who he claimed himself to be, by examining over his hand shape and the postures in doing those signs. It is believed that everybody has certain slight but unique behavioral characteristics in sign language, so are the different hand shape compositions. Simple and efficient image processing algorithms are used in hand sign recognition, including intensity profiling, color histogram and dimensionality analysis, coupled with several popular machine learning algorithms. Computer simulation is conducted for investigating the efficacy of this novel biometric authentication model which shows up to 93.75% recognition accuracy.

  7. A Multifactor Secure Authentication System for Wireless Payment

    NASA Astrophysics Data System (ADS)

    Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

    Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

  8. Graphic pathogeographies.

    PubMed

    Donovan, Courtney

    2014-09-01

    This paper focuses on the graphic pathogeographies in David B.'s Epileptic and David Small's Stitches: A Memoir to highlight the significance of geographic concepts in graphic novels of health and disease. Despite its importance in such works, few scholars have examined the role of geography in their narrative and structure. I examine the role of place in Epileptic and Stitches to extend the academic discussion on graphic novels of health and disease and identify how such works bring attention to the role of geography in the individual's engagement with health, disease, and related settings.

  9. Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care.

    PubMed

    Xie, Qi; Liu, Wenhao; Wang, Shengbao; Han, Lidong; Hu, Bin; Wu, Ting

    2014-09-01

    Patient's privacy-preserving, security and mutual authentication between patient and the medical server are the important mechanism in connected health care applications, such as telecare medical information systems and personally controlled health records systems. In 2013, Wen showed that Das et al.'s scheme is vulnerable to the replay attack, user impersonation attacks and off-line guessing attacks, and then proposed an improved scheme using biometrics, password and smart card to overcome these weaknesses. However, we show that Wen's scheme is still vulnerable to off-line password guessing attacks, does not provide user's anonymity and perfect forward secrecy. Further, we propose an improved scheme to fix these weaknesses, and use the applied pi calculus based formal verification tool ProVerif to prove the security and authentication.

  10. Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials

    NASA Astrophysics Data System (ADS)

    Park, Jun-Cheol

    User privacy preservation is critical to prevent many sophisticated attacks that are based on the user's server access patterns and ID-related information. We propose a password-based user authentication scheme that provides strong privacy protection using one-time credentials. It eliminates the possibility of tracing a user's authentication history and hides the user's ID and password even from servers. In addition, it is resistant against user impersonation even if both a server's verification database and a user's smart card storage are disclosed. We also provide a revocation scheme for a user to promptly invalidate the user's credentials on a server when the user's smart card is compromised. The schemes use lightweight operations only such as computing hashes and bitwise XORs.

  11. Physicians' responses to computerized drug interaction alerts with password overrides.

    PubMed

    Nasuhara, Yasuyuki; Sakushima, Ken; Endoh, Akira; Umeki, Reona; Oki, Hiromitsu; Yamada, Takehiro; Iseki, Ken; Ishikawa, Makoto

    2015-08-28

    Although evidence has suggested that computerized drug-drug interaction alert systems may reduce the occurrence of drug-drug interactions, the numerous reminders and alerts generated by such systems could represent an excessive burden for clinicians, resulting in a high override rate of not only unimportant, but also important alerts. We analyzed physicians' responses to alerts of relative contraindications and contraindications for coadministration in a computerized drug-drug interaction alert system at Hokkaido University Hospital. In this system, the physician must enter a password to override an alert and continue an order. All of the drug-drug interaction alerts generated between December 2011 and November 2012 at Hokkaido University Hospital were included in this study. The system generated a total of 170 alerts of relative contraindications and contraindication for coadministration; 59 (34.7 %) of the corresponding orders were cancelled after the alert was accepted, and 111 (65.3 %) were overridden. The most frequent contraindication alert was for the combination of 3-hydroxy-3-methylglutaryl-coenzyme A reductase inhibitors and fibrates. No incidents involving drug-drug interactions were reported among patients who were prescribed contraindicated drug pairs after an override. Although computerized drug-drug interaction alert systems that require password overrides appear useful for promoting medication safety, having to enter passwords to override alerts may represent an excessive burden for the prescribing physician. Therefore, both patient safety and physicians' workloads should be taken into consideration in future designs of computerized drug-drug interaction alert systems.

  12. Public Key Infrastructure Utilization to Provide an Added Level of Authenticity to Transmitted Data

    DTIC Science & Technology

    2010-03-01

    the following e- mail address, ReceiverBlackmonThesis@Gmail.com. The password for this address is the same as the sender address to keep down...receiving end of a transmission. The focus of this thesis is protecting data transmitted across the Internet via e- mail using end-to-end security...connections and e- mail is the tool chosen for this thesis to accomplish this goal. The scope of this thesis is to identify authentic and/or confidential

  13. Should Teachers Be Authentic?

    ERIC Educational Resources Information Center

    Bialystok, Lauren

    2015-01-01

    Authenticity is often touted as an important virtue for teachers. But what do we mean when we say that a teacher ought to be "authentic"? Research shows that discussions of teacher authenticity frequently refer to other character traits or simply to teacher effectiveness, but authenticity is a unique concept with a long philosophical…

  14. Implementing a mandatory password change policy at an academic medical institution.

    PubMed

    Brogan, Michael W; Lin, Ching-Ping; Pai, Rakesh; Kalet, Ira J

    2007-10-11

    UW Medicine implemented a new policy requiring users to change passwords at least once every 120 days. In the first two password change cycles, many users did not take action upon notification, and their passwords expired, causing high help desk loads. Compliance and support loads improved in subsequent cycles. We conclude that policy changes requiring user behavior modification should be seen as a cultural change, and the implementation strategy should consider socio-technical factors.

  15. Individual Differences in Cyber Security Behaviors: An Examination of Who Is Sharing Passwords

    PubMed Central

    Doodson, James; Creese, Sadie; Hodges, Duncan

    2015-01-01

    Abstract In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found older people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns. PMID:25517697

  16. Individual differences in cyber security behaviors: an examination of who is sharing passwords.

    PubMed

    Whitty, Monica; Doodson, James; Creese, Sadie; Hodges, Duncan

    2015-01-01

    In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found younger [corrected] people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns.

  17. Authenticity and healing.

    PubMed

    McGee, Michael D

    2014-06-01

    Caring and compassion cannot be faked. These are not actions we perform mechanically but states of being that flow from within to make healing connection with others in need. To be authentically healing requires that we live authentic lives. This paper describes what it means to be authentic from a psychospiritual perspective, discusses the components of authentic caring and ends with an exploration of ways to cultivate the authenticity of our lives in general and in our efforts to heal others.

  18. Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems.

    PubMed

    Islam, S K Hafizul; Khan, Muhammad Khurram

    2014-10-01

    Recently, many authentication protocols have been presented using smartcard for the telecare medicine information system (TMIS). In 2014, Xu et al. put forward a two-factor mutual authentication with key agreement protocol using elliptic curve cryptography (ECC). However, the authors have proved that the protocol is not appropriate for practical use as it has many problems (1) it fails to achieve strong authentication in login and authentication phases; (2) it fails to update the password correctly in the password change phase; (3) it fails to provide the revocation of lost/stolen smartcard; and (4) it fails to protect the strong replay attack. We then devised an anonymous and provably secure two-factor authentication protocol based on ECC. Our protocol is analyzed with the random oracle model and demonstrated to be formally secured against the hardness assumption of computational Diffie-Hellman problem. The performance evaluation demonstrated that our protocol outperforms from the perspective of security, functionality and computation costs over other existing designs.

  19. E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks.

    PubMed

    Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

    2012-01-01

    A wireless medical sensor network (WMSN) can sense humans' physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals' hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients' medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

  20. E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks

    PubMed Central

    Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

    2012-01-01

    A wireless medical sensor network (WMSN) can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs. PMID:22438729

  1. Robust Biometrics Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

    PubMed Central

    Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

    2015-01-01

    Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.’s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes. PMID:25978373

  2. Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

    PubMed

    Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

    2015-01-01

    Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

  3. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

    PubMed

    Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick; Won, Dongho

    2017-01-01

    The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

  4. A Survey of Authentication Schemes in Telecare Medicine Information Systems.

    PubMed

    Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

    2017-01-01

    E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

  5. Data Authentication Demonstration for Radionuclide Stations

    SciTech Connect

    Harris, Mark; Herrington, Pres; Miley, Harry; Ellis, J. Edward; McKinnon, David; St. Pierre, Devon

    1999-08-03

    Data authentication is required for certification of sensor stations in the International Monitoring System (IMS). Authentication capability has been previously demonstrated for continuous waveform stations (seismic and infrasound). This paper addresses data surety for the radionuclide stations in the IMS, in particular the Radionuclide Aerosol Sampler/Analyzer (RASA) system developed by Pacific Northwest National Laboratory (PNNL). Radionuclide stations communicate data by electronic mail using formats defined in IMS 1.0, Formats and Protocols for Messages. An open message authentication standard exists, called S/MIME (Secure/Multipurpose Internet Mail Extensions), which has been proposed for use with all IMS radionuclide station message communications. This standard specifies adding a digital signature and public key certificate as a MIME attachment to the e-mail message. It is advantageous because it allows authentication to be added to all IMS 1.0 messages in a standard format and is commercially supported in e-mail software. For command and control, the RASA system uses a networked Graphical User Interface (GUI) based upon Common Object Request Broker Architecture (CORBA) communications, which requires special authentication procedures. The authors have modified the RASA system to meet CTBTO authentication guidelines, using a FORTEZZA card for authentication functions. They demonstrated signing radionuclide data messages at the RASA, then sending, receiving, and verifying the messages at a data center. They demonstrated authenticating command messages and responses from the data center GUI to the RASA. Also, the particular authentication system command to change the private/public key pair and retrieve the new public key was demonstrated. This work shows that data surety meeting IMS guidelines may be immediately applied to IMS radionuclide systems.

  6. Graphic Arts.

    ERIC Educational Resources Information Center

    Towler, Alan L.

    This guide to teaching graphic arts, one in a series of instructional materials for junior high industrial arts education, is designed to assist teachers as they plan and implement new courses of study and as they make revisions and improvements in existing courses in order to integrate classroom learning with real-life experiences. This graphic…

  7. Graphic Arts.

    ERIC Educational Resources Information Center

    Towler, Alan L.

    This guide to teaching graphic arts, one in a series of instructional materials for junior high industrial arts education, is designed to assist teachers as they plan and implement new courses of study and as they make revisions and improvements in existing courses in order to integrate classroom learning with real-life experiences. This graphic…

  8. Computer graphics and the graphic artist

    NASA Technical Reports Server (NTRS)

    Taylor, N. L.; Fedors, E. G.; Pinelli, T. E.

    1985-01-01

    A centralized computer graphics system is being developed at the NASA Langley Research Center. This system was required to satisfy multiuser needs, ranging from presentation quality graphics prepared by a graphic artist to 16-mm movie simulations generated by engineers and scientists. While the major thrust of the central graphics system was directed toward engineering and scientific applications, hardware and software capabilities to support the graphic artists were integrated into the design. This paper briefly discusses the importance of computer graphics in research; the central graphics system in terms of systems, software, and hardware requirements; the application of computer graphics to graphic arts, discussed in terms of the requirements for a graphic arts workstation; and the problems encountered in applying computer graphics to the graphic arts. The paper concludes by presenting the status of the central graphics system.

  9. Computer graphics and the graphic artist

    NASA Technical Reports Server (NTRS)

    Taylor, N. L.; Fedors, E. G.; Pinelli, T. E.

    1985-01-01

    A centralized computer graphics system is being developed at the NASA Langley Research Center. This system was required to satisfy multiuser needs, ranging from presentation quality graphics prepared by a graphic artist to 16-mm movie simulations generated by engineers and scientists. While the major thrust of the central graphics system was directed toward engineering and scientific applications, hardware and software capabilities to support the graphic artists were integrated into the design. This paper briefly discusses the importance of computer graphics in research; the central graphics system in terms of systems, software, and hardware requirements; the application of computer graphics to graphic arts, discussed in terms of the requirements for a graphic arts workstation; and the problems encountered in applying computer graphics to the graphic arts. The paper concludes by presenting the status of the central graphics system.

  10. How Strong are Passwords Used to Protect Personal Health Information in Clinical Trials?

    PubMed Central

    Moreau, Katherine; Jonker, Elizabeth

    2011-01-01

    Background Findings and statements about how securely personal health information is managed in clinical research are mixed. Objective The objective of our study was to evaluate the security of practices used to transfer and share sensitive files in clinical trials. Methods Two studies were performed. First, 15 password-protected files that were transmitted by email during regulated Canadian clinical trials were obtained. Commercial password recovery tools were used on these files to try to crack their passwords. Second, interviews with 20 study coordinators were conducted to understand file-sharing practices in clinical trials for files containing personal health information. Results We were able to crack the passwords for 93% of the files (14/15). Among these, 13 files contained thousands of records with sensitive health information on trial participants. The passwords tended to be relatively weak, using common names of locations, animals, car brands, and obvious numeric sequences. Patient information is commonly shared by email in the context of query resolution. Files containing personal health information are shared by email and, by posting them on shared drives with common passwords, to facilitate collaboration. Conclusion If files containing sensitive patient information must be transferred by email, mechanisms to encrypt them and to ensure that password strength is high are necessary. More sophisticated collaboration tools are required to allow file sharing without password sharing. We provide recommendations to implement these practices. PMID:21317106

  11. How strong are passwords used to protect personal health information in clinical trials?

    PubMed

    El Emam, Khaled; Moreau, Katherine; Jonker, Elizabeth

    2011-02-11

    Findings and statements about how securely personal health information is managed in clinical research are mixed. The objective of our study was to evaluate the security of practices used to transfer and share sensitive files in clinical trials. Two studies were performed. First, 15 password-protected files that were transmitted by email during regulated Canadian clinical trials were obtained. Commercial password recovery tools were used on these files to try to crack their passwords. Second, interviews with 20 study coordinators were conducted to understand file-sharing practices in clinical trials for files containing personal health information. We were able to crack the passwords for 93% of the files (14/15). Among these, 13 files contained thousands of records with sensitive health information on trial participants. The passwords tended to be relatively weak, using common names of locations, animals, car brands, and obvious numeric sequences. Patient information is commonly shared by email in the context of query resolution. Files containing personal health information are shared by email and, by posting them on shared drives with common passwords, to facilitate collaboration. If files containing sensitive patient information must be transferred by email, mechanisms to encrypt them and to ensure that password strength is high are necessary. More sophisticated collaboration tools are required to allow file sharing without password sharing. We provide recommendations to implement these practices.

  12. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

    PubMed

    Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-06-23

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

  13. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

    PubMed Central

    Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-01-01

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

  14. Setting a disordered password on a photonic memory

    NASA Astrophysics Data System (ADS)

    Su, Shih-Wei; Gou, Shih-Chuan; Chew, Lock Yue; Chang, Yu-Yen; Yu, Ite A.; Kalachev, Alexey; Liao, Wen-Te

    2017-06-01

    An all-optical method of setting a disordered password on different schemes of photonic memory is theoretically studied. While photons are regarded as ideal information carriers, it is imperative to implement such data protection on all-optical storage. However, we wish to address the intrinsic risk of data breaches in existing schemes of photonic memory. We theoretically demonstrate a protocol using spatially disordered laser fields to encrypt data stored on an optical memory, namely, encrypted photonic memory. To address the broadband storage, we also investigate a scheme of disordered echo memory with a high fidelity approaching unity. The proposed method increases the difficulty for the eavesdropper to retrieve the stored photon without the preset password even when the randomized and stored photon state is nearly perfectly cloned. Our results pave ways to significantly reduce the exposure of memories, required for long-distance communication, to eavesdropping and therefore restrict the optimal attack on communication protocols. The present scheme also increases the sensitivity of detecting any eavesdropper and so raises the security level of photonic information technology.

  15. Defining Authentic Classroom Assessment

    ERIC Educational Resources Information Center

    Frey, Bruce B.; Schmitt, Vicki L.; Allen, Justin P.

    2012-01-01

    A commonly advocated best practice for classroom assessment is to make the assessments authentic. Authentic is often used as meaning the mirroring of real-world tasks or expectations. There is no consensus, however, in the actual definition of the term or the characteristics of an authentic classroom assessment. Sometimes, the realistic component…

  16. Authentic Assessment, Professional's Guide.

    ERIC Educational Resources Information Center

    Ryan, Concetta Doti

    Authentic assessment is the process of gathering evidence and documenting student learning and growth in an authentic context. Authentic assessment can do a better job than more traditional forms of assessment in informing educators and parents about a student's real achievement. The first chapter of this book presents an overview of authentic…

  17. Authenticity in Adult Learning

    ERIC Educational Resources Information Center

    Ashton, Sam

    2010-01-01

    This paper is concerned with the relationship between authenticity and adult learning and prompted by some studies in which adult "authentic learning" is a central concept. The implication revealed by them is that real-worldness of learning contexts, learning content and learning tasks is perceived as conferring authenticity on learning. Here,…

  18. Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks.

    PubMed

    Park, YoHan; Park, YoungHo

    2016-12-14

    Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.'s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment.

  19. A more secure anonymous user authentication scheme for the integrated EPR information system.

    PubMed

    Wen, Fengtong

    2014-05-01

    Secure and efficient user mutual authentication is an essential task for integrated electronic patient record (EPR) information system. Recently, several authentication schemes have been proposed to meet this requirement. In a recent paper, Lee et al. proposed an efficient and secure password-based authentication scheme used smart cards for the integrated EPR information system. This scheme is believed to have many abilities to resist a range of network attacks. Especially, they claimed that their scheme could resist lost smart card attack. However, we reanalyze the security of Lee et al.'s scheme, and show that it fails to protect off-line password guessing attack if the secret information stored in the smart card is compromised. This also renders that their scheme is insecure against user impersonation attacks. Then, we propose a new user authentication scheme for integrated EPR information systems based on the quadratic residues. The new scheme not only resists a range of network attacks but also provides user anonymity. We show that our proposed scheme can provide stronger security.

  20. An improved authenticated key agreement protocol for telecare medicine information system.

    PubMed

    Liu, Wenhao; Xie, Qi; Wang, Shengbao; Hu, Bin

    2016-01-01

    In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.'s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user's identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient's identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.'s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif.

  1. A user anonymity preserving three-factor authentication scheme for telecare medicine information systems.

    PubMed

    Tan, Zuowen

    2014-03-01

    The telecare medicine information system enables the patients gain health monitoring at home and access medical services over internet or mobile networks. In recent years, the schemes based on cryptography have been proposed to address the security and privacy issues in the telecare medicine information systems. However, many schemes are insecure or they have low efficiency. Recently, Awasthi and Srivastava proposed a three-factor authentication scheme for telecare medicine information systems. In this paper, we show that their scheme is vulnerable to the reflection attacks. Furthermore, it fails to provide three-factor security and the user anonymity. We propose a new three-factor authentication scheme for the telecare medicine information systems. Detailed analysis demonstrates that the proposed scheme provides mutual authentication, server not knowing password and freedom of password, biometric update and three-factor security. Moreover, the new scheme provides the user anonymity. As compared with the previous three-factor authentication schemes, the proposed scheme is more secure and practical.

  2. Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks

    PubMed Central

    Park, YoHan; Park, YoungHo

    2016-01-01

    Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.’s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment. PMID:27983616

  3. Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.

    PubMed

    Yau, Wei-Chuen; Phan, Raphael C-W

    2013-12-01

    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

  4. Security analysis and improvement of a privacy authentication scheme for telecare medical information systems.

    PubMed

    Wu, Fan; Xu, Lili

    2013-08-01

    Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.'s. However, we have showed that Jiang et al.'s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user's smart card. Also, it can't resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients' past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.'s scheme and is practical for TMIS.

  5. Authentication of byte sequences

    SciTech Connect

    Stearns, S.D.

    1991-06-01

    Algorithms for the authentication of byte sequences are described. The algorithms are designed to authenticate data in the Storage, Retrieval, Analysis, and Display (SRAD) Test Data Archive of the Radiation Effects and Testing Directorate (9100) at Sandia National Laboratories, and may be used in similar situations where authentication of stored data is required. The algorithms use a well-known error detection method called the Cyclic Redundancy Check (CRC). When a byte sequence is authenticated and stored, CRC bytes are generated and attached to the end of the sequence. When the authenticated data is retrieved, the authentication check consists of processing the entire sequence, including the CRC bytes, and checking for a remainder of zero. The error detection properties of the CRC are extensive and result in a reliable authentication of SRAD data.

  6. Multi-factor authentication

    DOEpatents

    Hamlet, Jason R; Pierson, Lyndon G

    2014-10-21

    Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.

  7. Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

    PubMed

    Islam, S K Hafizul; Khan, Muhammad Khurram; Li, Xiong

    2015-01-01

    Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

  8. Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

    PubMed Central

    Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

    2015-01-01

    Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

  9. Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

    PubMed Central

    Lee, Youngsook; Paik, Juryon

    2014-01-01

    An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme. PMID:25302330

  10. A Secure User Anonymity and Authentication Scheme Using AVISPA for Telecare Medical Information Systems.

    PubMed

    Mir, Omid; van der Weide, Theo; Lee, Cheng-Chi

    2015-09-01

    Telecare medicine information systems (TMIS) have been known as an effective mechanism to increase quality and security of healthcare services. In other to the protection of patient privacy, several authentication schemes have been proposed in TMIS, however, most of them have a security problems. Recently, Das proposed a secure and robust password-based remote user authentication scheme for the integrated EPR information system. However, in this paper, we show that his scheme have some security flaws. Then, we shall propose a secure authentication scheme to overcome their weaknesses. We prove the proposed scheme with random oracle and also use the BAN logic to prove the correctness of the proposed scheme. Furthermore, we simulate our scheme for the formal security analysis using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool.

  11. Security analysis and improvement of an anonymous authentication scheme for roaming services.

    PubMed

    Lee, Youngsook; Paik, Juryon

    2014-01-01

    An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme.

  12. Research on user behavior authentication model based on stochastic Petri nets

    NASA Astrophysics Data System (ADS)

    Zhang, Chengyuan; Xu, Haishui

    2017-08-01

    A behavioural authentication model based on stochastic Petri net is proposed to meet the randomness, uncertainty and concurrency characteristics of user behaviour. The use of random models in the location, changes, arc and logo to describe the characteristics of a variety of authentication and game relationships, so as to effectively implement the graphical user behaviour authentication model analysis method, according to the corresponding proof to verify the model is valuable.

  13. On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

    PubMed

    Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

    2015-08-01

    Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

  14. Multi-factor challenge/response approach for remote biometric authentication

    NASA Astrophysics Data System (ADS)

    Al-Assam, Hisham; Jassim, Sabah A.

    2011-06-01

    Although biometric authentication is perceived to be more reliable than traditional authentication schemes, it becomes vulnerable to many attacks when it comes to remote authentication over open networks and raises serious privacy concerns. This paper proposes a biometric-based challenge-response approach to be used for remote authentication between two parties A and B over open networks. In the proposed approach, a remote authenticator system B (e.g. a bank) challenges its client A who wants to authenticate his/her self to the system by sending a one-time public random challenge. The client A responds by employing the random challenge along with secret information obtained from a password and a token to produce a one-time cancellable representation of his freshly captured biometric sample. The one-time biometric representation, which is based on multi-factor, is then sent back to B for matching. Here, we argue that eavesdropping of the one-time random challenge and/or the resulting one-time biometric representation does not compromise the security of the system, and no information about the original biometric data is leaked. In addition to securing biometric templates, the proposed protocol offers a practical solution for the replay attack on biometric systems. Moreover, we propose a new scheme for generating a password-based pseudo random numbers/permutation to be used as a building block in the proposed approach. The proposed scheme is also designed to provide protection against repudiation. We illustrate the viability and effectiveness of the proposed approach by experimental results based on two biometric modalities: fingerprint and face biometrics.

  15. Optical image encryption using password key based on phase retrieval algorithm

    NASA Astrophysics Data System (ADS)

    Zhao, Tieyu; Ran, Qiwen; Yuan, Lin; Chi, Yingying; Ma, Jing

    2016-04-01

    A novel optical image encryption system is proposed using password key based on phase retrieval algorithm (PRA). In the encryption process, a shared image is taken as a symmetric key and the plaintext is encoded into the phase-only mask based on the iterative PRA. The linear relationship between the plaintext and ciphertext is broken using the password key, which can resist the known plaintext attack. The symmetric key and the retrieved phase are imported into the input plane and Fourier plane of 4f system during the decryption, respectively, so as to obtain the plaintext on the CCD. Finally, we analyse the key space of the password key, and the results show that the proposed scheme can resist a brute force attack due to the flexibility of the password key.

  16. What Is the PE Password? Incorporating Vocabulary in Your Elementary PE Program

    ERIC Educational Resources Information Center

    Robelee, Margaret E.

    2016-01-01

    This article describes a novel program for third through fifth grade called "What is the PE Password?" that teaches vocabulary words and concepts without sacrificing activity time in order to support Common Core learning.

  17. What Is the PE Password? Incorporating Vocabulary in Your Elementary PE Program

    ERIC Educational Resources Information Center

    Robelee, Margaret E.

    2016-01-01

    This article describes a novel program for third through fifth grade called "What is the PE Password?" that teaches vocabulary words and concepts without sacrificing activity time in order to support Common Core learning.

  18. Design Graphics

    NASA Technical Reports Server (NTRS)

    1990-01-01

    A mathematician, David R. Hedgley, Jr. developed a computer program that considers whether a line in a graphic model of a three-dimensional object should or should not be visible. Known as the Hidden Line Computer Code, the program automatically removes superfluous lines and displays an object from a specific viewpoint, just as the human eye would see it. An example of how one company uses the program is the experience of Birdair which specializes in production of fabric skylights and stadium covers. The fabric called SHEERFILL is a Teflon coated fiberglass material developed in cooperation with DuPont Company. SHEERFILL glazed structures are either tension structures or air-supported tension structures. Both are formed by patterned fabric sheets supported by a steel or aluminum frame or cable network. Birdair uses the Hidden Line Computer Code, to illustrate a prospective structure to an architect or owner. The program generates a three- dimensional perspective with the hidden lines removed. This program is still used by Birdair and continues to be commercially available to the public.

  19. Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

    PubMed

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

    2014-05-01

    Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

  20. A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.

    PubMed

    Chaudhry, Shehzad Ashraf; Khan, Muhammad Tawab; Khan, Muhammad Khurram; Shon, Taeshik

    2016-11-01

    Recently several authentication schemes are proposed for telecare medicine information system (TMIS). Many of such schemes are proved to have weaknesses against known attacks. Furthermore, numerous such schemes cannot be used in real time scenarios. Because they assume a single server for authentication across the globe. Very recently, Amin et al. (J. Med. Syst. 39(11):180, 2015) designed an authentication scheme for secure communication between a patient and a medical practitioner using a trusted central medical server. They claimed their scheme to extend all security requirements and emphasized the efficiency of their scheme. However, the analysis in this article proves that the scheme designed by Amin et al. is vulnerable to stolen smart card and stolen verifier attacks. Furthermore, their scheme is having scalability issues along with inefficient password change and password recovery phases. Then we propose an improved scheme. The proposed scheme is more practical, secure and lightweight than Amin et al.'s scheme. The security of proposed scheme is proved using the popular automated tool ProVerif.

  1. A user authentication scheme using physiological and behavioral biometrics for multitouch devices.

    PubMed

    Koong, Chorng-Shiuh; Yang, Tzu-I; Tseng, Chien-Chao

    2014-01-01

    With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage.

  2. Two-factor authentication system based on optical interference and one-way hash function

    NASA Astrophysics Data System (ADS)

    He, Wenqi; Peng, Xiang; Meng, Xiangfeng; Liu, Xiaoli

    2012-10-01

    We present a two-factor authentication method to verify the personal identification who tries to access an optoelectronic system. This method is based on the optical interference principle and the traditional one-way Hash function (e.g. MD5). The authentication process is straightforward, the phase key and the password-controlled phase lock of one user are loading on two Spatial Light Modulators (SLMs) in advance, by which two coherent beams are modulated and then interference with each other at the output plane leading to an output image. By comparing the output image with all the standard certification images in the database, the system can thus verify the user's identity. However, the system designing process involves an iterative Modified Phase Retrieval Algorithm (MPRA). For an uthorized user, a phase lock is first created based on a "Digital Fingerprint (DF)", which is the result of a Hash function on a preselected user password. The corresponding phase key can then be determined by use of the phase lock and a designated standard certification image. Note that the encode/design process can only be realized by digital means while the authentication process could be achieved digitally or optically. Computer simulations were also given to validate the proposed approach.

  3. A User Authentication Scheme Using Physiological and Behavioral Biometrics for Multitouch Devices

    PubMed Central

    Koong, Chorng-Shiuh; Tseng, Chien-Chao

    2014-01-01

    With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage. PMID:25147864

  4. Decolonizing Researcher Authenticity

    ERIC Educational Resources Information Center

    Daza, Stephanie Lynn

    2008-01-01

    This article examines the ways in which researcher authenticity is negotiated along three axes of difference, ethno-linguistic affiliation, sexual orientation and race/skin color. Ultimately, it analyzes how researcher authenticity is produced and played out within research, via interactions between participants, researchers and others who…

  5. Decolonizing Researcher Authenticity

    ERIC Educational Resources Information Center

    Daza, Stephanie Lynn

    2008-01-01

    This article examines the ways in which researcher authenticity is negotiated along three axes of difference, ethno-linguistic affiliation, sexual orientation and race/skin color. Ultimately, it analyzes how researcher authenticity is produced and played out within research, via interactions between participants, researchers and others who…

  6. Developing (Authentic?) Academic Writers

    ERIC Educational Resources Information Center

    Badley, Graham

    2008-01-01

    Purpose: This paper seeks to consider whether the notion of authenticity is useful or meaningful in the context of developing academics as writers. Design/methodology/approach: The approach taken is that of a reflective essay. Recent texts on authenticity in higher education are examined whilst a transactional theory of writing is also considered…

  7. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

    PubMed

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-03-21

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

  8. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

    PubMed Central

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-01-01

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al’s method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration. PMID:28335572

  9. A Distributed Password Scheme for Network Operating Systems

    DTIC Science & Technology

    2002-06-01

    Though most literature calls this encryption, cryptographers call this encoding, since the encoded string is all null. The salt is a two-character... literature (e.g., Supercalifrajalisticexpialidocious!!!!!!) The more cumbersome authentication method also increases the risk of a user writing down the...Markoff, John. (1991). Cyberpunk , Outlaws and Hackers on the Computer Frontier. New York, NY: Touchstone, 1991. [5] Stoll, Clifford. (1989

  10. An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity

    PubMed Central

    Kumari, Saru

    2013-01-01

    The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An's scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An's scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability. PMID:24350272

  11. An improved biometrics-based remote user authentication scheme with user anonymity.

    PubMed

    Khan, Muhammad Khurram; Kumari, Saru

    2013-01-01

    The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An's scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An's scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

  12. Secure access to patient's health records using SpeechXRays a mutli-channel biometrics platform for user authentication.

    PubMed

    Spanakis, Emmanouil G; Spanakis, Marios; Karantanas, Apostolos; Marias, Kostas

    2016-08-01

    The most commonly used method for user authentication in ICT services or systems is the application of identification tools such as passwords or personal identification numbers (PINs). The rapid development in ICT technology regarding smart devices (laptops, tablets and smartphones) has allowed also the advance of hardware components that capture several biometric traits such as fingerprints and voice. These components are aiming among others to overcome weaknesses and flaws of password usage under the prism of improved user authentication with higher level of security, privacy and usability. To this respect, the potential application of biometrics for secure user authentication regarding access in systems with sensitive data (i.e. patient's data from electronic health records) shows great potentials. SpeechXRays aims to provide a user recognition platform based on biometrics of voice acoustics analysis and audio-visual identity verification. Among others, the platform aims to be applied as an authentication tool for medical personnel in order to gain specific access to patient's electronic health records. In this work a short description of SpeechXrays implementation tool regarding eHealth is provided and analyzed. This study explores security and privacy issues, and offers a comprehensive overview of biometrics technology applications in addressing the e-Health security challenges. We present and describe the necessary requirement for an eHealth platform concerning biometric security.

  13. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

    PubMed

    Arshad, Hamed; Rasoolzadegan, Abbas

    2016-11-01

    Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

  14. Authenticity and Constructivism in Education

    ERIC Educational Resources Information Center

    Splitter, Laurance J.

    2009-01-01

    This paper examines the concept of authenticity and its relevance in education, from a philosophical perspective. Under the heading of educational authenticity (EA), I critique Fred Newmann's views on authentic pedagogy and intellectual work. I argue against the notion that authentic engagement is usefully analyzed in terms of a relationship…

  15. Authenticity and Constructivism in Education

    ERIC Educational Resources Information Center

    Splitter, Laurance J.

    2009-01-01

    This paper examines the concept of authenticity and its relevance in education, from a philosophical perspective. Under the heading of educational authenticity (EA), I critique Fred Newmann's views on authentic pedagogy and intellectual work. I argue against the notion that authentic engagement is usefully analyzed in terms of a relationship…

  16. CUE: counterfeit-resistant usable eye movement-based authentication via oculomotor plant characteristics and complex eye movement patterns

    NASA Astrophysics Data System (ADS)

    Komogortsev, Oleg V.; Karpov, Alexey; Holland, Corey D.

    2012-06-01

    The widespread use of computers throughout modern society introduces the necessity for usable and counterfeit-resistant authentication methods to ensure secure access to personal resources such as bank accounts, e-mail, and social media. Current authentication methods require tedious memorization of lengthy pass phrases, are often prone to shouldersurfing, and may be easily replicated (either by counterfeiting parts of the human body or by guessing an authentication token based on readily available information). This paper describes preliminary work toward a counterfeit-resistant usable eye movement-based (CUE) authentication method. CUE does not require any passwords (improving the memorability aspect of the authentication system), and aims to provide high resistance to spoofing and shoulder-surfing by employing the combined biometric capabilities of two behavioral biometric traits: 1) oculomotor plant characteristics (OPC) which represent the internal, non-visible, anatomical structure of the eye; 2) complex eye movement patterns (CEM) which represent the strategies employed by the brain to guide visual attention. Both OPC and CEM are extracted from the eye movement signal provided by an eye tracking system. Preliminary results indicate that the fusion of OPC and CEM traits is capable of providing a 30% reduction in authentication error when compared to the authentication accuracy of individual traits.

  17. Quantum deniable authentication protocol

    NASA Astrophysics Data System (ADS)

    Shi, Wei-Min; Zhou, Yi-Hua; Yang, Yu-Guang

    2014-07-01

    The proposed quantum identity authentication schemes only involved authentication between two communicators, but communications with deniability capability are often desired in electronic applications such as online negotiation and electronic voting. In this paper, we proposed a quantum deniable authentication protocol. According to the property of unitary transformation and quantum one-way function, this protocol can provide that only the specified receiver can identify the true source of a given message and the specified receiver cannot prove the source of the message to a third party by a transcript simulation algorithm. Moreover, the quantum key distribution and quantum encryption algorithm guarantee the unconditional security of this scheme. Security analysis results show that this protocol satisfies the basic security requirements of deniable authentication protocol such as completeness and deniability and can withstand the forgery attack, impersonation attack, inter-resend attack.

  18. Authenticity in Anatomy Art.

    PubMed

    Adkins, Jessica

    2017-01-12

    The aim of this paper is to observe the evolution and evaluate the 'realness' and authenticity in Anatomy Art, an art form I define as one which incorporates accurate anatomical representations of the human body with artistic expression. I examine the art of 17th century wax anatomical models, the preservations of Frederik Ruysch, and Gunther von Hagens' Body Worlds plastinates, giving consideration to authenticity of both body and art. I give extra consideration to the works of Body Worlds since the exhibit creator believes he has created anatomical specimens with more educational value and bodily authenticity than ever before. Ultimately, I argue that von Hagens fails to offer Anatomy Art 'real human bodies,' and that the lack of bodily authenticity of his plastinates results in his creations being less pedagogic than he claims.

  19. Authentication of quantum messages.

    SciTech Connect

    Barnum, Howard; Crépeau, Jean-Claude; Gottesman, D.; Smith, A.; Tapp, Alan

    2001-01-01

    Authentication is a well-studied area of classical cryptography: a sender A and a receiver B sharing a classical private key want to exchange a classical message with the guarantee that the message has not been modified or replaced by a dishonest party with control of the communication line. In this paper we study the authentication of messages composed of quantum states. We give a formal definition of authentication in the quantum setting. Assuming A and B have access to an insecure quantum channel and share a private, classical random key, we provide a non-interactive scheme that both enables A to encrypt and authenticate (with unconditional security) an m qubit message by encoding it into m + s qubits, where the probability decreases exponentially in the security parameter s. The scheme requires a private key of size 2m + O(s). To achieve this, we give a highly efficient protocol for testing the purity of shared EPR pairs. It has long been known that learning information about a general quantum state will necessarily disturb it. We refine this result to show that such a disturbance can be done with few side effects, allowing it to circumvent cryptographic protections. Consequently, any scheme to authenticate quantum messages must also encrypt them. In contrast, no such constraint exists classically: authentication and encryption are independent tasks, and one can authenticate a message while leaving it publicly readable. This reasoning has two important consequences: On one hand, it allows us to give a lower bound of 2m key bits for authenticating m qubits, which makes our protocol asymptotically optimal. On the other hand, we use it to show that digitally signing quantum states is impossible, even with only computational security.

  20. Secure authenticated video equipment

    SciTech Connect

    Doren, N.E.

    1993-07-01

    In the verification technology arena, there is a pressing need for surveillance and monitoring equipment that produces authentic, verifiable records of observed activities. Such a record provides the inspecting party with confidence that observed activities occurred as recorded, without undetected tampering or spoofing having taken place. The secure authenticated video equipment (SAVE) system provides an authenticated series of video images of an observed activity. Being self-contained and portable, it can be installed as a stand-alone surveillance system or used in conjunction with existing monitoring equipment in a non-invasive manner. Security is provided by a tamper-proof camera enclosure containing a private, electronic authentication key. Video data is transferred communication link consisting of a coaxial cable, fiber-optic link or other similar media. A video review station, located remotely from the camera, receives, validates, displays and stores the incoming data. Video data is validated within the review station using a public key, a copy of which is held by authorized panics. This scheme allows the holder of the public key to verify the authenticity of the recorded video data but precludes undetectable modification of the data generated by the tamper-protected private authentication key.

  1. An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

    PubMed Central

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-01-01

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged. PMID:23887085

  2. An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

    PubMed

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-07-24

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

  3. Secure verifier-based three-party authentication schemes without server public keys for data exchange in telecare medicine information systems.

    PubMed

    Lin, Tsung-Hung; Lee, Tian-Fu

    2014-05-01

    Secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems enables two users only store their verifiers computed from their actual password in authentication server's database. Then the authentication server can verify the users' verifiers and help them to exchange electronic medical records or electronic health records securely and conveniently. This investigation presents an efficient and secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems. The proposed scheme does not use server's public keys and includes the key confirmation without extra numbers of messages and rounds. Compared to related verified-based approaches, the proposed scheme possesses higher security, has lower computational cost and fewer transmissions, and thus is suitable for the telecare medicine information systems.

  4. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’

    PubMed Central

    Khan, Muhammad Khurram; Alghathbar, Khaled

    2010-01-01

    User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs. PMID:22294935

  5. Cryptanalysis and security improvements of 'two-factor user authentication in wireless sensor networks'.

    PubMed

    Khan, Muhammad Khurram; Alghathbar, Khaled

    2010-01-01

    User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

  6. A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    PubMed

    Chang, Ya-Fen; Yu, Shih-Hui; Shiao, Ding-Rui

    2013-04-01

    Connected health care provides new opportunities for improving financial and clinical performance. Many connected health care applications such as telecare medicine information system, personally controlled health records system, and patient monitoring have been proposed. Correct and quality care is the goal of connected heath care, and user authentication can ensure the legality of patients. After reviewing authentication schemes for connected health care applications, we find that many of them cannot protect patient privacy such that others can trace users/patients by the transmitted data. And the verification tokens used by these authentication schemes to authenticate users or servers are only password, smart card and RFID tag. Actually, these verification tokens are not unique and easy to copy. On the other hand, biometric characteristics, such as iris, face, voiceprint, fingerprint and so on, are unique, easy to be verified, and hard to be copied. In this paper, a biometrics-based user authentication scheme will be proposed to ensure uniqueness and anonymity at the same time. With the proposed scheme, only the legal user/patient himself/herself can access the remote server, and no one can trace him/her according to transmitted data.

  7. Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

    PubMed

    Mishra, Dheerendra

    2015-03-01

    Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

  8. An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks.

    PubMed

    Chung, Youngseok; Choi, Seokjin; Lee, Youngsook; Park, Namje; Won, Dongho

    2016-10-07

    More security concerns and complicated requirements arise in wireless sensor networks than in wired networks, due to the vulnerability caused by their openness. To address this vulnerability, anonymous authentication is an essential security mechanism for preserving privacy and providing security. Over recent years, various anonymous authentication schemes have been proposed. Most of them reveal both strengths and weaknesses in terms of security and efficiency. Recently, Farash et al. proposed a lightweight anonymous authentication scheme in ubiquitous networks, which remedies the security faults of previous schemes. However, their scheme still suffers from certain weaknesses. In this paper, we prove that Farash et al.'s scheme fails to provide anonymity, authentication, or password replacement. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Considering the limited capability of sensor nodes, we utilize only low-cost functions, such as one-way hash functions and bit-wise exclusive-OR operations. The security and lightness of the proposed scheme mean that it can be applied to roaming service in localized domains of wireless sensor networks, to provide anonymous authentication of sensor nodes.

  9. An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks

    PubMed Central

    Chung, Youngseok; Choi, Seokjin; Lee, Youngsook; Park, Namje; Won, Dongho

    2016-01-01

    More security concerns and complicated requirements arise in wireless sensor networks than in wired networks, due to the vulnerability caused by their openness. To address this vulnerability, anonymous authentication is an essential security mechanism for preserving privacy and providing security. Over recent years, various anonymous authentication schemes have been proposed. Most of them reveal both strengths and weaknesses in terms of security and efficiency. Recently, Farash et al. proposed a lightweight anonymous authentication scheme in ubiquitous networks, which remedies the security faults of previous schemes. However, their scheme still suffers from certain weaknesses. In this paper, we prove that Farash et al.’s scheme fails to provide anonymity, authentication, or password replacement. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Considering the limited capability of sensor nodes, we utilize only low-cost functions, such as one-way hash functions and bit-wise exclusive-OR operations. The security and lightness of the proposed scheme mean that it can be applied to roaming service in localized domains of wireless sensor networks, to provide anonymous authentication of sensor nodes. PMID:27739417

  10. A novel biometric authentication approach using ECG and EMG signals.

    PubMed

    Belgacem, Noureddine; Fournier, Régis; Nait-Ali, Amine; Bereksi-Reguig, Fethi

    2015-05-01

    Security biometrics is a secure alternative to traditional methods of identity verification of individuals, such as authentication systems based on user name and password. Recently, it has been found that the electrocardiogram (ECG) signal formed by five successive waves (P, Q, R, S and T) is unique to each individual. In fact, better than any other biometrics' measures, it delivers proof of subject's being alive as extra information which other biometrics cannot deliver. The main purpose of this work is to present a low-cost method for online acquisition and processing of ECG signals for person authentication and to study the possibility of providing additional information and retrieve personal data from an electrocardiogram signal to yield a reliable decision. This study explores the effectiveness of a novel biometric system resulting from the fusion of information and knowledge provided by ECG and EMG (Electromyogram) physiological recordings. It is shown that biometrics based on these ECG/EMG signals offers a novel way to robustly authenticate subjects. Five ECG databases (MIT-BIH, ST-T, NSR, PTB and ECG-ID) and several ECG signals collected in-house from volunteers were exploited. A palm-based ECG biometric system was developed where the signals are collected from the palm of the subject through a minimally intrusive one-lead ECG set-up. A total of 3750 ECG beats were used in this work. Feature extraction was performed on ECG signals using Fourier descriptors (spectral coefficients). Optimum-Path Forest classifier was used to calculate the degree of similarity between individuals. The obtained results from the proposed approach look promising for individuals' authentication.

  11. Foiling the cracker: A survey of, and improvements to, password security

    SciTech Connect

    Klein, D.V.

    1992-03-01

    With the rapid burgeoning of national and international networks, the question of system security has become one of growing importance. High speed inter-machine communication and even higher speed computational processors have made the threats of system {open_quotes}crackers,{close_quotes} data theft, and data corruption very real. This paper outlines some of the problems of current password security by demonstrating the ease by which individual accounts may be broken. Various techniques used by crackers are outlined, and finally one solution to this point of system vulnerability, a proactive password checker, is proposed. 11 refs., 2 tabs.

  12. A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    PubMed

    Das, Ashok Kumar; Goswami, Adrijit

    2013-06-01

    Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

  13. A Web Graphics Primer.

    ERIC Educational Resources Information Center

    Buchanan, Larry

    1999-01-01

    Discusses the basic technical concepts of using graphics in World Wide Web pages, including: color depth and dithering, dots-per-inch, image size, file types, Graphics Interchange Formats (GIFs), Joint Photographic Experts Group (JPEG), format, and software recommendations. (AEF)

  14. Repellency Awareness Graphic

    EPA Pesticide Factsheets

    Companies can apply to use the voluntary new graphic on product labels of skin-applied insect repellents. This graphic is intended to help consumers easily identify the protection time for mosquitoes and ticks and select appropriately.

  15. Authentication Without Secrets

    SciTech Connect

    Pierson, Lyndon G.; Robertson, Perry J.

    2015-11-01

    This work examines a new approach to authentication, which is the most fundamental security primitive that underpins all cyber security protections. Current Internet authentication techniques require the protection of one or more secret keys along with the integrity protection of the algorithms/computations designed to prove possession of the secret without actually revealing it. Protecting a secret requires physical barriers or encryption with yet another secret key. The reason to strive for "Authentication without Secret Keys" is that protecting secrets (even small ones only kept in a small corner of a component or device) is much harder than protecting the integrity of information that is not secret. Promising methods are examined for authentication of components, data, programs, network transactions, and/or individuals. The successful development of authentication without secret keys will enable far more tractable system security engineering for high exposure, high consequence systems by eliminating the need for brittle protection mechanisms to protect secret keys (such as are now protected in smart cards, etc.). This paper is a re-release of SAND2009-7032 with new figures numerous edits.

  16. TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones

    NASA Astrophysics Data System (ADS)

    Nauman, Mohammad; Ali, Tamleek

    Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services.

  17. Information barriers and authentication.

    SciTech Connect

    MacArthur, D. W.; Wolford, J. K.

    2001-01-01

    Acceptance of nuclear materials into a monitoring regime is complicated if the materials are in classified shapes or have classified composition. An attribute measurement system with an information barrier can be emplo,yed to generate an unclassified display from classified measurements. This information barrier must meet two criteria: (1) classified information cannot be released to the monitoring party, and (2) the monitoring party must be convinced that the unclassified output accurately represents the classified input. Criterion 1 is critical to the host country to protect the classified information. Criterion 2 is critical to the monitoring party and is often termed the 'authentication problem.' Thus, the necessity for authentication of a measurement system with an information barrier stems directly from the description of a useful information barrier. Authentication issues must be continually addressed during the entire development lifecycle of the measurement system as opposed to being applied only after the system is built.

  18. An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

    PubMed

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

    2015-11-01

    In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

  19. A password for species recognition in a brood-parasitic bird.

    PubMed

    Hauber, M E; Russo, S A; Sherman, P W

    2001-05-22

    Recognition of conspecifics is an essential precursor of sexual reproduction. Most mammals and birds learn salient features of their parents or siblings early in ontogeny and later recognize individuals whose phenotypes match the mental image (template) of relatives closely enough as conspecifics. However, the young of brood parasites are reared among heterospecifics, so social learning will yield inappropriate species recognition templates. Initially, it was inferred that conspecific recognition in brood parasites depended on genetically determined templates. More recently it was demonstrated that learning plays a critical role in the development of parasites' social preferences. Here we propose a mechanism that accommodates the interaction of learned and genetic components of recognition. We suggest that conspecific recognition is initiated when a young parasite encounters some unique species-specific signal or "password" (e.g. a vocalization, behaviour or other characteristic) that triggers learning of additional aspects of the password-giver's phenotype. We examined the possibility that nestlings of the obligately brood-parasitic brown-headed cowbird (Molothrus ater) could use a species-specific vocalization, the "chatter", as a password. We found that six-day-old nestlings responded (begged) significantly more frequently to playbacks of chatters than to other avian sounds and that two-month-old fledglings approached playbacks of chatters more quickly than vocalizations of heterospecifics. Free-living cowbird fledglings and adults also approached playbacks of chatters more often than control sounds. Passwords may be involved in the ontogeny of species recognition in brood parasites generally.

  20. The Classroom Password: A Class-Wide Intervention to Increase Academic Engagement

    ERIC Educational Resources Information Center

    Dart, Evan H.; Radley, Keith C.; Battaglia, Allison A.; Dadakhodjaeva, Komila; Bates, Kayla E.; Wright, Sarah J.

    2016-01-01

    The present study investigated the effectiveness of a novel class-wide intervention, the Classroom Password, for increasing the academic engaged behavior of middle school students. The effectiveness of an independent group contingency was evaluated using a concurrent multiple baseline design across three seventh- and eighth-grade classrooms.…

  1. The Classroom Password: A Class-Wide Intervention to Increase Academic Engagement

    ERIC Educational Resources Information Center

    Dart, Evan H.; Radley, Keith C.; Battaglia, Allison A.; Dadakhodjaeva, Komila; Bates, Kayla E.; Wright, Sarah J.

    2016-01-01

    The present study investigated the effectiveness of a novel class-wide intervention, the Classroom Password, for increasing the academic engaged behavior of middle school students. The effectiveness of an independent group contingency was evaluated using a concurrent multiple baseline design across three seventh- and eighth-grade classrooms.…

  2. 21 CFR 11.300 - Controls for identification codes/passwords.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 21 Food and Drugs 1 2012-04-01 2012-04-01 false Controls for identification codes/passwords. 11.300 Section 11.300 Food and Drugs FOOD AND DRUG ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN SERVICES GENERAL ELECTRONIC RECORDS; ELECTRONIC SIGNATURES Electronic Signatures § 11.300 Controls...

  3. A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

    PubMed

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

    2016-11-01

    Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

  4. Authentic to the Core

    ERIC Educational Resources Information Center

    Kukral, Nicole; Spector, Stacy

    2012-01-01

    When educators think about what makes learning relevant to students, often they narrow their thinking to electives or career technical education. While these provide powerful opportunities for students to make relevant connections to their learning, they can also create authentic experiences in the core curriculum. In the San Juan Unified School…

  5. User Authentication. SPEC Kit.

    ERIC Educational Resources Information Center

    Plum, Terry, Comp.; Bleiler, Richard, Comp.

    2001-01-01

    This SPEC (Systems and Procedures Exchange Center) Kit presents the results of a survey of Association of Research Libraries (ARL) member libraries designed to examine the systems research libraries use to authenticate and authorize the users of their online networked information resources. A total of 52 of 121 ARL member libraries responded to…

  6. User Authentication. SPEC Kit.

    ERIC Educational Resources Information Center

    Plum, Terry, Comp.; Bleiler, Richard, Comp.

    2001-01-01

    This SPEC (Systems and Procedures Exchange Center) Kit presents the results of a survey of Association of Research Libraries (ARL) member libraries designed to examine the systems research libraries use to authenticate and authorize the users of their online networked information resources. A total of 52 of 121 ARL member libraries responded to…

  7. Authentic Assessment: A Collection.

    ERIC Educational Resources Information Center

    Burke, Kay, Ed.

    The essays in this collection consider the meaning of authentic assessment and the implications of its use. "Section 1: Assessing Assessment" includes the following essays: (1) "The Nation's Report Card Goes Home: Good News and Bad about Trends in Achievement" (Robert L. Linn and Stephen B. Dunbar); (2) "Budgets, Politics, and Testing" (Chris…

  8. Facilitating Authentic Becoming

    ERIC Educational Resources Information Center

    Eriksen, Matthew

    2012-01-01

    A "Model of Authentic Becoming" that conceptualizes learning as a continuous and ongoing embodied and relational process, and uses social constructionism assumptions as well as Kolb's experiential learning model as its point of departure, is presented. Through a focus on the subjective, embodied, and relational nature of organizational life, the…

  9. Authentic Assessment: A Collection.

    ERIC Educational Resources Information Center

    Burke, Kay, Ed.

    The essays in this collection consider the meaning of authentic assessment and the implications of its use. "Section 1: Assessing Assessment" includes the following essays: (1) "The Nation's Report Card Goes Home: Good News and Bad about Trends in Achievement" (Robert L. Linn and Stephen B. Dunbar); (2) "Budgets, Politics, and Testing" (Chris…

  10. Portfolios: Authentic Assessment.

    ERIC Educational Resources Information Center

    Borowski, Maureen Coursey; Thompson, Carol; Zaccaria, Karen

    This report describes a plan for using student portfolios as a tool for authentic assessment. The targeted population was classes of 5th, 8th, and 12th graders in 3 urban school settings. The three teachers involved felt that current assessment methods were inadequate for measuring student learning. Analysis of the data showed that current…

  11. Tools for Authentication

    SciTech Connect

    White, G

    2008-07-09

    Many recent Non-proliferation and Arms Control software projects include a software authentication component. In this context, 'authentication' is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. In addition to visual inspection by knowledgeable computer scientists, automated tools are needed to highlight suspicious code constructs both to aid the visual inspection and to guide program development. While many commercial tools are available for portions of the authentication task, they are proprietary, and have limited extensibility. An open-source, extensible tool can be customized to the unique needs of each project (projects can have both common and custom rules to detect flaws and security holes). Any such extensible tool must be based on a complete language compiler infrastructure, that is, one that can parse and digest the full language through its standard grammar. ROSE is precisely such a compiler infrastructure developed within DOE. ROSE is a robust source-to-source analysis and optimization infrastructure currently addressing large, million-line DOE applications in C, C++, and FORTRAN. This year, it has been extended to support the automated analysis of binaries. We continue to extend ROSE to address a number of security-specific requirements and apply it to software authentication for Non-proliferation and Arms Control projects. We will give an update on the status of our work.

  12. Low-bandwidth authentication.

    SciTech Connect

    Donnelly, Patrick Joseph; McIver, Lauren; Gaines, Brian R.; Anderson, Erik; Collins, Michael Joseph; Thomas,Kurt Adam; McDaniel, Austin

    2007-09-01

    Remotely-fielded unattended sensor networks generally must operate at very low power--in the milliwatt or microwatt range--and thus have extremely limited communications bandwidth. Such sensors might be asleep most of the time to conserve power, waking only occasionally to transmit a few bits. RFID tags for tracking or material control have similarly tight bandwidth constraints, and emerging nanotechnology devices will be even more limited. Since transmitted data is subject to spoofing, and since sensors might be located in uncontrolled environments vulnerable to physical tampering, the high-consequence data generated by such systems must be protected by cryptographically sound authentication mechanisms; but such mechanisms are often lacking in current sensor networks. One reason for this undesirable situation is that standard authentication methods become impractical or impossible when bandwidth is severely constrained; if messages are small, a standard digital signature or HMAC will be many times larger than the message itself, yet it might be possible to spare only a few extra bits per message for security. Furthermore, the authentication tags themselves are only one part of cryptographic overhead, as key management functions (distributing, changing, and revoking keys) consume still more bandwidth. To address this problem, we have developed algorithms that provide secure authentication while adding very little communication overhead. Such techniques will make it possible to add strong cryptographic guarantees of data integrity to a much wider range of systems.

  13. A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    PubMed

    Wen, Fengtong

    2013-12-01

    User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

  14. A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

    PubMed

    Amin, Ruhul; Biswas, G P

    2015-08-01

    Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

  15. Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

    PubMed

    Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2014-11-01

    Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

  16. An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem.

    PubMed

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2015-03-01

    The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

  17. Security analysis and enhanced user authentication in proxy mobile IPv6 networks

    PubMed Central

    Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick

    2017-01-01

    The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key. PMID:28719621

  18. IMAT graphics manual

    NASA Technical Reports Server (NTRS)

    Stockwell, Alan E.; Cooper, Paul A.

    1991-01-01

    The Integrated Multidisciplinary Analysis Tool (IMAT) consists of a menu driven executive system coupled with a relational database which links commercial structures, structural dynamics and control codes. The IMAT graphics system, a key element of the software, provides a common interface for storing, retrieving, and displaying graphical information. The IMAT Graphics Manual shows users of commercial analysis codes (MATRIXx, MSC/NASTRAN and I-DEAS) how to use the IMAT graphics system to obtain high quality graphical output using familiar plotting procedures. The manual explains the key features of the IMAT graphics system, illustrates their use with simple step-by-step examples, and provides a reference for users who wish to take advantage of the flexibility of the software to customize their own applications.

  19. CHALLENGE MEASUREMENTS FOR AUTHENTICATION

    SciTech Connect

    Pitts, W. Karl

    2009-10-07

    Authentication of systems with an information barrier that protects sensitive information is difficult; in particular, the information barrier can allow a hidden switch to be implemented by the system fabricator and operator. The hidden switch is the operator’s ability to subvert the measurement system and force it to produce a desired and false result. It is usually discussed in the context of an attribute measurement in which a faked item is presented in place of a real item regulated by an agreement, with the driving motivation being the ability to preserve a stock of valuable items. In simple terms, the hidden switch enables a shell game with assets, and the information barrier protects the switch. This presentation outlines challenge measurements that could be used to detect the implementation of a hidden switch and assist the authentication process.

  20. Probabilistic authenticated quantum dialogue

    NASA Astrophysics Data System (ADS)

    Hwang, Tzonelih; Luo, Yi-Ping

    2015-12-01

    This work proposes a probabilistic authenticated quantum dialogue (PAQD) based on Bell states with the following notable features. (1) In our proposed scheme, the dialogue is encoded in a probabilistic way, i.e., the same messages can be encoded into different quantum states, whereas in the state-of-the-art authenticated quantum dialogue (AQD), the dialogue is encoded in a deterministic way; (2) the pre-shared secret key between two communicants can be reused without any security loophole; (3) each dialogue in the proposed PAQD can be exchanged within only one-step quantum communication and one-step classical communication. However, in the state-of-the-art AQD protocols, both communicants have to run a QKD protocol for each dialogue and each dialogue requires multiple quantum as well as classical communicational steps; (4) nevertheless, the proposed scheme can resist the man-in-the-middle attack, the modification attack, and even other well-known attacks.

  1. International safeguards data authentication

    SciTech Connect

    Melton, R.B.; Smith, C.E.; DeLand, S.M.; Manatt, D.R.

    1996-07-01

    The International Safeguards community is becoming increasingly reliant on information stored in electronic form. In international monitoring and related activities it must be possible to verify and maintain the integrity of this electronic information. This paper discusses the use of data authentication technology to assist in accomplishing this task. The paper provides background information, identifies the relevance to international safeguards, discusses issues related to export controls, algorithm patents, key management and the use of commercial vs. custom software.

  2. A neural basis for password-based species recognition in an avian brood parasite.

    PubMed

    Lynch, Kathleen S; Gaglio, Annmarie; Tyler, Elizabeth; Coculo, Joseph; Louder, Matthew I M; Hauber, Mark E

    2017-07-01

    Obligate avian brood parasites are raised by heterospecific hosts and, therefore, lack crucial early exposure to relatives and other conspecifics. Yet, young brood parasites readily recognize and affiliate with others of their own species upon independence. One solution to this social recognition paradox is the ontogenetic 'password' mechanism used by obligate parasitic brown-headed cowbirds (Molothrus ater), whereby conspecific identification is initially mediated through the cowbird chatter: a non-learned vocal cue. We explored the neural basis of such password-based species recognition in juvenile and adult male cowbirds. We found that cowbird auditory forebrain regions express greater densities of the protein product of the immediate-early gene ZENK in response to the password chatter call relative to control sounds of mourning dove (Zenaida macroura) coos. The chatter-selective induction of ZENK expression occurs in both the caudal medial nidopallium (NCM) and the caudal medial mesopallium (CMM) in adults, but only within the NCM in juveniles. In contrast, we discovered that juvenile cowbirds exhibit neural selectivity to presentations of either conspecific or heterospecific songs, but only in CMM and only after recent experience. Juvenile cowbirds that did not have previous experience with the song type they were exposed to during the test period exhibited significantly lower activity-dependent gene expression. Thus, in juvenile male cowbirds, there is early onset of species-specific selective neural representation of non-learned calls in NCM and recently experienced song in CMM. These results suggest that NCM is evolutionarily co-opted in parasitic cowbirds to selectively recognize the password chatter, allowing juvenile cowbirds to identify adult conspecifics and avoid mis-imprinting upon unrelated host species. These ontogenetic comparisons reveal novel insights into the neural basis of species recognition in brood parasitic species. © 2017. Published by

  3. Graphic Communications. Curriculum Guide.

    ERIC Educational Resources Information Center

    North Dakota State Board for Vocational Education, Bismarck.

    This guide provides the basic foundation to develop a one-semester course based on the cluster concept, graphic communications. One of a set of six guides for an industrial arts curriculum at the junior high school level, it suggests exploratory experiences designed to (1) develop an awareness and understanding of the drafting and graphic arts…

  4. Graphics mini manual

    NASA Technical Reports Server (NTRS)

    Taylor, Nancy L.; Randall, Donald P.; Bowen, John T.; Johnson, Mary M.; Roland, Vincent R.; Matthews, Christine G.; Gates, Raymond L.; Skeens, Kristi M.; Nolf, Scott R.; Hammond, Dana P.

    1990-01-01

    The computer graphics capabilities available at the Center are introduced and their use is explained. More specifically, the manual identifies and describes the various graphics software and hardware components, details the interfaces between these components, and provides information concerning the use of these components at LaRC.

  5. How Computer Graphics Work.

    ERIC Educational Resources Information Center

    Prosise, Jeff

    This document presents the principles behind modern computer graphics without straying into the arcane languages of mathematics and computer science. Illustrations accompany the clear, step-by-step explanations that describe how computers draw pictures. The 22 chapters of the book are organized into 5 sections. "Part 1: Computer Graphics in…

  6. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

    PubMed Central

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

  7. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

    PubMed

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

  8. GKS -- Graphical Kernel System

    NASA Astrophysics Data System (ADS)

    Terrett, D. L.

    This note describes the release on Starlink of the RAL/ICL GKS graphics package. GKS has two major advantages over other graphics packages: o It is an international standard and real portability of graphics software is now possible. An illustration of this is that the NCAR package---an extensive library of scientific graphics utilities produced by the National Center for Atmospheric Research in the USA---runs on the RAL/ICL GKS without any modification, despite the fact that it was developed using a completely independent GKS implementation. o No other package provides the ability to write device independent graphics programs to the extent that GKS does. Only with GKS can you write a program that will run, and produce good pictures, on all devices supported by the implementation, including devices not supported at the time the program was written. Programs can nonetheless still fully exploit all the facilities offered by the hardware.

  9. k-Times Anonymous Authentication

    NASA Astrophysics Data System (ADS)

    Teranishi, Isamu; Furukawa, Jun; Sako, Kazue

    We propose an authentication scheme in which users can be authenticated anonymously so long as times that they are authenticated is within an allowable number. The proposed scheme has two features: 1) no one, not even an authority, can identify users who have been authenticated within the allowable number, 2) anyone can trace, without help from the authority, dishonest users who have been authenticated beyond the allowable number by using the records of these authentications. Our scheme can be applied to e-voting, e-cash, electronic coupons, and trial browsing of content. In these applications, our scheme, unlike the previous one, conceals users' participation from protocols and guarantees that they will remain anonymous to everyone.

  10. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    SciTech Connect

    Ezell, Matthew A; Rogers, Gary L; Peterson, Gregory D.

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  11. Mechanism for control plane authentication

    SciTech Connect

    Tarman, T.D.

    1996-06-01

    The purpose of this contribution is to propose an ``Authentication Information Element`` that can be used to carry authentication information within the ATM signaling protocols. This information may be used by either signaling entity to validate the claimed identity of the other, and to verify the integrity of a portion of a message`s contents. By specifying a generic authentication IE, authentication information can be generated by any signature algorithm, and can be appended to any ATM signaling message. Procedures for the use of this information element are also provided.

  12. A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

    PubMed

    Das, Ashok Kumar

    2015-03-01

    Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

  13. Perception in statistical graphics

    NASA Astrophysics Data System (ADS)

    VanderPlas, Susan Ruth

    There has been quite a bit of research on statistical graphics and visualization, generally focused on new types of graphics, new software to create graphics, interactivity, and usability studies. Our ability to interpret and use statistical graphics hinges on the interface between the graph itself and the brain that perceives and interprets it, and there is substantially less research on the interplay between graph, eye, brain, and mind than is sufficient to understand the nature of these relationships. The goal of the work presented here is to further explore the interplay between a static graph, the translation of that graph from paper to mental representation (the journey from eye to brain), and the mental processes that operate on that graph once it is transferred into memory (mind). Understanding the perception of statistical graphics should allow researchers to create more effective graphs which produce fewer distortions and viewer errors while reducing the cognitive load necessary to understand the information presented in the graph. Taken together, these experiments should lay a foundation for exploring the perception of statistical graphics. There has been considerable research into the accuracy of numerical judgments viewers make from graphs, and these studies are useful, but it is more effective to understand how errors in these judgments occur so that the root cause of the error can be addressed directly. Understanding how visual reasoning relates to the ability to make judgments from graphs allows us to tailor graphics to particular target audiences. In addition, understanding the hierarchy of salient features in statistical graphics allows us to clearly communicate the important message from data or statistical models by constructing graphics which are designed specifically for the perceptual system.

  14. Introduction to LBL graphics

    SciTech Connect

    Not Available

    1984-08-01

    The Computing Services Department supports a number of graphics software packages on the VAX machines, primarily on the IGM VAX. These packages will drive a large variety of different graphical devices, terminals (including various Tektronix terminals, the AED 512 color raster terminal, the IMLAC Series II vector list processor terminal and others), various styles of plotters and the DICOMED D48 film recorder. We are going to present to you the following graphic software packages: Tell-A-Graf, Cuechart, Tell-A-Plan, Data Connection, DI-3000, Contouring, Grafmaker (including Grafeasy), Grafmaster, Movie.BYU, Grafpac, IDDS, UGS/HPLOT/HBOOK, and SDL/SGL.

  15. Trustworthiness and Authenticity: Alternate Ways To Judge Authentic Assessments.

    ERIC Educational Resources Information Center

    Hipps, Jerome A.

    New methods are needed to judge the quality of alternative student assessment, methods which complement the philosophy underlying authentic assessments. This paper examines assumptions underlying validity, reliability, and objectivity, and why they are not matched to authentic assessment, concentrating on the constructivist paradigm of E. Guba and…

  16. Anonymous authenticated communications

    DOEpatents

    Beaver, Cheryl L.; Schroeppel, Richard C.; Snyder, Lillian A.

    2007-06-19

    A method of performing electronic communications between members of a group wherein the communications are authenticated as being from a member of the group and have not been altered, comprising: generating a plurality of random numbers; distributing in a digital medium the plurality of random numbers to the members of the group; publishing a hash value of contents of the digital medium; distributing to the members of the group public-key-encrypted messages each containing a same token comprising a random number; and encrypting a message with a key generated from the token and the plurality of random numbers.

  17. Molecular authentication of geo-authentic Scrophularia ningpoensis *

    PubMed Central

    Chen, Chuan; Duan, Li-na; Zhou, Xiao-long; Chen, Bing-long; Fu, Cheng-xin

    2011-01-01

    Scrophularia ningpoensis has long been used in the Chinese Materia Medica for inflammation. Like other herbal medicines, S. ningpoensis collected from different localities may considerably differ in their therapeutic efficacy, and the one grown in Zhejiang Province is recognized as geo-authentic. However, it is difficult to confirm the geographical authenticity by similar morphological characteristics. In the present study, inter-simple sequence repeat (ISSR) markers were conducted to detect S. ningpoensis from different origins. A 1 259-bp fragment amplified by primer UBC874 was found only in geo-authentic ones. By cloning and sequencing that specific band, sequence characterized amplified region (SCAR) markers were designed to distinguish geo-authentic S. ningpoensis from others. This is a rapid and easy method that can be used to identify the geographical authenticity of S. ningpoensis. PMID:21528494

  18. A pedagogical example of second-order arithmetic sequences applied to the construction of computer passwords by upper elementary grade students

    NASA Astrophysics Data System (ADS)

    Coggins, Porter E.

    2015-04-01

    The purpose of this paper is (1) to present how general education elementary school age students constructed computer passwords using digital root sums and second-order arithmetic sequences, (2) argue that computer password construction can be used as an engaging introduction to generate interest in elementary school students to study mathematics related to computer science, and (3) share additional mathematical ideas accessible to elementary school students that can be used to create computer passwords. This paper serves to fill a current gap in the literature regarding the integration of mathematical content accessible to upper elementary school students and aspects of computer science in general, and computer password construction in particular. In addition, the protocols presented here can serve as a hook to generate further interest in mathematics and computer science. Students learned to create a random-looking computer password by using biometric measurements of their shoe size, height, and age in months and to create a second-order arithmetic sequence, then converted the resulting numbers into characters that become their computer passwords. This password protocol can be used to introduce students to good computer password habits that can serve a foundation for a life-long awareness of data security. A refinement of the password protocol is also presented.

  19. Indian Graphic Symbols.

    ERIC Educational Resources Information Center

    Stump, Sarain

    1979-01-01

    Noting Indian tribes had invented ways to record facts and ideas, with graphic symbols that sometimes reached the complexity of hieroglyphs, this article illustrates and describes Indian symbols. (Author/RTS)

  20. Robot graphic simulation testbed

    NASA Technical Reports Server (NTRS)

    Cook, George E.; Sztipanovits, Janos; Biegl, Csaba; Karsai, Gabor; Springfield, James F.

    1991-01-01

    The objective of this research was twofold. First, the basic capabilities of ROBOSIM (graphical simulation system) were improved and extended by taking advantage of advanced graphic workstation technology and artificial intelligence programming techniques. Second, the scope of the graphic simulation testbed was extended to include general problems of Space Station automation. Hardware support for 3-D graphics and high processing performance make high resolution solid modeling, collision detection, and simulation of structural dynamics computationally feasible. The Space Station is a complex system with many interacting subsystems. Design and testing of automation concepts demand modeling of the affected processes, their interactions, and that of the proposed control systems. The automation testbed was designed to facilitate studies in Space Station automation concepts.

  1. Graphics Processor Units (GPUs)

    NASA Technical Reports Server (NTRS)

    Wyrwas, Edward J.

    2017-01-01

    This presentation will include information about Graphics Processor Units (GPUs) technology, NASA Electronic Parts and Packaging (NEPP) tasks, The test setup, test parameter considerations, lessons learned, collaborations, a roadmap, NEPP partners, results to date, and future plans.

  2. GRAPS: Graphical Plotting System.

    DTIC Science & Technology

    1985-07-01

    stand-alone unit, but could (with a few modifications) be incorporated into a larger system; e.g., the IGUANA system (ref 3). The GRAPS system...the GRAPS software into another system (e.g., the IGUANA ) could possibly introduce additional requirements. I have simply listed those things...Graphics Utility For Army NEC Automation ( IGUANA ), May 1985. 4. Hewlett-Packard Corp., Interfacing and Programming Manual - HP 7470A Graphics Plotter

  3. A graphical ICU workstation.

    PubMed Central

    Higgins, S. B.; Jiang, K.; Swindell, B. B.; Bernard, G. R.

    1991-01-01

    A workstation designed to facilitate electronic charting in the intensive care unit is described. The system design incorporates a graphical, windows-based user interface. The system captures all data formerly recorded on the paper flowsheet including direct patient measurements, nursing assessment, patient care procedures, and nursing notes. It has the ability to represent charted data in a variety of graphical formats, thereby providing additional insights to facilitate the management of the critically ill patient. Initial nursing evaluation is described. PMID:1807712

  4. Flowfield computer graphics

    NASA Technical Reports Server (NTRS)

    Desautel, Richard

    1993-01-01

    The objectives of this research include supporting the Aerothermodynamics Branch's research by developing graphical visualization tools for both the branch's adaptive grid code and flow field ray tracing code. The completed research for the reporting period includes development of a graphical user interface (GUI) and its implementation into the NAS Flowfield Analysis Software Tool kit (FAST), for both the adaptive grid code (SAGE) and the flow field ray tracing code (CISS).

  5. What Works with Authentic Assessment.

    ERIC Educational Resources Information Center

    Burley, Hansel; Price, Margaret

    2003-01-01

    A consistent finding of teachers using authentic assessment is how much they learn from the process and their students. Authentic assessment depends upon independence, mastery of content, and a willingness to engage students in real-life experiences. (Contains 12 references.) (Author/JOW)

  6. Localized lossless authentication watermark (LAW)

    NASA Astrophysics Data System (ADS)

    Celik, Mehmet U.; Sharma, Gaurav; Tekalp, A. Murat; Saber, Eli S.

    2003-06-01

    A novel framework is proposed for lossless authentication watermarking of images which allows authentication and recovery of original images without any distortions. This overcomes a significant limitation of traditional authentication watermarks that irreversibly alter image data in the process of watermarking and authenticate the watermarked image rather than the original. In particular, authenticity is verified before full reconstruction of the original image, whose integrity is inferred from the reversibility of the watermarking procedure. This reduces computational requirements in situations when either the verification step fails or the zero-distortion reconstruction is not required. A particular instantiation of the framework is implemented using a hierarchical authentication scheme and the lossless generalized-LSB data embedding mechanism. The resulting algorithm, called localized lossless authentication watermark (LAW), can localize tampered regions of the image; has a low embedding distortion, which can be removed entirely if necessary; and supports public/private key authentication and recovery options. The effectiveness of the framework and the instantiation is demonstrated through examples.

  7. Reading Authentic Polish, Volume II.

    ERIC Educational Resources Information Center

    Walczynski, Waldemar

    The second volume on reading authentic Polish is the continuation of a supplementary textbook to be used either in the classroom or in independent study. The materials included in it are unaltered authentic texts from Polish newspapers, magazines, and other mass media that provide exposure to the context and format of everyday reading matter. The…

  8. Authentic Reading Assessment. ERIC Digest.

    ERIC Educational Resources Information Center

    Dutcher, Peggy

    Authentic reading assessment is examined, focusing on its implementation within the Michigan Essential Skills Reading Test (MESRT). Authentic reading assessment emerged as a response to research that indicates that reading is not a particular skill but an interaction among reader, text, and the context of the reading situation. Unlike formal…

  9. AVNG authentication features

    SciTech Connect

    Thron, Jonathan Louis; Mac Arthur, Duncan W; White, Greg; Razinkov, Sergey; Livke, Alexander

    2010-01-01

    Any verification measurement performed on potentially classified nuclear material must satisfy two seemingly contradictory constraints. First and foremost, no classified information can be released. At the same time, the monitoring party must have confidence in the veracity of the measurement (called authentication). An information barrier (IB) is included in the measurement system to protect the potentially classified information. To achieve both goals, the IB allows only very limited, previously agreed-on information to be displayed to the monitoring party. In addition to this limited information from the potentially classified measurement, other measurements are performed and procedures are put in place for the monitoring party to gain confidence that the material being measured is consistent with the host's declarations concerning that material. In this presentation, we will discuss the techniques used in the AVNG attribute measuring system to facilitate authentication of the verification measurements by the monitors. These techniques include measuring unclassified items while allowing more information to be displayed; having the monitor understand the system function, design, and implementation; and randomly selecting the order of measurements.

  10. An Improved RSA Based User Authentication and Session Key Agreement Protocol Usable in TMIS.

    PubMed

    Amin, Ruhul; Biswas, G P

    2015-08-01

    Recently, Giri et al.'s proposed a RSA cryptosystem based remote user authentication scheme for telecare medical information system and claimed that the protocol is secure against all the relevant security attacks. However, we have scrutinized the Giri et al.'s protocol and pointed out that the protocol is not secure against off-line password guessing attack, privileged insider attack and also suffers from anonymity problem. Moreover, the extension of password guessing attack leads to more security weaknesses. Therefore, this protocol needs improvement in terms of security before implementing in real-life application. To fix the mentioned security pitfalls, this paper proposes an improved scheme over Giri et al.'s scheme, which preserves user anonymity property. We have then simulated the proposed protocol using widely-accepted AVISPA tool which ensures that the protocol is SAFE under OFMC and CL-AtSe models, that means the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The informal cryptanalysis has been also presented, which confirmed that the proposed protocol provides well security protection on the relevant security attacks. The performance analysis section compares the proposed protocol with other existing protocols in terms of security and it has been observed that the protocol provides more security and achieves additional functionalities such as user anonymity and session key verification.

  11. Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care.

    PubMed

    Xu, Lili; Wu, Fan

    2015-02-01

    Nowadays, connected health care applications are used more and more in the world. Service through the applications can save the patients' time and expense, such as telecare medical information system (TMIS) and integrated electronic patient record (EPR) information system. In the applications, preserving patients' privacy, transmitting messages securely and keeping mutual authentication should all be paid attention. Many authentication schemes have been proposed to make a secure communicating environment. Recently Xie et al. showed that Wen's scheme was insecure because it was under the off-line password guessing attack and without user anonymity and forward security. They gave a new three-factor authentication scheme and claimed that it was secure. However, we find that Xie et al's scheme is vulnerable to the De-synchronization attack and the server has too much storage burden in the scheme. Then we present an improved scheme which overcomes the usual weaknesses and keeps ordinary security characters. Compared with recent schemes of the same kind, our scheme is secure and practical.

  12. An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function.

    PubMed

    Das, Ashok Kumar; Goswami, Adrijit

    2014-06-01

    Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

  13. A provably-secure ECC-based authentication scheme for wireless sensor networks.

    PubMed

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-11-06

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

  14. On the security of two remote user authentication schemes for telecare medical information systems.

    PubMed

    Kim, Kee-Won; Lee, Jae-Dong

    2014-05-01

    The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

  15. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    PubMed Central

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

  16. Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing.

    PubMed

    Ehatisham-Ul-Haq, Muhammad; Azam, Muhammad Awais; Loo, Jonathan; Shuang, Kai; Islam, Syed; Naeem, Usman; Amin, Yasar

    2017-09-06

    Smartphones are context-aware devices that provide a compelling platform for ubiquitous computing and assist users in accomplishing many of their routine tasks anytime and anywhere, such as sending and receiving emails. The nature of tasks conducted with these devices has evolved with the exponential increase in the sensing and computing capabilities of a smartphone. Due to the ease of use and convenience, many users tend to store their private data, such as personal identifiers and bank account details, on their smartphone. However, this sensitive data can be vulnerable if the device gets stolen or lost. A traditional approach for protecting this type of data on mobile devices is to authenticate users with mechanisms such as PINs, passwords, and fingerprint recognition. However, these techniques are vulnerable to user compliance and a plethora of attacks, such as smudge attacks. The work in this paper addresses these challenges by proposing a novel authentication framework, which is based on recognizing the behavioral traits of smartphone users using the embedded sensors of smartphone, such as Accelerometer, Gyroscope and Magnetometer. The proposed framework also provides a platform for carrying out multi-class smart user authentication, which provides different levels of access to a wide range of smartphone users. This work has been validated with a series of experiments, which demonstrate the effectiveness of the proposed framework.

  17. Robust ECC-based authenticated key agreement scheme with privacy protection for Telecare medicine information systems.

    PubMed

    Zhang, Liping; Zhu, Shaohui

    2015-05-01

    To protect the transmission of the sensitive medical data, a secure and efficient authenticated key agreement scheme should be deployed when the healthcare delivery session is established via Telecare Medicine Information Systems (TMIS) over the unsecure public network. Recently, Islam and Khan proposed an authenticated key agreement scheme using elliptic curve cryptography for TMIS. They claimed that their proposed scheme is provably secure against various attacks in random oracle model and enjoys some good properties such as user anonymity. In this paper, however, we point out that any legal but malicious patient can reveal other user's identity. Consequently, their scheme suffers from server spoofing attack and off-line password guessing attack. Moreover, if the malicious patient performs the same time of the registration as other users, she can further launch the impersonation attack, man-in-the-middle attack, modification attack, replay attack, and strong replay attack successfully. To eliminate these weaknesses, we propose an improved ECC-based authenticated key agreement scheme. Security analysis demonstrates that the proposed scheme can resist various attacks and enables the patient to enjoy the remote healthcare services with privacy protection. Through the performance evaluation, we show that the proposed scheme achieves a desired balance between security and performance in comparisons with other related schemes.

  18. Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing

    PubMed Central

    Ehatisham-ul-Haq, Muhammad; Azam, Muhammad Awais; Loo, Jonathan; Shuang, Kai; Islam, Syed; Naeem, Usman; Amin, Yasar

    2017-01-01

    Smartphones are context-aware devices that provide a compelling platform for ubiquitous computing and assist users in accomplishing many of their routine tasks anytime and anywhere, such as sending and receiving emails. The nature of tasks conducted with these devices has evolved with the exponential increase in the sensing and computing capabilities of a smartphone. Due to the ease of use and convenience, many users tend to store their private data, such as personal identifiers and bank account details, on their smartphone. However, this sensitive data can be vulnerable if the device gets stolen or lost. A traditional approach for protecting this type of data on mobile devices is to authenticate users with mechanisms such as PINs, passwords, and fingerprint recognition. However, these techniques are vulnerable to user compliance and a plethora of attacks, such as smudge attacks. The work in this paper addresses these challenges by proposing a novel authentication framework, which is based on recognizing the behavioral traits of smartphone users using the embedded sensors of smartphone, such as Accelerometer, Gyroscope and Magnetometer. The proposed framework also provides a platform for carrying out multi-class smart user authentication, which provides different levels of access to a wide range of smartphone users. This work has been validated with a series of experiments, which demonstrate the effectiveness of the proposed framework. PMID:28878177

  19. An authentication scheme to healthcare security under wireless sensor networks.

    PubMed

    Hsiao, Tsung-Chih; Liao, Yu-Ting; Huang, Jen-Yan; Chen, Tzer-Shyong; Horng, Gwo-Boa

    2012-12-01

    In recent years, Taiwan has been seeing an extension of the average life expectancy and a drop in overall fertility rate, initiating our country into an aged society. Due to this phenomenon, how to provide the elderly and patients with chronic diseases a suitable healthcare environment has become a critical issue presently. Therefore, we propose a new scheme that integrates healthcare services with wireless sensor technology in which sensor nodes are employed to measure patients' vital signs. Data collected from these sensor nodes are then transmitted to mobile devices of the medical staff and system administrator, promptly enabling them to understand the patients' condition in real time, which will significantly improve patients' healthcare quality. As per the personal data protection act, patients' vital signs can only be accessed by authorized medical staff. In order to protect patients', the system administrator will verify the medical staff's identity through the mobile device using a smart card and password mechanism. Accordingly, only the verified medical staff can obtain patients' vital signs data such as their blood pressure, pulsation, and body temperature, etc.. Besides, the scheme includes a time-bounded characteristic that allows the verified staff access to data without having to have to re-authenticate and re-login into the system within a set period of time. Consequently, the time-bounded property also increases the work efficiency of the system administrator and user.

  20. On the security of a dynamic ID-based authentication scheme for telecare medical information systems.

    PubMed

    Lin, Han-Yu

    2013-04-01

    Telecare medical information systems (TMISs) are increasingly popular technologies for healthcare applications. Using TMISs, physicians and caregivers can monitor the vital signs of patients remotely. Since the database of TMISs stores patients' electronic medical records (EMRs), only authorized users should be granted the access to this information for the privacy concern. To keep the user anonymity, recently, Chen et al. proposed a dynamic ID-based authentication scheme for telecare medical information system. They claimed that their scheme is more secure and robust for use in a TMIS. However, we will demonstrate that their scheme fails to satisfy the user anonymity due to the dictionary attacks. It is also possible to derive a user password in case of smart card loss attacks. Additionally, an improved scheme eliminating these weaknesses is also presented.

  1. Graphical functions in parametric space

    NASA Astrophysics Data System (ADS)

    Golz, Marcel; Panzer, Erik; Schnetz, Oliver

    2016-12-01

    Graphical functions are positive functions on the punctured complex plane Csetminus {0,1} which arise in quantum field theory. We generalize a parametric integral representation for graphical functions due to Lam, Lebrun and Nakanishi, which implies the real analyticity of graphical functions. Moreover, we prove a formula that relates graphical functions of planar dual graphs.

  2. Issues of authenticity

    NASA Astrophysics Data System (ADS)

    Vara, Renee N.

    2000-03-01

    The problems which the fake or copy present, has received much attention among the art historians, philosophers, and art professionals within the last ten years. This renewed interest has largely focused upon aspects of what constitutes originality or fraud, but also has elucidated the fact that making copies was a common artistic practice during classical antiquity, the Renaissance, the early baroque and most commonly during the post modern period. One academic conference, held in 1985 at National Gallery of Art Symposium, entitled 'Retaining the Original' was focused around the very nature of the question of originality and authenticity. In the introduction to the published paper, Henry Million reminded us, that historically, 'making copies...constituted a major part of the artistic 'enterprise;' copies were valued and costly.

  3. A Graphical Physics Course

    NASA Astrophysics Data System (ADS)

    Wood, Roy C.

    2001-11-01

    There has been a desire in recent years to introduce physics to students at the middle school, or freshmen high school level. However, traditional physics courses involve a great deal of mathematics, and this makes physics unattractive to many of them. In the last few decades, courses have been developed with a focus that is more conceptual than mathematical, and is generally referred to as conceptual physics. These two types of courses emphasize two methods that physicist use to solve physics problems. However, there is a third, graphical method that is also useful, and complements mathematical and verbal reasoning. A course emphasizing graphical methods would deal with quantitative graphical diagrams, as well as qualitative diagrams. Examples of quantitative graphical diagrams are scaled force diagrams and scaled optical ray-tracing diagrams. A course based on this type of approach would involve measurements and uncertainties, and would involve active (hands-on) student participation suitable for younger students. This talk will discuss a graphical physics course, and its benefits to younger students.

  4. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

    PubMed

    Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

    2016-08-16

    In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

  5. A novel user authentication and key agreement protocol for accessing multi-medical server usable in TMIS.

    PubMed

    Amin, Ruhul; Biswas, G P

    2015-03-01

    Telecare Medical Information System (TMIS) makes an efficient and convenient connection between patient(s)/user(s) at home and doctor(s) at a clinical center. To ensure secure connection between the two entities (patient(s)/user(s), doctor(s)), user authentication is enormously important for the medical server. In this regard, many authentication protocols have been proposed in the literature only for accessing single medical server. In order to fix the drawbacks of the single medical server, we have primarily developed a novel architecture for accessing several medical services of the multi-medical server, where a user can directly communicate with the doctor of the medical server securely. Thereafter, we have developed a smart card based user authentication and key agreement security protocol usable for TMIS system using cryptographic one-way hash function. We have analyzed the security of our proposed authentication scheme through both formal and informal security analysis. Furthermore, we have simulated the proposed scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and showed that the scheme is secure against the replay and man-in-the-middle attacks. The informal security analysis is also presented which confirms that the protocol has well security protection on the relevant security attacks. The security and performance comparison analysis confirm that the proposed protocol not only provides security protection on the above mentioned attacks, but it also achieves better complexities along with efficient login and password change phase.

  6. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

    PubMed Central

    Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

    2016-01-01

    In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes. PMID:27537890

  7. Multimedia authentication for copyright protection

    NASA Astrophysics Data System (ADS)

    Yin, Mingsheng

    2017-06-01

    Multimedia contents are easy to be copied and modified, so it is important to use authentication technology to ensure reliability and copyright security. Multimedia authentication technology is usually divided into digital signature and digital watermarking. In this paper, we introduce some basic image and video authentication technology, such as PCA algorithm and image signature method based on DCT coefficient, LSB -based digital image watermark, SVD-based digital image watermark, and video watermark. Through these digital content security technology, digital contents can be ensured security

  8. Authenticity in CALL: Three Domains of "Realness"

    ERIC Educational Resources Information Center

    Buendgens-Kosten, Judith

    2013-01-01

    This paper discusses the role of authenticity and authenticity claims in computer assisted language learning (CALL). It considers authenticity as the result of a social negotiation process rather than an innate feature of a text, object, person, or activity. From this basis, it argues that authenticity claims play an important role in both second…

  9. Authenticity in CALL: Three Domains of "Realness"

    ERIC Educational Resources Information Center

    Buendgens-Kosten, Judith

    2013-01-01

    This paper discusses the role of authenticity and authenticity claims in computer assisted language learning (CALL). It considers authenticity as the result of a social negotiation process rather than an innate feature of a text, object, person, or activity. From this basis, it argues that authenticity claims play an important role in both second…

  10. Authentic leadership: application to women leaders

    PubMed Central

    Hopkins, Margaret M.; O’Neil, Deborah A.

    2015-01-01

    The purpose of this perspective article is to present the argument that authentic leadership is a gendered representation of leadership. We first provide a brief history of leadership theories and definitions of authentic leadership. We then critique authentic leadership and offer arguments to support the premise that authentic leadership is not gender-neutral and is especially challenging for women. PMID:26236254

  11. Mikado: A graphic program

    NASA Astrophysics Data System (ADS)

    Secretan, Y.

    A discussion of the modular program Mikado is presented. Mikado was developed with the goal of creating a flexible graphic tool to display and help analyze the results of finite element fluid flow computations. Mikado works on unstructured meshes, with elements of mixed geometric type, but also offers the possibility of using structured meshes. The program can be operated by both menu and mouse (interactive), or by command file (batch). Mikado is written in FORTRAN, except for a few system dependent subroutines which are in C. It runs presently on Silicon Graphics' workstations and could be easily ported to the IBM-RISC System/6000 family of workstations.

  12. Authentically Assessing an Assembly Line.

    ERIC Educational Resources Information Center

    Kirkwood, James J.; Kendrick, Martha L.

    1999-01-01

    Authentic assessment in elementary school technology education is linked to a continuum of teacher behavior: nondirective, mediating, directive, and concurrent with teaching. It should be a two-way process between the students and the activity. (JOW)

  13. Authentically Assessing an Assembly Line.

    ERIC Educational Resources Information Center

    Kirkwood, James J.; Kendrick, Martha L.

    1999-01-01

    Authentic assessment in elementary school technology education is linked to a continuum of teacher behavior: nondirective, mediating, directive, and concurrent with teaching. It should be a two-way process between the students and the activity. (JOW)

  14. Quantum direct communication with authentication

    SciTech Connect

    Lee, Hwayean; Lim, Jongin; Yang, HyungJin

    2006-04-15

    We propose two quantum direct communication (QDC) protocols with user authentication. Users can identify each other by checking the correlation of Greenberger-Horne-Zeilinger (GHZ) states. Alice can directly send a secret message to Bob without any previously shared secret using the remaining GHZ states after authentication. Our second QDC protocol can be used even though there is no quantum link between Alice and Bob. The security of the transmitted message is guaranteed by properties of entanglement of GHZ states.

  15. Password Usage

    DTIC Science & Technology

    2007-11-02

    ES) 8. PERFORMING ORGANIZATION REPORT NUMBER U.S. Department of Commerce , Technology Administration, NIST 9. SPONSORING / MONITORING AGENCY NAME(S...5500 Standard Form 298 (Rev. 2-89) Prescribed by ANSI Std. Z39-18 298-102 U.S. DEPARTMENT OF COMMERCE , Malcolm Baldrige, Secretary NATIONAL BUREAU OF

  16. Graphic Novels: A Roundup.

    ERIC Educational Resources Information Center

    Kan, Katherine L.

    1994-01-01

    Reviews graphic novels for young adults, including five titles from "The Adventures of Tintin," a French series that often uses ethnic and racial stereotypes which reflect the time in which they were published, and "Wolverine," a Marvel comic character adventure. (Contains six references.) (LRW)

  17. Graphical Interfaces for Simulation.

    ERIC Educational Resources Information Center

    Hollan, J. D.; And Others

    This document presents a discussion of the development of a set of software tools to assist in the construction of interfaces to simulations and real-time systems. Presuppositions to the approach to interface design that was used are surveyed, the tools are described, and the conclusions drawn from these experiences in graphical interface design…

  18. Graphic Life Map.

    ERIC Educational Resources Information Center

    Schulze, Patricia

    This is a prewriting activity for personal memoir or autobiographical writing. Grade 6-8 students brainstorm for important memories, create graphics or symbols for their most important memories, and construct a life map on tag board or construction paper, connecting drawings and captions of high and low points with a highway. During four 50-minute…

  19. Computing Graphical Confidence Bounds

    NASA Technical Reports Server (NTRS)

    Mezzacappa, M. A.

    1983-01-01

    Approximation for graphical confidence bounds is simple enough to run on programmable calculator. Approximation is used in lieu of numerical tables not always available, and exact calculations, which often require rather sizable computer resources. Approximation verified for collection of up to 50 data points. Method used to analyze tile-strength data on Space Shuttle thermal-protection system.

  20. Comics & Graphic Novels

    ERIC Educational Resources Information Center

    Cleaver, Samantha

    2008-01-01

    Not so many years ago, comic books in school were considered the enemy. Students caught sneaking comics between the pages of bulky--and less engaging--textbooks were likely sent to the principal. Today, however, comics, including classics such as "Superman" but also their generally more complex, nuanced cousins, graphic novels, are not only…

  1. Graphically Enhanced Science Notebooks

    ERIC Educational Resources Information Center

    Minogue, James; Wiebe, Eric; Madden, Lauren; Bedward, John; Carter, Mike

    2010-01-01

    A common mode of communication in the elementary classroom is the science notebook. In this article, the authors outline the ways in which "graphically enhanced science notebooks" can help engage students in complete and robust inquiry. Central to this approach is deliberate attention to the efficient and effective use of student-generated…

  2. Computer Graphics Verification

    NASA Technical Reports Server (NTRS)

    1992-01-01

    Video processing creates technical animation sequences using studio quality equipment to realistically represent fluid flow over space shuttle surfaces, helicopter rotors, and turbine blades.Computer systems Co-op, Tim Weatherford, performing computer graphics verification. Part of Co-op brochure.

  3. Software For Animated Graphics

    NASA Technical Reports Server (NTRS)

    Merritt, F.; Bancroft, G.; Kelaita, P.

    1992-01-01

    Graphics Animation System (GAS) software package serves as easy-to-use, menu-driven program providing fast, simple viewing capabilities as well as more-complex features for rendering and animation in computational fluid dynamics (CFD). Displays two- and three-dimensional objects along with computed data and records animation sequences on video digital disk, videotape, and 16-mm film. Written in C.

  4. Graphic Novels: A Roundup.

    ERIC Educational Resources Information Center

    Kan, Katherine L.

    1994-01-01

    Reviews graphic novels for young adults, including five titles from "The Adventures of Tintin," a French series that often uses ethnic and racial stereotypes which reflect the time in which they were published, and "Wolverine," a Marvel comic character adventure. (Contains six references.) (LRW)

  5. Computing Graphical Confidence Bounds

    NASA Technical Reports Server (NTRS)

    Mezzacappa, M. A.

    1983-01-01

    Approximation for graphical confidence bounds is simple enough to run on programmable calculator. Approximation is used in lieu of numerical tables not always available, and exact calculations, which often require rather sizable computer resources. Approximation verified for collection of up to 50 data points. Method used to analyze tile-strength data on Space Shuttle thermal-protection system.

  6. Mathematical Graphic Organizers

    ERIC Educational Resources Information Center

    Zollman, Alan

    2009-01-01

    As part of a math-science partnership, a university mathematics educator and ten elementary school teachers developed a novel approach to mathematical problem solving derived from research on reading and writing pedagogy. Specifically, research indicates that students who use graphic organizers to arrange their ideas improve their comprehension…

  7. Graphics database creation and manipulation: HyperCard Graphics Database Toolkit and Apple Graphics Source

    NASA Astrophysics Data System (ADS)

    Herman, Jeffrey; Fry, David

    1990-08-01

    Because graphic files can be stored in a number ofdifferent file formats, it has traditionally been difficult to create a graphics database from which users can open, copy, and print graphic files, where each file in the database may be in one ofseverai different formats. HyperCard Graphics Database Toolkit has been designed and written by Apple Computer to enable software developers to facilitate the creation of customized graphics databases. Using a database developed with the toolkit, users can open, copy, or print a graphic transparently, without having to know or understand the complexities of file formats. In addition, the toolkit includes a graphic user interface, graphic design, on-line help, and search algorithms that enable users to locate specific graphics quickly. Currently, the toolkit handles graphics in the formats MPNT, PICT, and EPSF, and is open to supporting other formats as well. Developers can use the toolkit to alter the code, the interface, and the graphic design in order to customize their database for the needs oftheir users. This paper discusses the structure ofthe toolkit and one implementation, Apple Graphics Source (AGS). AGS contains over 2,000 graphics used in Apple's books and manuals. AGS enables users to find existing graphics of Apple products and use them for presentations, new publications, papers, and software projects.

  8. The Titan graphics supercomputer architecture

    SciTech Connect

    Diede, T.; Hagenmaier, C.F.; Miranker, G.S.; Rubinstein, J.J.; Worley, W.S. Jr. )

    1988-09-01

    Leading-edge hardware and software technologies now make possible a new class of system - the graphics supercomputer. Titan architecture provides a substantial fraction of supercomputer performance plus integrated high-quality graphics.

  9. Career Opportunities in Computer Graphics.

    ERIC Educational Resources Information Center

    Langer, Victor

    1983-01-01

    Reviews the impact of computer graphics on industrial productivity. Details the computer graphics technician curriculum at Milwaukee Area Technical College and the cooperative efforts of business and industry to fund and equip the program. (SK)

  10. Graphical environment for DAQ simulations

    NASA Astrophysics Data System (ADS)

    Wang, Chung-Ching; Booth, Alexander W.; Chen, Yen-Min; Botlo, Michael

    1994-02-01

    At the Superconducting Super Collider Laboratory (SSCL) a tool called DAQSIM has been developed to study the behavior of data acquisition (DAQ) systems. This paper reports and discusses the graphics use in DAQSIM. DAQSIM graphics includes graphical user interface (GUI), animation debugging, and control facilities. DAQSIM graphics not only provides a convenient DAQ simulation environment, it also serves as an efficient manager in simulation development and verification.

  11. Graphical Contingency Analysis Tool

    SciTech Connect

    2010-03-02

    GCA is a visual analytic tool for power grid contingency analysis to provide more decision support for power grid operations. GCA allows power grid operators to quickly gain situational awareness of power grid by converting large amounts of operational data to graphic domain with a color contoured map; identify system trend and foresee and discern emergencies by performing trending analysis; identify the relationships between system configurations and affected assets by conducting clustering analysis; and identify the best action by interactively evaluate candidate actions.

  12. Space Spurred Computer Graphics

    NASA Technical Reports Server (NTRS)

    1983-01-01

    Dicomed Corporation was asked by NASA in the early 1970s to develop processing capabilities for recording images sent from Mars by Viking spacecraft. The company produced a film recorder which increased the intensity levels and the capability for color recording. This development led to a strong technology base resulting in sophisticated computer graphics equipment. Dicomed systems are used to record CAD (computer aided design) and CAM (computer aided manufacturing) equipment, to update maps and produce computer generated animation.

  13. Graphic Grown Up

    ERIC Educational Resources Information Center

    Kim, Ann

    2009-01-01

    It's no secret that children and YAs are clued in to graphic novels (GNs) and that comics-loving adults are positively giddy that this format is getting the recognition it deserves. Still, there is a whole swath of library card-carrying grown-up readers out there with no idea where to start. Splashy movies such as "300" and "Spider-Man" and their…

  14. Graphic Grown Up

    ERIC Educational Resources Information Center

    Kim, Ann

    2009-01-01

    It's no secret that children and YAs are clued in to graphic novels (GNs) and that comics-loving adults are positively giddy that this format is getting the recognition it deserves. Still, there is a whole swath of library card-carrying grown-up readers out there with no idea where to start. Splashy movies such as "300" and "Spider-Man" and their…

  15. John Herschel's Graphical Method

    NASA Astrophysics Data System (ADS)

    Hankins, Thomas L.

    2011-01-01

    In 1833 John Herschel published an account of his graphical method for determining the orbits of double stars. He had hoped to be the first to determine such orbits, but Felix Savary in France and Johann Franz Encke in Germany beat him to the punch using analytical methods. Herschel was convinced, however, that his graphical method was much superior to analytical methods, because it used the judgment of the hand and eye to correct the inevitable errors of observation. Line graphs of the kind used by Herschel became common only in the 1830s, so Herschel was introducing a new method. He also found computation fatiguing and devised a "wheeled machine" to help him out. Encke was skeptical of Herschel's methods. He said that he lived for calculation and that the English would be better astronomers if they calculated more. It is difficult to believe that the entire Scientific Revolution of the 17th century took place without graphs and that only a few examples appeared in the 18th century. Herschel promoted the use of graphs, not only in astronomy, but also in the study of meteorology and terrestrial magnetism. Because he was the most prominent scientist in England, Herschel's advocacy greatly advanced graphical methods.

  16. Graphic engine resource management

    NASA Astrophysics Data System (ADS)

    Bautin, Mikhail; Dwarakinath, Ashok; Chiueh, Tzi-cker

    2008-01-01

    Modern consumer-grade 3D graphic cards boast a computation/memory resource that can easily rival or even exceed that of standard desktop PCs. Although these cards are mainly designed for 3D gaming applications, their enormous computational power has attracted developers to port an increasing number of scientific computation programs to these cards, including matrix computation, collision detection, cryptography, database sorting, etc. As more and more applications run on 3D graphic cards, there is a need to allocate the computation/memory resource on these cards among the sharing applications more fairly and efficiently. In this paper, we describe the design, implementation and evaluation of a Graphic Processing Unit (GPU) scheduler based on Deficit Round Robin scheduling that successfully allocates to every process an equal share of the GPU time regardless of their demand. This scheduler, called GERM, estimates the execution time of each GPU command group based on dynamically collected statistics, and controls each process's GPU command production rate through its CPU scheduling priority. Measurements on the first GERM prototype show that this approach can keep the maximal GPU time consumption difference among concurrent GPU processes consistently below 5% for a variety of application mixes.

  17. Low Cost Graphics. Second Edition.

    ERIC Educational Resources Information Center

    Tinker, Robert F.

    This manual describes the CALM TV graphics interface, a low-cost means of producing quality graphics on an ordinary TV. The system permits the output of data in graphic as well as alphanumeric form and the input of data from the face of the TV using a light pen. The integrated circuits required in the interface can be obtained from standard…

  18. Designing Graphics for Effective Learning.

    ERIC Educational Resources Information Center

    Gerber, Rod

    1985-01-01

    This article provides an overview of the instructional design principles underlying the effective use of graphic communication devices in geography texts. The topics covered include labelling, figure-ground relationships, signs and symbols, legends and keys, and graphic integrity. Includes graphic examples. (JDH)

  19. Graphical Man/Machine Communications

    DTIC Science & Technology

    Progress is reported concerning the use of computer controlled graphical displays in the areas of radiaton diffusion and hydrodynamics, general...ventricular dynamics. Progress is continuing on the use of computer graphics in architecture. Some progress in halftone graphics is reported with no basic...developments presented. Colored halftone perspective pictures are being used to represent multivariable situations. Nonlinear waveform processing is

  20. Selecting Mangas and Graphic Novels

    ERIC Educational Resources Information Center

    Nylund, Carol

    2007-01-01

    The decision to add graphic novels, and particularly the Japanese styled called manga, was one the author has debated for a long time. In this article, the author shares her experience when she purchased graphic novels and mangas to add to her library collection. She shares how graphic novels and mangas have revitalized the library.

  1. Learning with Interactive Graphical Representations.

    ERIC Educational Resources Information Center

    Saljo, Roger, Ed.

    1999-01-01

    The seven articles of this theme issue deal with the use of computer-based interactive graphical representations. Studying their use will bring answers to users of static graphics in traditional paper-based media and those who plan instruction using graphical representations that allow semantically direct manipulation. (SLD)

  2. Selecting Mangas and Graphic Novels

    ERIC Educational Resources Information Center

    Nylund, Carol

    2007-01-01

    The decision to add graphic novels, and particularly the Japanese styled called manga, was one the author has debated for a long time. In this article, the author shares her experience when she purchased graphic novels and mangas to add to her library collection. She shares how graphic novels and mangas have revitalized the library.

  3. Graphic Novels and School Libraries

    ERIC Educational Resources Information Center

    Rudiger, Hollis Margaret; Schliesman, Megan

    2007-01-01

    School libraries serving children and teenagers today should be committed to collecting graphic novels to the extent that their budgets allow. However, the term "graphic novel" is enough to make some librarians--not to mention administrators and parents--pause. Graphic novels are simply book-length comics. They can be works of fiction or…

  4. Computer graphics in aerodynamic analysis

    NASA Technical Reports Server (NTRS)

    Cozzolongo, J. V.

    1984-01-01

    The use of computer graphics and its application to aerodynamic analyses on a routine basis is outlined. The mathematical modelling of the aircraft geometries and the shading technique implemented are discussed. Examples of computer graphics used to display aerodynamic flow field data and aircraft geometries are shown. A future need in computer graphics for aerodynamic analyses is addressed.

  5. When Sharing Is a Bad Idea: The Effects of Online Social Network Engagement and Sharing Passwords with Friends on Cyberbullying Involvement.

    PubMed

    Meter, Diana J; Bauman, Sheri

    2015-08-01

    Every day, children and adolescents communicate online via social networking sites (SNSs). They also report sharing passwords with peers and friends, a potentially risky behavior in regard to cyber safety. This longitudinal study tested the hypotheses that social network engagement in multiple settings would predict more cyberbullying involvement over time, and that youth who reported sharing passwords would also experience an increase in cyberbullying involvement. Data were collected at two time points one year apart from 1,272 third through eighth grade students. In line with the first study hypothesis, participating in more online SNSs was associated with increased cyberbullying involvement over time, as well as sharing passwords over time. Cyberbullying involvement at T1 predicted decreases in sharing passwords over time, suggesting that youth become aware of the dangers of sharing passwords as a result of their experience. Sharing passwords at T1 was unrelated to cyberbullying involvement at T2. Although it seems that youth may be learning from their previous mistakes, due to the widespread use of social media and normality of sharing passwords among young people, it is important to continue to educate youth about cyber safety and risky online behavior.

  6. Embryonic learning of vocal passwords in superb fairy-wrens reveals intruder cuckoo nestlings.

    PubMed

    Colombelli-Négrel, Diane; Hauber, Mark E; Robertson, Jeremy; Sulloway, Frank J; Hoi, Herbert; Griggio, Matteo; Kleindorfer, Sonia

    2012-11-20

    How do parents recognize their offspring when the cost of making a recognition error is high? Avian brood parasite-host systems have been used to address this question because of the high cost of parasitism to host fitness. We discovered that superb fairy-wren (Malurus cyaneus) females call to their eggs, and upon hatching, nestlings produce begging calls with key elements from their mother's "incubation call." Cross-fostering experiments showed highest similarity between foster mother and nestling calls, intermediate similarity with genetic mothers, and least similarity with parasitic Horsfield's bronze-cuckoo (Chalcites basalis) nestlings. Playback experiments showed that adults respond to the begging calls of offspring hatched in their own nest and respond less to calls of other wren or cuckoo nestlings. We conclude that wrens use a parent-specific password learned embryonically to shape call similarity with their own young and thereby detect foreign cuckoo nestlings.

  7. Examining Authenticity: An Initial Exploration of the Suitability of Handwritten Electronic Signatures.

    PubMed

    Heckeroth, J; Boywitt, C D

    2017-03-29

    Considering the increasing relevance of handwritten electronically captured signatures, we evaluated the ability of forensic handwriting examiners (FHEs) to distinguish between authentic and simulated electronic signatures. Sixty-six professional FHEs examined the authenticity of electronic signatures captured with software by signotec on a smartphone Galaxy Note 4 by Samsung and signatures made with a ballpoint pen on paper (conventional signatures). In addition, we experimentally varied the name ("J. König" vs. "A. Zaiser") and the status (authentic vs. simulated) of the signatures in question. FHEs' conclusions about the authenticity did not show a statistically significant general difference between electronic and conventional signatures. Furthermore, no significant discrepancies between electronic and conventional signatures were found with regard to other important aspects of the authenticity examination such as questioned signatures' graphic information content, the suitability of the provided sample signatures, the necessity of further examinations and the levels of difficulty of the cases under examination. Thus, this study did not reveal any indications that electronic signatures captured with software by signotec on a Galaxy Note 4 are less well suited than conventional signatures for the examination of authenticity, precluding potential technical problems concerning the integrity of electronic signatures.

  8. Deep Brain Stimulation, Authenticity and Value.

    PubMed

    Pugh, Jonathan; Maslen, Hannah; Savulescu, Julian

    2017-10-01

    Deep brain stimulation has been of considerable interest to bioethicists, in large part because of the effects that the intervention can occasionally have on central features of the recipient's personality. These effects raise questions regarding the philosophical concept of authenticity. In this article, we expand on our earlier work on the concept of authenticity in the context of deep brain stimulation by developing a diachronic, value-based account of authenticity. Our account draws on both existentialist and essentialist approaches to authenticity, and Laura Waddell Ekstrom's coherentist approach to personal autonomy. In developing our account, we respond to Sven Nyholm and Elizabeth O'Neill's synchronic approach to authenticity, and explain how the diachronic approach we defend can have practical utility, contrary to Alexandre Erler and Tony Hope's criticism of autonomy-based approaches to authenticity. Having drawn a distinction between the authenticity of an individual's traits and the authenticity of that person's values, we consider how our conception of authenticity applies to the context of anorexia nervosa in comparison to other prominent accounts of authenticity. We conclude with some reflections on the prudential value of authenticity, and by highlighting how the language of authenticity can be invoked to justify covert forms of paternalism that run contrary to the value of individuality that seems to be at the heart of authenticity.

  9. Authentic HIV-1 integrase inhibitors

    PubMed Central

    Liao, Chenzhong; Marchand, Christophe; Burke, Terrence R; Pommier, Yves; Nicklaus, Marc C

    2010-01-01

    HIV-1 integrase (IN) is indispensable for HIV-1 replication and has become a validated target for developing anti-AIDS agents. In two decades of development of IN inhibition-based anti-HIV therapeutics, a significant number of compounds were identified as IN inhibitors, but only some of them showed antiviral activity. This article reviews a number of patented HIV-1 IN inhibitors, especially those that possess high selectivity for the strand transfer reaction. These compounds generally have a polar coplanar moiety, which is assumed to chelate two magnesium ions in the binding site. Resistance to those compounds, when given to patients, can develop as a result of IN mutations. We refer to those compounds as authentic IN inhibitors. Continued drug development has so far delivered one authentic IN inhibitor to the market (raltegravir in 2007). Current and future attention will be focused on the development of novel authentic IN inhibitors with the goal of overcoming viral resistance. PMID:21426159

  10. [Rapid PCR authentication Lonicera japanica].

    PubMed

    Jiang, Chao; Hou, Jing-Yi; Huang, Lu-Qi; Yuan, Yuan; Chen, Min; Jin, Yan

    2014-10-01

    To simply and rapid authenticate Lonicera japanica. Rapid allele-specific PCR primer was designed base on trnL-trnF 625 G/T Single nucleotide polymorphism and the PCR reaction systems including annealing temperature was optimized; optimized results were performed to authenticate L. japanica and its 9 adulterants. When 100 x SYBR Green I was added in the PCR product of 87 degrees C initial denatured 1 min; 87 degrees C denatured 5 s, 68 degrees C annealing 5 s, 30 cycle; L. japanica visualize strong green fluorescence under 365 nm UV lamp whereas adulterants without. The results indicate rapid allele-specific PCR could authenticate L. japanica and its adulterants rapidly and simply.

  11. Designing Pu600 for Authentication

    SciTech Connect

    White, G

    2008-07-10

    Many recent Non-proliferation and Arms Control software projects include an authentication component. Demonstrating assurance that software and hardware performs as expected without hidden 'back-doors' is crucial to a project's success. In this context, 'authentication' is defined as determining that the system performs only its intended purpose and performs that purpose correctly and reliably over many years. Pu600 is a mature software solution for determining the presence of Pu and the ratio of Pu240 to Pu239 by analyzing the gamma ray spectra in the 600 KeV region. The project's goals are to explore hardware and software technologies which can by applied to Pu600 which ease the authentication of a complete, end-to-end solution. We will discuss alternatives and give the current status of our work.

  12. Design of a MEMS-based retina scanning system for biometric authentication

    NASA Astrophysics Data System (ADS)

    Woittennek, Franziska; Knobbe, Jens; Pügner, Tino; Schelinski, Uwe; Grüger, Heinrich

    2014-05-01

    There is an increasing need for reliable authentication for a number of applications such as e commerce. Common authentication methods based on ownership (ID card) or knowledge factors (password, PIN) are often prone to manipulations and may therefore be not safe enough. Various inherence factor based methods like fingerprint, retinal pattern or voice identifications are considered more secure. Retina scanning in particular offers both low false rejection rate (FRR) and low false acceptance rate (FAR) with about one in a million. Images of the retina with its characteristic pattern of blood vessels can be made with either a fundus camera or laser scanning methods. The present work describes the optical design of a new compact retina laser scanner which is based on MEMS (Micro Electric Mechanical System) technology. The use of a dual axis micro scanning mirror for laser beam deflection enables a more compact and robust design compared to classical systems. The scanner exhibits a full field of view of 10° which corresponds to an area of 4 mm2 on the retinal surface surrounding the optical disc. The system works in the near infrared and is designed for use under ambient light conditions, which implies a pupil diameter of 1.5 mm. Furthermore it features a long eye relief of 30 mm so that it can be conveniently used by persons wearing glasses. The optical design requirements and the optical performance are discussed in terms of spot diagrams and ray fan plots.

  13. Introduction to Methods Demonstrations for Authentication

    SciTech Connect

    Kouzes, Richard T.; Hansen, Randy R.; Pitts, W. K.

    2002-07-15

    During the Trilateral Initiative Technical Workshop on Authentication & Certification, PNNL will demonstrate some authentication technologies. This paper briefly describes the motivation for these demonstrations and provide background on them.

  14. The Authentic Personality: A Theoretical and Empirical Conceptualization and the Development of the Authenticity Scale

    ERIC Educational Resources Information Center

    Wood, Alex M.; Linley, P. Alex; Maltby, John; Baliousis, Michael; Joseph, Stephen

    2008-01-01

    This article describes the development of a measure of dispositional authenticity and tests whether authenticity is related to well-being, as predicted by several counseling psychology perspectives. Scales were designed to measure a tripartite conception of authenticity, comprising self-alienation, authentic living, and accepting external…

  15. The Authentic Personality: A Theoretical and Empirical Conceptualization and the Development of the Authenticity Scale

    ERIC Educational Resources Information Center

    Wood, Alex M.; Linley, P. Alex; Maltby, John; Baliousis, Michael; Joseph, Stephen

    2008-01-01

    This article describes the development of a measure of dispositional authenticity and tests whether authenticity is related to well-being, as predicted by several counseling psychology perspectives. Scales were designed to measure a tripartite conception of authenticity, comprising self-alienation, authentic living, and accepting external…

  16. Graphical timeline editing

    NASA Technical Reports Server (NTRS)

    Meyer, Patrick E.; Jaap, John P.

    1994-01-01

    NASA's Experiment Scheduling Program (ESP), which has been used for approximately 12 Spacelab missions, is being enhanced with the addition of a Graphical Timeline Editor. The GTE Clipboard, as it is called, was developed to demonstrate new technology which will lead the development of International Space Station Alpha's Payload Planning System and support the remaining Spacelab missions. ESP's GTE Clipboard is developed in C using MIT's X Windows System X11R5 and follows OSF/Motif Style Guide Revision 1.2.

  17. TASC Graphics Software Package.

    DTIC Science & Technology

    1982-12-01

    RD-I55 861 TSC GRPHICS SOFTWRE PCKRGE(U) NLYTIC SCIENCES i/I RD 𔄀-t CORP RERDING MA M R TANG DEC 82 TR-1946-6U~~cLss AFG L-TR-gi-1388 Fi9629-89-C...extensions were made to allow TGSP to use color graphics. 2.1 INTERACTIVE TGSP NCAR was designed to be a general plot package for use with many different...plotting devices. It is designed to accept high level commands and generate an intermediate set of commands called metacode and to then use device

  18. 21 CFR 1311.115 - Additional requirements for two-factor authentication.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ..., such as a password or response to a challenge question. (2) Something the practitioner is, biometric... modules or one-time-password devices. (c) If one factor is a biometric, the biometric subsystem...

  19. 21 CFR 1311.115 - Additional requirements for two-factor authentication.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ..., such as a password or response to a challenge question. (2) Something the practitioner is, biometric... modules or one-time-password devices. (c) If one factor is a biometric, the biometric subsystem...

  20. 21 CFR 1311.115 - Additional requirements for two-factor authentication.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ..., such as a password or response to a challenge question. (2) Something the practitioner is, biometric... modules or one-time-password devices. (c) If one factor is a biometric, the biometric subsystem...

  1. Authentic Montessori: The Teacher Makes the Difference

    ERIC Educational Resources Information Center

    Huxel, Alexa C.

    2013-01-01

    What are the elements that make up authentic Montessori? Is Montessori something concrete or abstract? Are there intangibles that make Montessori what it is? Many classrooms today have Montessori materials and small tables and chairs. Are they authentic Montessori? When examining areas that traditionally make defining authentic Montessori…

  2. Developmental Changes in Judgments of Authentic Objects

    ERIC Educational Resources Information Center

    Frazier, Brandy N.; Gelman, Susan A.

    2009-01-01

    This study examined the development of an understanding of authenticity among 112 children (preschoolers, kindergarten, 1st graders, and 4th graders) and 119 college students. Participants were presented with pairs of photographs depicting authentic and non-authentic objects and asked to pick which one belongs in a museum and which one they would…

  3. 22 CFR 92.36 - Authentication defined.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 22 Foreign Relations 1 2013-04-01 2013-04-01 false Authentication defined. 92.36 Section 92.36 Foreign Relations DEPARTMENT OF STATE LEGAL AND RELATED SERVICES NOTARIAL AND RELATED SERVICES Specific Notarial Acts § 92.36 Authentication defined. An authentication is a certification of the genuineness of...

  4. 22 CFR 92.36 - Authentication defined.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Authentication defined. 92.36 Section 92.36 Foreign Relations DEPARTMENT OF STATE LEGAL AND RELATED SERVICES NOTARIAL AND RELATED SERVICES Specific Notarial Acts § 92.36 Authentication defined. An authentication is a certification of the genuineness of...

  5. 22 CFR 92.36 - Authentication defined.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 22 Foreign Relations 1 2014-04-01 2014-04-01 false Authentication defined. 92.36 Section 92.36 Foreign Relations DEPARTMENT OF STATE LEGAL AND RELATED SERVICES NOTARIAL AND RELATED SERVICES Specific Notarial Acts § 92.36 Authentication defined. An authentication is a certification of the genuineness of...

  6. 22 CFR 92.36 - Authentication defined.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 22 Foreign Relations 1 2012-04-01 2012-04-01 false Authentication defined. 92.36 Section 92.36 Foreign Relations DEPARTMENT OF STATE LEGAL AND RELATED SERVICES NOTARIAL AND RELATED SERVICES Specific Notarial Acts § 92.36 Authentication defined. An authentication is a certification of the genuineness of...

  7. 22 CFR 92.36 - Authentication defined.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 22 Foreign Relations 1 2011-04-01 2011-04-01 false Authentication defined. 92.36 Section 92.36 Foreign Relations DEPARTMENT OF STATE LEGAL AND RELATED SERVICES NOTARIAL AND RELATED SERVICES Specific Notarial Acts § 92.36 Authentication defined. An authentication is a certification of the genuineness of...

  8. 7 CFR 1.22 - Authentication.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 7 Agriculture 1 2013-01-01 2013-01-01 false Authentication. 1.22 Section 1.22 Agriculture Office of the Secretary of Agriculture ADMINISTRATIVE REGULATIONS Official Records § 1.22 Authentication. When a request is received for an authenticated copy of a document that the agency determines to...

  9. 7 CFR 1.22 - Authentication.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 7 Agriculture 1 2010-01-01 2010-01-01 false Authentication. 1.22 Section 1.22 Agriculture Office of the Secretary of Agriculture ADMINISTRATIVE REGULATIONS Official Records § 1.22 Authentication. When a request is received for an authenticated copy of a document that the agency determines to...

  10. Authentic Montessori: The Teacher Makes the Difference

    ERIC Educational Resources Information Center

    Huxel, Alexa C.

    2013-01-01

    What are the elements that make up authentic Montessori? Is Montessori something concrete or abstract? Are there intangibles that make Montessori what it is? Many classrooms today have Montessori materials and small tables and chairs. Are they authentic Montessori? When examining areas that traditionally make defining authentic Montessori…

  11. Big system: Interactive graphics for the engineer

    NASA Technical Reports Server (NTRS)

    Quenneville, C. E.

    1975-01-01

    The BCS Interactive Graphics System (BIG System) approach to graphics was presented, along with several significant engineering applications. The BIG System precompiler, the graphics support library, and the function requirements of graphics applications are discussed. It was concluded that graphics standardization and a device independent code can be developed to assure maximum graphic terminal transferability.

  12. Authenticity and Lesbian Health Educators

    ERIC Educational Resources Information Center

    Weiler-Timmins, Rebecca A.

    2011-01-01

    This qualitative study used narrative inquiry to explore how lesbian health educators navigate authenticity in a heteronormative higher education setting. The study was grounded in a lesbian standpoint pedagogical viewpoint, which provided a lens with which to view the nine participants' experiences. Of particular interest was how the educators in…

  13. Literacy Cafe: Making Writing Authentic

    ERIC Educational Resources Information Center

    Daniels, Erika

    2007-01-01

    The "Literacy Cafe," a celebration of genre study and student writing, offers students (and visitors!) a positive environment in which to engage in reading and discussion of writing without self-consciousness or fear of criticism. It works because students learn to recognize writing as a learning tool and a relevant, authentic skill in the real…

  14. Literacy Cafe: Making Writing Authentic

    ERIC Educational Resources Information Center

    Daniels, Erika

    2007-01-01

    The "Literacy Cafe," a celebration of genre study and student writing, offers students (and visitors!) a positive environment in which to engage in reading and discussion of writing without self-consciousness or fear of criticism. It works because students learn to recognize writing as a learning tool and a relevant, authentic skill in the real…

  15. Authentic Instruction and Technology Literacy

    ERIC Educational Resources Information Center

    Cydis, Susan

    2015-01-01

    Technology integration is an important aspect of student competence in the 21st century. The use of technology in teaching and learning is a valuable practice for supporting student learning and engagement. Modelling the pedagogical practices that integrate authentic, performance-based opportunities for technology integration was the focus of a…

  16. Authenticity and Lesbian Health Educators

    ERIC Educational Resources Information Center

    Weiler-Timmins, Rebecca A.

    2011-01-01

    This qualitative study used narrative inquiry to explore how lesbian health educators navigate authenticity in a heteronormative higher education setting. The study was grounded in a lesbian standpoint pedagogical viewpoint, which provided a lens with which to view the nine participants' experiences. Of particular interest was how the educators in…

  17. Authentic Supervision Reconciles the Irreconcilables.

    ERIC Educational Resources Information Center

    Pajak, Edward F.; Seyfarth, John T.

    1983-01-01

    Successful supervisors share a characteristic of "authenticity," rather than a particular pattern of behavior. From a background of Gestalt psychology, four steps are offered to help supervisors become aware of their own needs and feelings and recognize the "shoulds" that prevent real contact with others. (MLF)

  18. Embodying Authenticity in Higher Education

    ERIC Educational Resources Information Center

    Douglass, Laura

    2016-01-01

    Orienting to the community of higher education involves a learning experience that is authentic and embodied for one new college administrator. Reflecting on her experience, she articulates how her relationship to her body helps to understand and respond to the tensions of engaging with a scholarly community.

  19. Use of an Accessible iPad App and Supplemental Graphics to Build Mathematics Skills: Feasibility Study Results

    ERIC Educational Resources Information Center

    Beal, Carole R.; Rosenblum, L. Penny

    2015-01-01

    Introduction: The present study evaluated the feasibility of using an iPad application or "app" for algebra-readiness mathematics, with accompanying braille materials and accessible graphics, when used in authentic educational settings. Methods: Twenty-nine students with visual impairments in grades 4-11 used the materials under the…

  20. Quantum identity authentication with single photon

    NASA Astrophysics Data System (ADS)

    Hong, Chang ho; Heo, Jino; Jang, Jin Gak; Kwon, Daesung

    2017-10-01

    Quantum identity authentication with single photons is proposed in the paper. It can verify a user's identity without exposing to an authentication key information. The protocol guarantees high efficiency in that it can verify two bits of authentication information using just a single photon. The security of our authentication scheme is analyzed and confirmed in the case of a general attack. Moreover, the proposed protocol is practicable with current technology. Our quantum identity authentication protocol does not require quantum memory registration and any entangled photon sources.

  1. Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

    PubMed

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

    2015-11-01

    The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

  2. Emergent shapes in graphical design

    NASA Astrophysics Data System (ADS)

    Grabska, Ewa

    2001-06-01

    This paper deals with graphical design and extracting emergent shapes, i.e., shapes that are not consciously constructed by designers. Graphical design is discussed in the framework of operational constraints. Defining the system of constraints makes possible to describe the notion of emergence in a formal way. The formal model of the diagrammatic reasoning system serves as a base for our considerations. The proposed approach to graphical design is illustrated by several examples related to decorative art.

  3. Graphical programming of telerobotic tasks

    SciTech Connect

    Small, D.E.; McDonald, M.J.

    1996-11-01

    With a goal of producing faster, safer, and cheaper technologies for nuclear waste cleanup, Sandia is actively developing and extending intelligent systems technologies through the US Department of Energy Office of Technology Development (DOE OTD) Robotic Technology Development Program (RTDP). Graphical programming is a key technology for robotic waste cleanup that Sandia is developing for this goal. Graphical programming uses simulation such as TELEGRIP `on-line` to program and control robots. Characterized by its model-based control architecture, integrated simulation, `point-and-click` graphical user interfaces, task and path planning software, and network communications, Sandia`s Graphical Programming systems allow operators to focus on high-level robotic tasks rather than the low-level details. Use of scripted tasks, rather than customized programs minimizes the necessity of recompiling supervisory control systems and enhances flexibility. Rapid world-modelling technologies allow Graphical Programming to be used in dynamic and unpredictable environments including digging and pipe-cutting. This paper describes Sancho, Sandia`s most advanced graphical programming supervisory software. Sancho, now operational on several robot systems, incorporates all of Sandia`s recent advances in supervisory control. Graphical programming uses 3-D graphics models as intuitive operator interfaces to program and control complex robotic systems. The goal of the paper is to help the reader understand how Sandia implements graphical programming systems and which key features in Sancho have proven to be most effective.

  4. LONGLIB - A GRAPHICS LIBRARY

    NASA Technical Reports Server (NTRS)

    Long, D.

    1994-01-01

    This library is a set of subroutines designed for vector plotting to CRT's, plotters, dot matrix, and laser printers. LONGLIB subroutines are invoked by program calls similar to standard CALCOMP routines. In addition to the basic plotting routines, LONGLIB contains an extensive set of routines to allow viewport clipping, extended character sets, graphic input, shading, polar plots, and 3-D plotting with or without hidden line removal. LONGLIB capabilities include surface plots, contours, histograms, logarithm axes, world maps, and seismic plots. LONGLIB includes master subroutines, which are self-contained series of commonly used individual subroutines. When invoked, the master routine will initialize the plotting package, and will plot multiple curves, scatter plots, log plots, 3-D plots, etc. and then close the plot package, all with a single call. Supported devices include VT100 equipped with Selanar GR100 or GR100+ boards, VT125s, VT240s, VT220 equipped with Selanar SG220, Tektronix 4010/4014 or 4107/4109 and compatibles, and Graphon GO-235 terminals. Dot matrix printer output is available by using the provided raster scan conversion routines for DEC LA50, Printronix printers, and high or low resolution Trilog printers. Other output devices include QMS laser printers, Postscript compatible laser printers, and HPGL compatible plotters. The LONGLIB package includes the graphics library source code, an on-line help library, scan converter and meta file conversion programs, and command files for installing, creating, and testing the library. The latest version, 5.0, is significantly enhanced and has been made more portable. Also, the new version's meta file format has been changed and is incompatible with previous versions. A conversion utility is included to port the old meta files to the new format. Color terminal plotting has been incorporated. LONGLIB is written in FORTRAN 77 for batch or interactive execution and has been implemented on a DEC VAX series

  5. An Authentication Protocol for Future Sensor Networks.

    PubMed

    Bilal, Muhammad; Kang, Shin-Gak

    2017-04-28

    Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN

  6. An Authentication Protocol for Future Sensor Networks

    PubMed Central

    Bilal, Muhammad; Kang, Shin-Gak

    2017-01-01

    Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN

  7. Computer-assisted information graphics from the graphic design perspective

    SciTech Connect

    Marcus, A.

    1983-11-01

    Computer-assisted information graphics can benefit by adopting some of the working processes, principles, and areas of concern typical of information-oriented graphic designers. A review of some basic design considerations is followed by a discussion of the creation and design of a prototype nonverbal narrative which combines symbols, charts, maps, and diagrams.

  8. Evaluating Texts for Graphical Literacy Instruction: The Graphic Rating Tool

    ERIC Educational Resources Information Center

    Roberts, Kathryn L.; Brugar, Kristy A.; Norman, Rebecca R.

    2015-01-01

    In this article, we present the Graphical Rating Tool (GRT), which is designed to evaluate the graphical devices that are commonly found in content-area, non-fiction texts, in order to identify books that are well suited for teaching about those devices. We also present a "best of" list of science and social studies books, which includes…

  9. Graphic Communications--Graphic Arts. Ohio's Competency Analysis Profile.

    ERIC Educational Resources Information Center

    Ohio State Univ., Columbus. Vocational Instructional Materials Lab.

    This Ohio Competency Analysis Profile (OCAP), derived from a modified Developing a Curriculum (DACUM) process, is a current comprehensive and verified employer competency program list for graphic communications--graphic arts. Each unit (with or without subunits) contains competencies and competency builders that identify the occupational,…

  10. Evaluating Texts for Graphical Literacy Instruction: The Graphic Rating Tool

    ERIC Educational Resources Information Center

    Roberts, Kathryn L.; Brugar, Kristy A.; Norman, Rebecca R.

    2015-01-01

    In this article, we present the Graphical Rating Tool (GRT), which is designed to evaluate the graphical devices that are commonly found in content-area, non-fiction texts, in order to identify books that are well suited for teaching about those devices. We also present a "best of" list of science and social studies books, which includes…

  11. Infusing Authentic Inquiry into Biotechnology

    NASA Astrophysics Data System (ADS)

    Hanegan, Nikki L.; Bigler, Amber

    2009-10-01

    Societal benefit depends on the general public's understandings of biotechnology (Betsch in World J Microbiol Biotechnol 12:439-443, 1996; Dawson and Cowan in Int J Sci Educ 25(1):57-69, 2003; Schiller in Business Review: Federal Reserve Bank of Philadelphia (Fourth Quarter), 2002; Smith and Emmeluth in Am Biol Teach 64(2):93-99, 2002). A National Science Foundation funded survey of high school biology teachers reported that hands-on biotechnology education exists in advanced high school biology in the United States, but is non-existent in mainstream biology coursework (Micklos et al. in Biotechnology labs in American high schools, 1998). The majority of pre-service teacher content preparation courses do not teach students appropriate content knowledge through the process of inquiry. A broad continuum exists when discussing inquiry-oriented student investigations (Hanegan et al. in School Sci Math J 109(2):110-134, 2009). Depending on the amount of structure in teacher lessons, inquiries can often be categorized as guided or open. The lesson can be further categorized as simple or authentic (Chinn and Malhotra in Sci Educ 86(2):175-218, 2002). Although authentic inquiries provide the best opportunities for cognitive development and scientific reasoning, guided and simple inquiries are more often employed in the classroom (Crawford in J Res Sci Teach 37(9):916-937, 2000; NRC in Inquiry and the national science education standards: a guide for teaching and learning, 2000). For the purposes of this study we defined inquiry as "authentic" if original research problems were resolved (Hanegan et al. in School Sci Math J 109(2):110-134, 2009; Chinn and Malhotra in Sci Educ 86(2):175-218, 2002; Roth in Authentic school science: knowing and learning in open-inquiry science laboratories, 1995). The research question to guide this study through naturalistic inquiry research methods was: How will participants express whether or not an authentic inquiry experience enhanced

  12. Graphic Interfaces and Online Information.

    ERIC Educational Resources Information Center

    Percival, J. Mark

    1990-01-01

    Discusses the growing importance of the use of Graphic User Interfaces (GUIs) with microcomputers and online services. Highlights include the development of graphics interfacing with microcomputers; CD-ROM databases; an evaluation of HyperCard as a potential interface to electronic mail and online commercial databases; and future possibilities.…

  13. Computer Graphics Evolution: A Survey.

    ERIC Educational Resources Information Center

    Gartel, Laurence M.

    1985-01-01

    The history of the field of computer graphics is discussed. In 1976 there were no institutions that offered any kind of study of computer graphics. Today electronic image-making is seen as a viable, legitimate art form, and courses are offered by many universities and colleges. (RM)

  14. REQUIREMENTS FOR GRAPHIC TEACHING MACHINES.

    ERIC Educational Resources Information Center

    HICKEY, ALBERT; AND OTHERS

    AN EXPERIMENT WAS REPORTED WHICH DEMONSTRATES THAT GRAPHICS ARE MORE EFFECTIVE THAN SYMBOLS IN ACQUIRING ALGEBRA CONCEPTS. THE SECOND PHASE OF THE STUDY DEMONSTRATED THAT GRAPHICS IN HIGH SCHOOL TEXTBOOKS WERE RELIABLY CLASSIFIED IN A MATRIX OF 480 FUNCTIONAL STIMULUS-RESPONSE CATEGORIES. SUGGESTIONS WERE MADE FOR EXTENDING THE CLASSIFICATION…

  15. Graphic Novels for Multiple Literacies.

    ERIC Educational Resources Information Center

    Schwarz, Gretchen E.

    2002-01-01

    Describes how the term "graphic novel" includes fiction as well as non-fiction text with pictures--"comics" in book format. Discusses how in any subject area, studying a graphic novel can bring media literacy into the curriculum as students examine the medium itself. (SG)

  16. Parallel coprocessors speed graphics system

    SciTech Connect

    Mcewan, C.

    1983-05-26

    Up to five parallel coprocessors, a pipelined architecture and display-list data structures combine to create Ramtek Corporation's fast, modular/raster graphics system, which is upgradable with software. It is stated that the system meets the needs of most CAD/CAM and simulation graphics applications. A 32-bit Vmebus structure is used.

  17. Graphics Display of Foreign Scripts.

    ERIC Educational Resources Information Center

    Abercrombie, John R.

    1987-01-01

    Describes Graphics Project for Foreign Language Learning at the University of Pennsylvania, which has developed ways of displaying foreign scripts on microcomputers. Character design on computer screens is explained; software for graphics, printing, and language instruction is discussed; and a text editor is described that corrects optically…

  18. Graphic Interfaces and Online Information.

    ERIC Educational Resources Information Center

    Percival, J. Mark

    1990-01-01

    Discusses the growing importance of the use of Graphic User Interfaces (GUIs) with microcomputers and online services. Highlights include the development of graphics interfacing with microcomputers; CD-ROM databases; an evaluation of HyperCard as a potential interface to electronic mail and online commercial databases; and future possibilities.…

  19. Graphics Education Survey. Part II.

    ERIC Educational Resources Information Center

    Ernst, Sandra B.

    After a 1977 survey reflected the importance of graphics education for news students, a study was developed to investigate the state of graphics education in the whole field of journalism. A questionnaire was sent to professors and administrators in four print-oriented professional fields of education: magazine, advertising, public relations, and…

  20. Interpreting Association from Graphical Displays

    ERIC Educational Resources Information Center

    Fitzallen, Noleine

    2016-01-01

    Research that has explored students' interpretations of graphical representations has not extended to include how students apply understanding of particular statistical concepts related to one graphical representation to interpret different representations. This paper reports on the way in which students' understanding of covariation, evidenced…

  1. Authenticity assessment of dairy products.

    PubMed

    de la Fuente, Miguel Angel; Juárez, Manuela

    2005-01-01

    The authenticity of dairy products has become a focal point, attracting the attention of scientists, producers, consumers, and policymakers. Among many others, some of the practices not allowed in milk and milk products are the substitution of part of the fat or proteins, admixtures of milk of different species, additions of low-cost dairy products (mainly whey derivatives), or mislabeling of products protected by denomination of origin. A range of analytical methods to detect frauds have been developed, modified, and continually reassessed to be one step ahead of manufacturers who pursue these illegal activities. Traditional procedures to assess the authenticity of dairy products include chromatographic, electrophoretic, and immunoenzymatic methods. New approaches such as capillary electrophoresis, polymerase chain reaction, and isotope ratio mass spectrometry have also emerged alongside the latest developments in the former procedures. This work intends to provide an updated and extensive overview since 1991 on the principal applications of all these techniques together with their advantages and disadvantages for detecting the authenticity of dairy products. The scope and limits of different tools are also discussed.

  2. CARMA Correlator Graphical Setup

    NASA Astrophysics Data System (ADS)

    Wu, D.; Shaya, B.; Pound, M. W.

    2011-07-01

    CARMA Correlator Graphical Setup (CGS) is a Java tool to help users of the Combined Array for Research in Millimeter-wave Astronomy (CARMA) plan observations. It allows users to visualize the correlator bands overlaid on frequency space and view spectral lines within each band. Bands can be click-dragged to anywhere in frequency and can have their properties (e.g., bandwidth, quantization level, rest frequency) changed interactively. Spectral lines can be filtered from the view by expected line strength to reduce visual clutter. Once the user is happy with the setup, a button click generates the Python commands needed to configure the correlator within the observing script. CGS can also read Python configurations from an observing script and reproduce the correlator setup that was used. Because the correlator hardware description is defined in an XML file, the tool can be rapidly reconfigured for changing hardware. This has been quite useful as CARMA has recently commissioned a new correlator. The tool was written in Java by high school summer interns working in UMD's Laboratory for Millimeter Astronomy and has become an essential planning tool for CARMA PIs.

  3. Computer Graphics Using Raytracing

    NASA Astrophysics Data System (ADS)

    Sellers, Graham; Lukac, Rastislav

    In the field of computer graphics, almost any technique for generating an output image can be viewed as a data transformation. The output image is a function of some input data set and the rendering algorithms used to generate that image are mapping functions. The source of the data set may be explicit, such as models and structures produced by an artist or designer, or be implicit, such as the result of a physical simulation or the surface of a fractal. There are many methods for transforming the input visual scene description into the target image. Rasterization, the process of converting an image described in vector for into a raster image [Foley 90] is a popular technique, particularly useful in modern, hardware accelerated systems. However, it tends to break down, losing its efficiency and attractiveness when scene complexity increases and geometric primitives shrink in size. Furthermore, since rasterization methods are often tuned to render simple geometry such as triangles, direct rasterization of implicit surfaces such as quadrics is not straight forward. In offline systems, a commonly used algorithm for the rendering of very fine geometry and implicit surfaces is the Reyes algorithm [Cook 87]. The Reyes algorithm, developed in the mid 1980s by a group that was to become Pixar, renders implicit geometry and smooth surfaces by recursively subdividing it into polygons until each facet becomes smaller than a single pixel. Each polygon is then rendered as a flat, single colored primitive.

  4. Graphic arts techniques and equipment: A compilation

    NASA Technical Reports Server (NTRS)

    1974-01-01

    Technology utilization of NASA sponsored projects involving graphic arts techniques and equipment is discussed. The subjects considered are: (1) modification to graphics tools, (1) new graphics tools, (3) visual aids for graphics, and (4) graphic arts shop hints. Photographs and diagrams are included to support the written material.

  5. ElectroEncephaloGraphics: Making waves in computer graphics research.

    PubMed

    Mustafa, Maryam; Magnor, Marcus

    2014-01-01

    Electroencephalography (EEG) is a novel modality for investigating perceptual graphics problems. Until recently, EEG has predominantly been used for clinical diagnosis, in psychology, and by the brain-computer-interface community. Researchers are extending it to help understand the perception of visual output from graphics applications and to create approaches based on direct neural feedback. Researchers have applied EEG to graphics to determine perceived image and video quality by detecting typical rendering artifacts, to evaluate visualization effectiveness by calculating the cognitive load, and to automatically optimize rendering parameters for images and videos on the basis of implicit neural feedback.

  6. An Examination of Career Indecision and Application to Dispositional Authenticity

    ERIC Educational Resources Information Center

    White, Nathan J.; Tracey, Terence J. G.

    2011-01-01

    Authenticity has been viewed as a dimension related to life satisfaction, but we propose that authenticity is related to career outcomes. In this study, we examined the relation between authenticity and career indecision. Authenticity was assessed by the Authenticity Scale and it was found to be moderately related to different indices of career…

  7. Capturing Cognitive Processing Time for Active Authentication

    DTIC Science & Technology

    2014-02-01

    biometrics, extracted from keystroke dynamics , as “something a user is” for active authentication. This scheme performs continual verification in the...fingerprint for continuous authentication. Its effectiveness has been verified through a large-scale dataset. 2.0 INTRODUCTION Keystroke dynamics —the...measure the similarity. A recent survey on biometric authentication using keystroke dynamics classified research papers on the basis of their

  8. Obfuscated authentication systems, devices, and methods

    DOEpatents

    Armstrong, Robert C; Hutchinson, Robert L

    2013-10-22

    Embodiments of the present invention are directed toward authentication systems, devices, and methods. Obfuscated executable instructions may encode an authentication procedure and protect an authentication key. The obfuscated executable instructions may require communication with a remote certifying authority for operation. In this manner, security may be controlled by the certifying authority without regard to the security of the electronic device running the obfuscated executable instructions.

  9. Graphical presentation of diagnostic information

    PubMed Central

    Whiting, Penny F; Sterne, Jonathan AC; Westwood, Marie E; Bachmann, Lucas M; Harbord, Roger; Egger, Matthias; Deeks, Jonathan J

    2008-01-01

    Background Graphical displays of results allow researchers to summarise and communicate the key findings of their study. Diagnostic information should be presented in an easily interpretable way, which conveys both test characteristics (diagnostic accuracy) and the potential for use in clinical practice (predictive value). Methods We discuss the types of graphical display commonly encountered in primary diagnostic accuracy studies and systematic reviews of such studies, and systematically review the use of graphical displays in recent diagnostic primary studies and systematic reviews. Results We identified 57 primary studies and 49 systematic reviews. Fifty-six percent of primary studies and 53% of systematic reviews used graphical displays to present results. Dot-plot or box-and- whisker plots were the most commonly used graph in primary studies and were included in 22 (39%) studies. ROC plots were the most common type of plot included in systematic reviews and were included in 22 (45%) reviews. One primary study and five systematic reviews included a probability-modifying plot. Conclusion Graphical displays are currently underused in primary diagnostic accuracy studies and systematic reviews of such studies. Diagnostic accuracy studies need to include multiple types of graphic in order to provide both a detailed overview of the results (diagnostic accuracy) and to communicate information that can be used to inform clinical practice (predictive value). Work is required to improve graphical displays, to better communicate the utility of a test in clinical practice and the implications of test results for individual patients. PMID:18405357

  10. Graphics Software For VT Terminals

    NASA Technical Reports Server (NTRS)

    Wang, Caroline

    1991-01-01

    VTGRAPH graphics software tool for DEC/VT computer terminal or terminals compatible with it, widely used by government and industry. Callable in FORTRAN or C language, library program enabling user to cope with many computer environments in which VT terminals used for window management and graphic systems. Provides PLOT10-like package plus color or shade capability for VT240, VT241, and VT300 terminals. User can easily design more-friendly user-interface programs and design PLOT10 programs on VT terminals with different computer systems. Requires ReGis graphics set terminal and FORTRAN compiler.

  11. Raster graphics extensions to the core system

    NASA Technical Reports Server (NTRS)

    Foley, J. D.

    1984-01-01

    A conceptual model of raster graphics systems was developed. The model integrates core-like graphics package concepts with contemporary raster display architectures. The conceptual model of raster graphics introduces multiple pixel matrices with associated index tables.

  12. Authentication, privacy, security can exploit brainwave by biomarker

    NASA Astrophysics Data System (ADS)

    Jenkins, Jeffrey; Sweet, Charles; Sweet, James; Noel, Steven; Szu, Harold

    2014-05-01

    We seek to augment the current Common Access Control (CAC) card and Personal Identification Number (PIN) verification systems with an additional layer of classified access biometrics. Among proven devices such as fingerprint readers and cameras that can sense the human eye's iris pattern, we introduced a number of users to a sequence of 'grandmother images', or emotionally evoked stimuli response images from other users, as well as one of their own, for the purpose of authentication. We performed testing and evaluation of the Authenticity Privacy and Security (APS) brainwave biometrics, similar to the internal organ of the human eye's iris which cannot easily be altered. `Aha' recognition through stimulus-response habituation can serve as a biomarker, similar to keystroke dynamics analysis for inter and intra key fluctuation time of a memorized PIN number (FIST). Using a non-tethered Electroencephalogram (EEG) wireless smartphone/pc monitor interface, we explore the appropriate stimuli-response biomarker present in DTAB low frequency group waves. Prior to login, the user is shown a series of images on a computer display. They have been primed to click their mouse when the image is presented. DTAB waves are collected with a wireless EEG and are sent via Smartphone to a cloud based processing infrastructure. There, we measure fluctuations in DTAB waves from a wireless, non-tethered, single node EEG device between the Personal Graphic Image Number (PGIN) stimulus image and the response time from an individual's mental performance baseline. Towards that goal, we describe an infrastructure that supports distributed verification for web-based EEG authentication. The performance of machine learning on the relative Power Spectral Density EEG data may uncover features required for subsequent access to web or media content. Our approach provides a scalable framework wrapped into a robust Neuro-Informatics toolkit, viable for use in the Biomedical and mental health

  13. A Password-Protected Web Site for Mothers Expressing Milk for Their Preterm Infants.

    PubMed

    Blatz, MaryAnn; Dowling, Donna; Underwood, Patricia W; Bieda, Amy; Graham, Gregory

    2017-06-01

    Research has demonstrated that breast milk significantly decreases morbidities that impact length of stay for preterm infants, but there is a need to test interventions to improve breastfeeding outcomes. Since many Americans are using technologies such as the Intranet and smartphones to find health information and manage health, a Web site was developed for mothers who provide breast milk for their preterm hospitalized infants. This study examined the efficacy of a Web site for mothers to educate them about breast milk expression and assist them in monitoring their breast milk supply. Quantitative and qualitative data were collected from mothers whose preterm infants were hospitalized in a level IV neonatal intensive care unit (NICU) or transitional care unit (TCU) in an urban academic medical center in the Midwest. Eighteen mothers participated in evaluation of the Web site. Thirteen mothers consistently logged on to the password-protected Web site (mean [standard deviation] = 13.3 [11.7]) times. Most participants, (69.2%), reported they used the breast milk educational information. Most mothers indicated that using the Web site log helped in tracking their pumping. These findings can be used to direct the design and development of web-based resources for mothers of preterm infants IMPLICATIONS FOR PRACTICE:: NICU and TCU staffs need to examine and establish approaches to actively involve mothers in monitoring the establishment and maintenance of an adequate supply of breast milk to improve neonatal health outcomes. An electronic health application that incorporates the features identified in this study should be developed and tested.

  14. Scanning Martian Atmospheric Temperatures Graphic

    NASA Image and Video Library

    2013-06-12

    This graphic depicts the Mars Climate Sounder instrument on NASA Mars Reconnaissance Orbiter measuring the temperature of a cross section of the Martian atmosphere as the orbiter passes above the south polar region.

  15. EPA Communications Stylebook: Graphics Guide

    EPA Pesticide Factsheets

    Includes standards and guidance for graphics typography, layout, composition, color scheme, appropriate use of charts and graphs, logos and related symbols, and consistency with the message of accompanied content.

  16. Calculators and Computers: Graphical Addition.

    ERIC Educational Resources Information Center

    Spero, Samuel W.

    1978-01-01

    A computer program is presented that generates problem sets involving sketching graphs of trigonometric functions using graphical addition. The students use calculators to sketch the graphs and a computer solution is used to check it. (MP)

  17. Graphical Representation of Complex Functions.

    ERIC Educational Resources Information Center

    Renka, Robert J.

    1988-01-01

    Describes methods and software for graphing representation of a complex function of a complex variable. Includes an application of a graphical interpretation of the complex zeros of the cubic and their properties. (PK)

  18. Systematic Errors and Graphical Extrapolation.

    ERIC Educational Resources Information Center

    Blickensderfer, Roger

    1985-01-01

    Presents a laboratory exercise designed to introduce graphical extrapolation. Major advantages of the method are in its simplicity and speed. The only measuring devices are a centimeter ruler and a micrometer caliper to check wall thickness. (JN)

  19. Authentic Learning and Alien Worlds

    NASA Astrophysics Data System (ADS)

    Watt, Sara D.; Watt, Keith; Gleim, Brian

    2015-01-01

    Glendale Community College has developed a laboratory course and observing program which provides non-science majors with opportunities to perform authentic science in a community college setting. The program is designed around experiential learning which allows students to meaningfully construct concepts within contexts that involve real-world problems that are relevant to the learner. Students learn observational astronomy and data analysis techniques by observing exoplanet transits using 8-inch Celestron telescopes. The exoplanet data gathered and analyzed by the students is contributed to the exoplanet database. This poster presents an overview of the program and highlights early educational results.

  20. Alienation, authenticity and the self.

    PubMed

    Rae, Gavin

    2010-01-01

    While many commentators have held that the concept "alienation" is of crucial importance when attempting to understand human existence, others have held that it is an inherently empty concept that we should abandon. In this article, I refute the latters' charge by showing that each conception of "alienation" is underpinned by a normative ontological conception of the preferable, or authentic, self and show that the concept "alienation" has ethical, existential and socio-political uses. From this I conclude that, when properly understood, the concept "alienation" can provide us with vital insights into human existence.

  1. Epistemological authenticity in science classrooms

    NASA Astrophysics Data System (ADS)

    Hutchison, Paul S.

    A scientifically literate individual understands important characteristics of both the nature of scientific knowledge and the activity that produces it, scientific inquiry. (NRC, 1996; AAAS, 1993) In support of these goals the National Science Education Standards (NRC, 1996) envisions science classrooms where students engage productively in activity that is similar to scientific inquiry. It is presumed that by engaging in this kind of activity students will come to deeper understandings of scientific inquiry and scientific knowledge. For this instructional approach to be successful it is necessary students not only engaging in activity that "looks" like science in important ways, but also view their own activity as authentically using knowledge for the purpose of making sense of natural phenomena. Notably the determination of what is authentic is problematic in a science classroom. There are two different possible arbiters "present" in a classroom, the students themselves and the discipline of science. And what is authentic to one might not be to the other. This work provides perspectives on classroom and teacher professional development implications of this view of science instruction. Chapter two articulates a conceptualization, epistemological authenticity, of the nature of student activity necessary to achieve these instructional goals. Such activity involves students engaging in scientific practices with the same purposes as scientists. Chapter three uses a case study of a science classroom to illustrate some of the features of student activity that provide evidence of more and less productive student expectations about the purposes of their own participation in a science class. It also discusses the role teacher instructional choices play in influencing how students perceive the purposes of classroom activity. Chapter four considers teacher professional development, specifically images of exemplary science classrooms in the Standards and a supplement to it

  2. Hydraulics Graphics Package. Users Manual

    DTIC Science & Technology

    1985-11-01

    Engineering Center, Corps of Engineers, Department of the Army, as the origin of the program(s). IT, i HGP -3!OO Ju ’ ŕ Dlst! 3pbo.i:, HYDRAULICS GRAPHICS...Davis, California 95616 (916) 551-1748 (FTS) 460-1748 HGP Hydraulics Graphics Package Users Manual TABLE OF CONTENTS Chapter Subject Page 1 Introduction...5 2.4 Use of Disk Files ........ ................ 6 3 HGP Free Format User Input 3.1 Command Language Syntax ...... ............. 8 3.2

  3. Graphic design of pinhole cameras

    NASA Technical Reports Server (NTRS)

    Edwards, H. B.; Chu, W. P.

    1979-01-01

    The paper describes a graphic technique for the analysis and optimization of pinhole size and focal length. The technique is based on the use of the transfer function of optical elements described by Scott (1959) to construct the transfer function of a circular pinhole camera. This transfer function is the response of a component or system to a pattern of lines having a sinusoidally varying radiance at varying spatial frequencies. Some specific examples of graphic design are presented.

  4. Parallel Debugging Using Graphical Views

    DTIC Science & Technology

    1988-03-01

    Voyeur , a prototype system for creating graphical views of parallel programs, provid(s a cost-effective way to construct such views for any parallel...programming system. We illustrate Voyeur by discussing four views created for debugging Poker programs. One is a vteneral trace facility for any Poker...Graphical views are essential for debugging parallel programs because of the large quan- tity of state information contained in parallel programs. Voyeur

  5. Photojournal Home Page Graphic 2007

    NASA Technical Reports Server (NTRS)

    2008-01-01

    This image is an unannotated version of the Photojournal Home Page graphic released in October 2007. This digital collage contains a highly stylized rendition of our solar system and points beyond. As this graphic was intended to be used as a navigation aid in searching for data within the Photojournal, certain artistic embellishments have been added (color, location, etc.). Several data sets from various planetary and astronomy missions were combined to create this image.

  6. Planetary Photojournal Home Page Graphic

    NASA Technical Reports Server (NTRS)

    2004-01-01

    This image is an unannotated version of the Planetary Photojournal Home Page graphic. This digital collage contains a highly stylized rendition of our solar system and points beyond. As this graphic was intended to be used as a navigation aid in searching for data within the Photojournal, certain artistic embellishments have been added (color, location, etc.). Several data sets from various planetary and astronomy missions were combined to create this image.

  7. Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

    PubMed Central

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

    2015-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks). PMID:25849359

  8. A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems.

    PubMed

    Mishra, Dheerendra; Srinivas, Jangirala; Mukhopadhyay, Sourav

    2014-10-01

    Advancement in network technology provides new ways to utilize telecare medicine information systems (TMIS) for patient care. Although TMIS usually faces various attacks as the services are provided over the public network. Recently, Jiang et al. proposed a chaotic map-based remote user authentication scheme for TMIS. Their scheme has the merits of low cost and session key agreement using Chaos theory. It enhances the security of the system by resisting various attacks. In this paper, we analyze the security of Jiang et al.'s scheme and demonstrate that their scheme is vulnerable to denial of service attack. Moreover, we demonstrate flaws in password change phase of their scheme. Further, our aim is to propose a new chaos map-based anonymous user authentication scheme for TMIS to overcome the weaknesses of Jiang et al.'s scheme, while also retaining the original merits of their scheme. We also show that our scheme is secure against various known attacks including the attacks found in Jiang et al.'s scheme. The proposed scheme is comparable in terms of the communication and computational overheads with Jiang et al.'s scheme and other related existing schemes. Moreover, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

  9. Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

    2015-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).

  10. Authentic Assessment in Reading Education Courses.

    ERIC Educational Resources Information Center

    Higginson, Bonnie; Smith, Lynn C.

    Noting that many teachers and some states have abandoned traditional testing methods of public school students in favor of authentic and performance-based assessment, this paper shares alternative assessment methods used by two teacher educators. After a brief introduction to the issues of authentic assessment in reading education courses, the…

  11. Authentic Learning and Multimedia in History Education

    ERIC Educational Resources Information Center

    Hillis, Peter

    2008-01-01

    The momentum gathering behind authentic learning/critical skills raises fundamental issues concerning teaching and learning. This article discusses some of the more general arguments surrounding authentic learning with particular reference to an in-depth evaluation of its impact on schools in one part of Great Britain. It then moves on to describe…

  12. Authenticity and Technology in Montessori Education

    ERIC Educational Resources Information Center

    Hubbell, Elizabeth Ross

    2006-01-01

    Montessori classrooms commonly integrate their learning across the curriculum, and participate in service learning projects. Both of these practices are authentic experiences for children. This article outlines examples of technology being used to create authentic learning environments, tasks, audiences, sources, and assessments. Technology…

  13. How Pilot Schools Authentically Assess Student Mastery

    ERIC Educational Resources Information Center

    Center for Collaborative Education, 2004

    2004-01-01

    The purpose of this study is to document how member schools of the Boston Pilot Schools Network use authentic assessments to understand what their students know and can do. These principles not only reflect the belief that a student's learning must be measured in multiple, authentic ways, they also reflect the Network's focus on equitable…

  14. Making it Real: Authenticity, Process and Pedagogy

    ERIC Educational Resources Information Center

    Badger, Richard; MacDonald, Malcolm

    2010-01-01

    Authenticity has been a part of the intellectual resources of language teaching since the 1890s but its precise meaning and implications are contested. This commentary argues for a view of authenticity which recognizes the limits of the concept as a guide for pedagogic practice and acknowledges the fact that texts are processes rather than…

  15. Ignoring Authentic African Literature Means Ignoring Africans

    ERIC Educational Resources Information Center

    Romano, Carlin

    2005-01-01

    Africa produces imaginative and authentic literature whose texture makes it impossible to think of Africans as statistics. African writers, however have to struggle to get recognized in America due to their culture and other racial and social differences, hence suggesting that efforts should be made to give authentic African literature its due.

  16. Authentic Assessment: Change for the Future.

    ERIC Educational Resources Information Center

    Bullens, Dimitra

    This report describes a project on the implementation of authentic assessment methods in order to show an authentic picture of students progress and abilities. The targeted population consisted of approximately 40 eighth grade students in 2 classes in a suburb of a major midwestern city. The problems with current assessment methods were documented…

  17. Making it Real: Authenticity, Process and Pedagogy

    ERIC Educational Resources Information Center

    Badger, Richard; MacDonald, Malcolm

    2010-01-01

    Authenticity has been a part of the intellectual resources of language teaching since the 1890s but its precise meaning and implications are contested. This commentary argues for a view of authenticity which recognizes the limits of the concept as a guide for pedagogic practice and acknowledges the fact that texts are processes rather than…

  18. Authenticity and Technology in Montessori Education

    ERIC Educational Resources Information Center

    Hubbell, Elizabeth Ross

    2006-01-01

    Montessori classrooms commonly integrate their learning across the curriculum, and participate in service learning projects. Both of these practices are authentic experiences for children. This article outlines examples of technology being used to create authentic learning environments, tasks, audiences, sources, and assessments. Technology…

  19. Wikis as Platforms for Authentic Assessment

    ERIC Educational Resources Information Center

    Eddy, Pamela L.; Lawrence, April

    2013-01-01

    Calls for accountability focus attention on assessment of student learning. Authentic assessment involves evaluating student learning as students perform real world tasks. We present a four-stage conceptual framework for authentic assessment. We argue first that evaluation is a process rather than a static one-time event. Second, authentic…

  20. Authentic Learning and Multimedia in History Education

    ERIC Educational Resources Information Center

    Hillis, Peter

    2008-01-01

    The momentum gathering behind authentic learning/critical skills raises fundamental issues concerning teaching and learning. This article discusses some of the more general arguments surrounding authentic learning with particular reference to an in-depth evaluation of its impact on schools in one part of Great Britain. It then moves on to describe…

  1. Wikis as Platforms for Authentic Assessment

    ERIC Educational Resources Information Center

    Eddy, Pamela L.; Lawrence, April

    2013-01-01

    Calls for accountability focus attention on assessment of student learning. Authentic assessment involves evaluating student learning as students perform real world tasks. We present a four-stage conceptual framework for authentic assessment. We argue first that evaluation is a process rather than a static one-time event. Second, authentic…

  2. Test-Task Authenticity: The Multiple Perspectives

    ERIC Educational Resources Information Center

    Gan, Zhengdong

    2012-01-01

    Leung and Lewkowicz remind us that the debate over the past two decades that is most relevant to ELT (English languge teaching) pedagogy and curriculum concerns test-task authenticity. This paper first reviews how the authenticity debate in the literature of second language acquisition, pedagogy and testing has evolved. Drawing on a body of…

  3. Framework for media data and owner authentication based on cryptography, watermarking, and biometric authentication

    NASA Astrophysics Data System (ADS)

    Dittman, Jana; Steinebach, Martin; Croce Ferri, Lucilla; Vielhauer, Claus; Steinmetz, Ralf; Wohlmacher, Petra

    2001-11-01

    Protecting the media of the future - securing the future of the media is an essential task for our new century. Security is defined by security measures, e.g. confidentiality, integrity, authenticity, and non-repudiation. Most of these measures are using watermarking techniques and cryptographic mechanisms like cipher systems, digital signature schemes, and authentication protocols. The security of these mechanisms is mainly based on the authenticity of specific data like keys and attributes - both data must be dedicated to its owner in an authentic manner. Otherwise, the authenticity of data and of owners can not be guaranteed and subsequently, the security can not be assured. Therefore in our paper we want to focus on data and entity (owner) authentication. We introduce a general framework to protect media data by combining different existing techniques: cryptographic, watermarking and biometric approaches. As an example we describe general concepts for a content-fragile watermarking approach for digital images and a generic approach for biometric authentication.

  4. Authentication of digital video evidence

    NASA Astrophysics Data System (ADS)

    Beser, Nicholas D.; Duerr, Thomas E.; Staisiunas, Gregory P.

    2003-11-01

    In response to a requirement from the United States Postal Inspection Service, the Technical Support Working Group tasked The Johns Hopkins University Applied Physics Laboratory (JHU/APL) to develop a technique tha will ensure the authenticity, or integrity, of digital video (DV). Verifiable integrity is needed if DV evidence is to withstand a challenge to its admissibility in court on the grounds that it can be easily edited. Specifically, the verification technique must detect additions, deletions, or modifications to DV and satisfy the two-part criteria pertaining to scientific evidence as articulated in Daubert et al. v. Merrell Dow Pharmaceuticals Inc., 43 F3d (9th Circuit, 1995). JHU/APL has developed a prototype digital video authenticator (DVA) that generates digital signatures based on public key cryptography at the frame level of the DV. Signature generation and recording is accomplished at the same time as DV is recorded by the camcorder. Throughput supports the consumer-grade camcorder data rate of 25 Mbps. The DVA software is implemented on a commercial laptop computer, which is connected to a commercial digital camcorder via the IEEE-1394 serial interface. A security token provides agent identification and the interface to the public key infrastructure (PKI) that is needed for management of the public keys central to DV integrity verification.

  5. MPE graphics -- Scalable X11 graphics in MPI

    SciTech Connect

    Gropp, W.; Karrels, E.; Lusk, E.

    1994-12-31

    As parallel programs enter the mainstream, they need to provide the same facilities and ease-of-use features expected of uniprocessor programs. For many applications, this means that they need to provide graphical output. This talk discusses a library of routines that provide scalable X Window System graphics. These routines make use of the MPI message-passing standard to provide a safe and reliable system that can be easily used in parallel programs. At the same time they encapsulate commonly-used services to provide a convenient interface to X graphics facilities. The easiest way to provide X11 graphics to a parallel program is to allow each process to draw on the same X11 Window. That is, each process opens a connection to the X11 server and draws directly to it. In one sense, this is as scalable a system as possible, since the single graphics display is an unavoidable point of sequential access. However, in reality, an X server can only accept a relatively small number of connections. In addition, the latency associated with each transmission between a parallel process and the X Window server is relatively high. This talk addresses these issues.

  6. Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method

    PubMed Central

    Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

    2015-01-01

    Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting. PMID:26236773

  7. Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method.

    PubMed

    Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

    2015-01-01

    Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

  8. Graphical Methods of Exploratory Data Analysis

    NASA Astrophysics Data System (ADS)

    Friedman, J. H.; McDonald, J. A.; Stuetzle, W.

    This paper describes briefly Orion I, a graphic system used to study applications of computer graphics - especially interactive motion graphics - in statistics. Orion I is the newest of a family of "Prim" systems whose most striking common feature is the use of real-time motion graphics to display three-dimensional scatterplots.

  9. Comprehending, Composing, and Celebrating Graphic Poetry

    ERIC Educational Resources Information Center

    Calo, Kristine M.

    2011-01-01

    The use of graphic poetry in classrooms is encouraged as a way to engage students and motivate them to read and write poetry. This article discusses how graphic poetry can help students with their comprehension of poetry while tapping into popular culture. It is organized around three main sections--reading graphic poetry, writing graphic poetry,…

  10. Graphics-System Color-Code Interface

    NASA Technical Reports Server (NTRS)

    Tulppo, J. S.

    1982-01-01

    Circuit originally developed for a flight simulator interfaces a computer graphics system with color monitor. Subsystem is intended for particular display computer (AGT-130, ADAGE Graphics Terminal) and specific color monitor (beam penetration tube--Penetron). Store-and-transmit channel is one of five in graphics/color-monitor interface. Adding 5-bit color code to existing graphics programs requires minimal programing effort.

  11. Antinomies of Semiotics in Graphic Design

    ERIC Educational Resources Information Center

    Storkerson, Peter

    2010-01-01

    The following paper assesses the roles played by semiotics in graphic design and in graphic design education, which both reflects and shapes practice. It identifies a series of factors; graphic design education methods and culture; semiotic theories themselves and their application to graphic design; the two wings of Peircian semiotics and…

  12. Antinomies of Semiotics in Graphic Design

    ERIC Educational Resources Information Center

    Storkerson, Peter

    2010-01-01

    The following paper assesses the roles played by semiotics in graphic design and in graphic design education, which both reflects and shapes practice. It identifies a series of factors; graphic design education methods and culture; semiotic theories themselves and their application to graphic design; the two wings of Peircian semiotics and…

  13. Comprehending, Composing, and Celebrating Graphic Poetry

    ERIC Educational Resources Information Center

    Calo, Kristine M.

    2011-01-01

    The use of graphic poetry in classrooms is encouraged as a way to engage students and motivate them to read and write poetry. This article discusses how graphic poetry can help students with their comprehension of poetry while tapping into popular culture. It is organized around three main sections--reading graphic poetry, writing graphic poetry,…

  14. Computer Graphics. Curriculum Guide for Technology Education.

    ERIC Educational Resources Information Center

    Craft, Clyde O.

    This curriculum guide for a 1-quarter or 1-semester course in computer graphics is designed to be used with Apple II computers. Some of the topics covered include the following: computer graphics terminology and applications, operating Apple computers, graphics programming in BASIC using various programs and commands, computer graphics painting,…

  15. Graphic Design Career Guide 2. Revised Edition.

    ERIC Educational Resources Information Center

    Craig, James

    The graphic design field is diverse and includes many areas of specialization. This guide introduces students to career opportunities in graphic design. The guide is organized in four parts. "Part One: Careers in Graphic Design" identifies and discusses the various segments of the graphic design industry, including: Advertising, Audio-Visual, Book…

  16. Computer Graphics. Curriculum Guide for Technology Education.

    ERIC Educational Resources Information Center

    Craft, Clyde O.

    This curriculum guide for a 1-quarter or 1-semester course in computer graphics is designed to be used with Apple II computers. Some of the topics covered include the following: computer graphics terminology and applications, operating Apple computers, graphics programming in BASIC using various programs and commands, computer graphics painting,…

  17. Cartooning History: Canada's Stories in Graphic Novels

    ERIC Educational Resources Information Center

    King, Alyson E.

    2012-01-01

    In recent years, historical events, issues, and characters have been portrayed in an increasing number of non-fiction graphic texts. Similar to comics and graphic novels, graphic texts are defined as fully developed, non-fiction narratives told through panels of sequential art. Such non-fiction graphic texts are being used to teach history in…

  18. Cartooning History: Canada's Stories in Graphic Novels

    ERIC Educational Resources Information Center

    King, Alyson E.

    2012-01-01

    In recent years, historical events, issues, and characters have been portrayed in an increasing number of non-fiction graphic texts. Similar to comics and graphic novels, graphic texts are defined as fully developed, non-fiction narratives told through panels of sequential art. Such non-fiction graphic texts are being used to teach history in…

  19. New APIs for mobile graphics

    NASA Astrophysics Data System (ADS)

    Pulli, Kari

    2006-02-01

    Progress in mobile graphics technology during the last five years has been swift, and it has followed a similar path as on PCs: early proprietary software engines running on integer hardware paved the way to standards that provide a roadmap for graphics hardware acceleration. In this overview we cover five recent standards for 3D and 2D vector graphics for mobile devices. OpenGL ES is a low-level API for 3D graphics, meant for applications written in C or C++. M3G (JSR 184) is a high-level 3D API for mobile Java that can be implemented on top of OpenGL ES. Collada is a content interchange format and API that allows combining digital content creation tools and exporting the results to different run-time systems, including OpenGL ES and M3G. Two new 2D vector graphics APIs reflect the relations of OpenGL ES and M3G: OpenVG is a low-level API for C/C++ that can be used as a building block for a high-level mobile Java API JSR 226.

  20. Entity Authentication Using Public Key Cryptography

    DTIC Science & Technology

    2007-11-02

    compromise, replay attacks, and the signing of pre-defined data. Using challenges and digital signatures eliminates the need for transmitting passwords...of TokenBA . Although R and R do not have to2 A B be in the unsigned data of TokenBA , they must be included in the signed data (see Section2...values that are so large that they cannot readily fit into the available memory or it is necessary to encode and transmit part of a value before the