Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

PubMed Central

Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

2015-01-01

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic. PMID:26580963

What's in a Name?

NASA Astrophysics Data System (ADS)

Bonneau, Joseph; Just, Mike; Matthews, Greg

We study the efficiency of statistical attacks on human authentication systems relying on personal knowledge questions. We adapt techniques from guessing theory to measure security against a trawling attacker attempting to compromise a large number of strangers' accounts. We then examine a diverse corpus of real-world statistical distributions for likely answer categories such as the names of people, pets, and places and find that personal knowledge questions are significantly less secure than graphical or textual passwords. We also demonstrate that statistics can be used to increase security by proactively shaping the answer distribution to lower the prevalence of common responses.

Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

PubMed

An, Younghwa

2012-01-01

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

PubMed Central

An, Younghwa

2012-01-01

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. PMID:22899887

An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity

PubMed Central

Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

2016-01-01

User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.’s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.’s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance. PMID:27101305

Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

PubMed

Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

2014-05-01

Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

How secure is your information system? An investigation into actual healthcare worker password practices.

PubMed

Cazier, Joseph A; Medlin, B Dawn

2006-09-27

For most healthcare information systems, passwords are the first line of defense in keeping patient and administrative records private and secure. However, this defense is only as strong as the passwords employees chose to use. A weak or easily guessed password is like an open door to the medical records room, allowing unauthorized access to sensitive information. In this paper, we present the results of a study of actual healthcare workers' password practices. In general, the vast majority of these passwords have significant security problems on several dimensions. Implications for healthcare professionals are discussed.

How Secure Is Your Information System? An Investigation into Actual Healthcare Worker Password Practices

PubMed Central

Cazier, Joseph A; Medlin, B. Dawn

2006-01-01

For most healthcare information systems, passwords are the first line of defense in keeping patient and administrative records private and secure. However, this defense is only as strong as the passwords employees chose to use. A weak or easily guessed password is like an open door to the medical records room, allowing unauthorized access to sensitive information. In this paper, we present the results of a study of actual healthcare workers' password practices. In general, the vast majority of these passwords have significant security problems on several dimensions. Implications for healthcare professionals are discussed. PMID:18066366

Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

NASA Astrophysics Data System (ADS)

Sasaki, Yu; Wang, Lei; Ohta, Kazuo; Kunihiro, Noboru

In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

PubMed

Lee, Tian-Fu; Liu, Chuan-Ming

2013-06-01

A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

Robust anonymous authentication scheme for telecare medical information systems.

PubMed

Xie, Qi; Zhang, Jun; Dong, Na

2013-04-01

Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects' Information

PubMed Central

Ho, Peng Foong; Kam, Yvonne Hwei-Syn; Wee, Mee Chin

2014-01-01

Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to “shoulder-surfing” attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user's actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set's input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user's actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack. PMID:24991649

Robust ECC-based authenticated key agreement scheme with privacy protection for Telecare medicine information systems.

PubMed

Zhang, Liping; Zhu, Shaohui

2015-05-01

To protect the transmission of the sensitive medical data, a secure and efficient authenticated key agreement scheme should be deployed when the healthcare delivery session is established via Telecare Medicine Information Systems (TMIS) over the unsecure public network. Recently, Islam and Khan proposed an authenticated key agreement scheme using elliptic curve cryptography for TMIS. They claimed that their proposed scheme is provably secure against various attacks in random oracle model and enjoys some good properties such as user anonymity. In this paper, however, we point out that any legal but malicious patient can reveal other user's identity. Consequently, their scheme suffers from server spoofing attack and off-line password guessing attack. Moreover, if the malicious patient performs the same time of the registration as other users, she can further launch the impersonation attack, man-in-the-middle attack, modification attack, replay attack, and strong replay attack successfully. To eliminate these weaknesses, we propose an improved ECC-based authenticated key agreement scheme. Security analysis demonstrates that the proposed scheme can resist various attacks and enables the patient to enjoy the remote healthcare services with privacy protection. Through the performance evaluation, we show that the proposed scheme achieves a desired balance between security and performance in comparisons with other related schemes.

An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

PubMed

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-07-24

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

PubMed Central

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-01-01

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged. PMID:23887085

The Effect of Password Management Procedures on the Entropy of User Selected Passwords

ERIC Educational Resources Information Center

Enamait, John D.

2012-01-01

Maintaining the security of information contained within computer systems poses challenges for users and administrators. Attacks on information systems continue to rise. Specifically, attacks that target user authentication are increasingly popular. These attacks are based on the common perception that traditional alphanumeric passwords are weak…

A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

PubMed

Wen, Fengtong

2013-12-01

User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

User Authentication: A State-of-the-Art Review

DTIC Science & Technology

1991-09-01

etc/ passwd , is publicly readable. Although the passwords in the file are encrypted, the encryption routine is read:.ly accessible. Encrypting a guess...version 4.0, and AT&T’s System V release 3.2 and System V/MLS, have addressed the problem by moving the passwords from /etc/ passwd into a shadow file that

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

PubMed Central

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-01-01

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al’s method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration. PMID:28335572

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

PubMed

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-03-21

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

PubMed

Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

2016-10-01

Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security verification of our scheme using the widely accepted AVISPA tool. High security and extra functionality features allow our proposed scheme to be applicable for telecare medicine information systems which is used for e-health care medical applications. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

Password-only authenticated three-party key exchange with provable security in the standard model.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

A Survey of Authentication Schemes in Telecare Medicine Information Systems.

PubMed

Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

2017-01-01

E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

2015-11-01

The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

PubMed Central

Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

A digital memories based user authentication scheme with privacy preservation.

PubMed

Liu, JunLiang; Lyu, Qiuyun; Wang, Qiuhua; Yu, Xiangxiang

2017-01-01

The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key), which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

A digital memories based user authentication scheme with privacy preservation

PubMed Central

Liu, JunLiang; Lyu, Qiuyun; Wang, Qiuhua; Yu, Xiangxiang

2017-01-01

The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key), which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users’ privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results. PMID:29190659

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

PubMed

Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

2015-08-01

Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

The 60 Minute Network Security Guide (First Steps Towards a Secure Network Environment)

DTIC Science & Technology

2001-10-16

default/ passwd file in UNIX. Administrators should obtain and run password-guessing programs (i.e., “John the Ripper,’’ “L0phtCrack,” and “Crack...system on which it is running, it is a good idea to transfer the encrypted passwords (the dumped SAM database for Windows and the /etc/ passwd and /etc...ownership by root and group sys. The /etc/ passwd file should have permissions 644 with owner root and group root. n Be cracked every month to find

Facelock: familiarity-based graphical authentication.

PubMed

Jenkins, Rob; McLachlan, Jane L; Renaud, Karen

2014-01-01

Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised 'facelock', in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (<1% success rate). Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems.

Computational Immunology for the Defense of Large Scale Systems

DTIC Science & Technology

2002-07-01

or unusual activity (e.g., multiple login attempts, possibly in order to guess a password). We can summarize our results as follows: • Our...such as those used in SRI’s Emerald project. There are two important characteristics of the approach introduced in [5]. First, it identifies a simple

Password-only authenticated three-party key exchange proven secure against insider dictionary attacks.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Paik, Juryon; Won, Dongho

2014-01-01

While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.

Practical security and privacy attacks against biometric hashing using sparse recovery

NASA Astrophysics Data System (ADS)

Topcu, Berkay; Karabat, Cagatay; Azadmanesh, Matin; Erdogan, Hakan

2016-12-01

Biometric hashing is a cancelable biometric verification method that has received research interest recently. This method can be considered as a two-factor authentication method which combines a personal password (or secret key) with a biometric to obtain a secure binary template which is used for authentication. We present novel practical security and privacy attacks against biometric hashing when the attacker is assumed to know the user's password in order to quantify the additional protection due to biometrics when the password is compromised. We present four methods that can reconstruct a biometric feature and/or the image from a hash and one method which can find the closest biometric data (i.e., face image) from a database. Two of the reconstruction methods are based on 1-bit compressed sensing signal reconstruction for which the data acquisition scenario is very similar to biometric hashing. Previous literature introduced simple attack methods, but we show that we can achieve higher level of security threats using compressed sensing recovery techniques. In addition, we present privacy attacks which reconstruct a biometric image which resembles the original image. We quantify the performance of the attacks using detection error tradeoff curves and equal error rates under advanced attack scenarios. We show that conventional biometric hashing methods suffer from high security and privacy leaks under practical attacks, and we believe more advanced hash generation methods are necessary to avoid these attacks.

Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks

PubMed Central

Nam, Junghyun; Choo, Kim-Kwang Raymond

2014-01-01

While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol. PMID:25309956

Facelock: familiarity-based graphical authentication

PubMed Central

McLachlan, Jane L.; Renaud, Karen

2014-01-01

Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised ‘facelock’, in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (<1% success rate). Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems. PMID:25024913

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

PubMed

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-11-30

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

Analytical Characterization of Internet Security Attacks

ERIC Educational Resources Information Center

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Strong Password-Based Authentication in TLS Using the Three-PartyGroup Diffie-Hellman Protocol

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abdalla, Michel; Bresson, Emmanuel; Chevassut, Olivier

2006-08-26

The Internet has evolved into a very hostile ecosystem where"phishing'' attacks are common practice. This paper shows that thethree-party group Diffie-Hellman key exchange can help protect againstthese attacks. We have developed a suite of password-based cipher suitesfor the Transport Layer Security (TLS) protocol that are not onlyprovably secure but also assumed to be free from patent and licensingrestrictions based on an analysis of relevant patents in thearea.

An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.

PubMed

Moon, Jongho; Choi, Younsung; Kim, Jiye; Won, Dongho

2016-03-01

Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks

PubMed Central

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-01-01

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost. PMID:26633396

On the security of a simple three-party key exchange protocol without server's public keys.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Park, Minkyu; Paik, Juryon; Won, Dongho

2014-01-01

Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

On the Security of a Simple Three-Party Key Exchange Protocol without Server's Public Keys

PubMed Central

Nam, Junghyun; Choo, Kim-Kwang Raymond; Park, Minkyu; Paik, Juryon; Won, Dongho

2014-01-01

Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol. PMID:25258723

MPI Enhancements in John the Ripper

NASA Astrophysics Data System (ADS)

Sykes, Edward R.; Lin, Michael; Skoczen, Wesley

2010-11-01

John the Ripper (JtR) is an open source software package commonly used by system administrators to enforce password policy. JtR is designed to attack (i.e., crack) passwords encrypted in a wide variety of commonly used formats. While parallel implementations of JtR exist, there are several limitations to them. This research reports on two distinct algorithms that enhance this password cracking tool using the Message Passing Interface. The first algorithm is a novel approach that uses numerous processors to crack one password by using an innovative approach to workload distribution. In this algorithm the candidate password is distributed to all participating processors and the word list is divided based on probability so that each processor has the same likelihood of cracking the password while eliminating overlapping operations. The second algorithm developed in this research involves dividing the passwords within a password file equally amongst available processors while ensuring load-balanced and fault-tolerant behavior. This paper describes John the Ripper, the design of these two algorithms and preliminary results. Given the same amount of time, the original JtR can crack 29 passwords, whereas our algorithms 1 and 2 can crack an additional 35 and 45 passwords respectively.

Improving the Rainbow Attack by Reusing Colours

NASA Astrophysics Data System (ADS)

Ågren, Martin; Johansson, Thomas; Hell, Martin

Hashing or encrypting a key or a password is a vital part in most network security protocols. The most practical generic attack on such schemes is a time memory trade-off attack. Such an attack inverts any one-way function using a trade-off between memory and execution time. Existing techniques include the Hellman attack and the rainbow attack, where the latter uses different reduction functions ("colours") within a table.

Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

PubMed

Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

2014-01-01

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

2013-06-01

The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

PubMed Central

Odelu, Vanga; Goswami, Adrijit

2014-01-01

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme. PMID:24892078

A robust and effective smart-card-based remote user authentication mechanism using hash function.

PubMed

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2014-01-01

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

BACTrack: A Surveillance Technique for Detecting and Locating Bioagent Attacks

DTIC Science & Technology

2003-06-10

Implementation • Location History – Location tracking/storage using cell - phone network (geo-location mandated by 2006) • Subscription Services...Reporting – User reports symptoms through automated cell - phone interface using password Individual reports only releasable with password Summary...Earlier detection and location relative to medical surveillance • The cell - phone location based service market can offer a means to implement BACTrack and to distribute its costs

Security analysis and improvements to the PsychoPass method.

PubMed

Brumen, Bostjan; Heričko, Marjan; Rozman, Ivan; Hölbl, Marko

2013-08-13

In a recent paper, Pietro Cipresso et al proposed the PsychoPass method, a simple way to create strong passwords that are easy to remember. However, the method has some security issues that need to be addressed. To perform a security analysis on the PsychoPass method and outline the limitations of and possible improvements to the method. We used the brute force analysis and dictionary attack analysis of the PsychoPass method to outline its weaknesses. The first issue with the Psychopass method is that it requires the password reproduction on the same keyboard layout as was used to generate the password. The second issue is a security weakness: although the produced password is 24 characters long, the password is still weak. We elaborate on the weakness and propose a solution that produces strong passwords. The proposed version first requires the use of the SHIFT and ALT-GR keys in combination with other keys, and second, the keys need to be 1-2 distances apart. The proposed improved PsychoPass method yields passwords that can be broken only in hundreds of years based on current computing powers. The proposed PsychoPass method requires 10 keys, as opposed to 20 keys in the original method, for comparable password strength.

Security Analysis and Improvements to the PsychoPass Method

PubMed Central

2013-01-01

Background In a recent paper, Pietro Cipresso et al proposed the PsychoPass method, a simple way to create strong passwords that are easy to remember. However, the method has some security issues that need to be addressed. Objective To perform a security analysis on the PsychoPass method and outline the limitations of and possible improvements to the method. Methods We used the brute force analysis and dictionary attack analysis of the PsychoPass method to outline its weaknesses. Results The first issue with the Psychopass method is that it requires the password reproduction on the same keyboard layout as was used to generate the password. The second issue is a security weakness: although the produced password is 24 characters long, the password is still weak. We elaborate on the weakness and propose a solution that produces strong passwords. The proposed version first requires the use of the SHIFT and ALT-GR keys in combination with other keys, and second, the keys need to be 1-2 distances apart. Conclusions The proposed improved PsychoPass method yields passwords that can be broken only in hundreds of years based on current computing powers. The proposed PsychoPass method requires 10 keys, as opposed to 20 keys in the original method, for comparable password strength. PMID:23942458

Guess what? Here is a new tool that finds some new guessing attacks

DTIC Science & Technology

2003-01-01

Std Z39-18 2 Ricardo Corin, Sreekanth Malladi , Jim Alves-Foss, and Sandro Etalle A type-flaw occurs when a message of one type is received by a...satisfying condition 1), but not before guessing (satisfying condition 2). 4 Ricardo Corin, Sreekanth Malladi , Jim Alves-Foss, and Sandro Etalle The only case...Feb 2003. 6 Ricardo Corin, Sreekanth Malladi , Jim Alves-Foss, and Sandro Etalle 4.1 Examples Example 4.1 Consider the following protocol: Msg 1. a

Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

PubMed Central

Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

2014-01-01

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme. PMID:25276847

Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

PubMed

Islam, S K Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

PubMed

Das, Ashok Kumar; Bruhadeshwar, Bezawada

2013-10-01

Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

PubMed Central

Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

Internet firewalls: questions and answers

NASA Astrophysics Data System (ADS)

Ker, Keith

1996-03-01

As organizations consider connecting to the Internet, the issue of internetwork security becomes more important. There are many tools and components that can be used to secure a network, one of which is a firewall. Modern firewalls offer highly flexible private network security by controlling and monitoring all communications passing into or out of the private network. Specifically designed for security, firewalls become the private network's single point of attack from Internet intruders. Application gateways (or proxies) that have been written to be secure against even the most persistent attacks ensure that only authorized users and services access the private network. One-time passwords prevent intruders from `sniffing' and replaying the usernames and passwords of authorized users to gain access to the private network. Comprehensive logging permits constant and uniform system monitoring. `Address spoofing' attacks are prevented. The private network may use registered or unregistered IP addresses behind the firewall. Firewall-to-firewall encryption establishes a `virtual private network' across the Internet, preventing intruders from eavesdropping on private communications, eliminating the need for costly dedicated lines.

Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications.

PubMed

Li, Xiong; Niu, Jianwei; Karuppiah, Marimuthu; Kumari, Saru; Wu, Fan

2016-12-01

Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

Quantum gambling using two nonorthogonal states

NASA Astrophysics Data System (ADS)

Hwang, Won Young; Ahn, Doyeol; Hwang, Sung Woo

2001-12-01

We give a (remote) quantum-gambling scheme that makes use of the fact that quantum nonorthogonal states cannot be distinguished with certainty. In the proposed scheme, two participants Alice and Bob can be regarded as playing a game of making guesses on identities of quantum states that are in one of two given nonorthogonal states: if Bob makes a correct (an incorrect) guess on the identity of a quantum state that Alice has sent, he wins (loses). It is shown that the proposed scheme is secure against the nonentanglement attack. It can also be shown heuristically that the scheme is secure in the case of the entanglement attack.

Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer

NASA Astrophysics Data System (ADS)

Mannan, Mohammad; van Oorschot, P. C.

Keylogging and phishing attacks can extract user identity and sensitive account information for unauthorized access to users' financial accounts. Most existing or proposed solutions are vulnerable to session hijacking attacks. We propose a simple approach to counter these attacks, which cryptographically separates a user's long-term secret input from (typically untrusted) client PCs; a client PC performs most computations but has access only to temporary secrets. The user's long-term secret (typically short and low-entropy) is input through an independent personal trusted device such as a cellphone. The personal device provides a user's long-term secrets to a client PC only after encrypting the secrets using a pre-installed, "correct" public key of a remote service (the intended recipient of the secrets). The proposed protocol (MP-Auth) realizes such an approach, and is intended to safeguard passwords from keyloggers, other malware (including rootkits), phishing attacks and pharming, as well as to provide transaction security to foil session hijacking. We report on a prototype implementation of MP-Auth, and provide a comparison of web authentication techniques that use an additional factor of authentication (e.g. a cellphone, PDA or hardware token).

A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks

PubMed Central

Zhang, Ruisheng; Liu, Qidong

2017-01-01

Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research. PMID:28135288

A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks.

PubMed

Liu, Xin; Zhang, Ruisheng; Liu, Qidong

2017-01-01

Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research.

Simple protocols for oblivious transfer and secure identification in the noisy-quantum-storage model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schaffner, Christian

2010-09-15

We present simple protocols for oblivious transfer and password-based identification which are secure against general attacks in the noisy-quantum-storage model as defined in R. Koenig, S. Wehner, and J. Wullschleger [e-print arXiv:0906.1030]. We argue that a technical tool from Koenig et al. suffices to prove security of the known protocols. Whereas the more involved protocol for oblivious transfer from Koenig et al. requires less noise in storage to achieve security, our ''canonical'' protocols have the advantage of being simpler to implement and the security error is easier control. Therefore, our protocols yield higher OT rates for many realistic noise parameters.more » Furthermore, a proof of security of a direct protocol for password-based identification against general noisy-quantum-storage attacks is given.« less

RSA-Based Password-Authenticated Key Exchange, Revisited

NASA Astrophysics Data System (ADS)

Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

The RSA-based Password-Authenticated Key Exchange (PAKE) protocols have been proposed to realize both mutual authentication and generation of secure session keys where a client is sharing his/her password only with a server and the latter should generate its RSA public/private key pair (e, n), (d, n) every time due to the lack of PKI (Public-Key Infrastructures). One of the ways to avoid a special kind of off-line (so called e-residue) attacks in the RSA-based PAKE protocols is to deploy a challenge/response method by which a client verifies the relative primality of e and φ(n) interactively with a server. However, this kind of RSA-based PAKE protocols did not give any proof of the underlying challenge/response method and therefore could not specify the exact complexity of their protocols since there exists another security parameter, needed in the challenge/response method. In this paper, we first present an RSA-based PAKE (RSA-PAKE) protocol that can deploy two different challenge/response methods (denoted by Challenge/Response Method1 and Challenge/Response Method2). The main contributions of this work include: (1) Based on the number theory, we prove that the Challenge/Response Method1 and the Challenge/Response Method2 are secure against e-residue attacks for any odd prime e (2) With the security parameter for the on-line attacks, we show that the RSA-PAKE protocol is provably secure in the random oracle model where all of the off-line attacks are not more efficient than on-line dictionary attacks; and (3) By considering the Hamming weight of e and its complexity in the. RSA-PAKE protocol, we search for primes to be recommended for a practical use. We also compare the RSA-PAKE protocol with the previous ones mainly in terms of computation and communication complexities.

A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

PubMed

Das, Ashok Kumar

2015-03-01

An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

A Secure Mobile-Based Authentication System for e-Banking

NASA Astrophysics Data System (ADS)

Rifà-Pous, Helena

Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable. We propose a challenge-response based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.

An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy.

PubMed

Qiu, Shuming; Xu, Guoai; Ahmad, Haseeb; Guo, Yanhui

2018-01-01

The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash's scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash's protocol. We point out that Farash's protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.'s scheme. We prove that the proposed protocol not only overcomes the issues in Farash's scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure.

Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps.

PubMed

Lee, Tian-Fu; Hsiao, Chia-Hung; Hwang, Shi-Han; Lin, Tsung-Hung

2017-01-01

A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, which does not provide strong user anonymity and violates session key security. However, the improved scheme of Lin does not exhibit the freshness property and the validity of messages so it still fails to withstand denial-of-service and privileged-insider attacks. Additionally, a single malicious participant can predetermine the session key such that the improved scheme does not exhibit the contributory property of key agreements. This investigation discusses these weaknesses and proposes an enhanced smartcard-based password-authenticated key agreement scheme that utilizes extended chaotic maps. The session security of this enhanced scheme is based on the extended chaotic map-based Diffie-Hellman problem, and is proven in the real-or-random and the sequence of games models. Moreover, the enhanced scheme ensures the freshness of communicating messages by appending timestamps, and thereby avoids the weaknesses in previous schemes.

A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

PubMed

Mishra, Raghavendra; Barnwal, Amit Kumar

2015-05-01

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps

PubMed Central

Lee, Tian-Fu; Hsiao, Chia-Hung; Hwang, Shi-Han

2017-01-01

A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, which does not provide strong user anonymity and violates session key security. However, the improved scheme of Lin does not exhibit the freshness property and the validity of messages so it still fails to withstand denial-of-service and privileged-insider attacks. Additionally, a single malicious participant can predetermine the session key such that the improved scheme does not exhibit the contributory property of key agreements. This investigation discusses these weaknesses and proposes an enhanced smartcard-based password-authenticated key agreement scheme that utilizes extended chaotic maps. The session security of this enhanced scheme is based on the extended chaotic map-based Diffie-Hellman problem, and is proven in the real-or-random and the sequence of games models. Moreover, the enhanced scheme ensures the freshness of communicating messages by appending timestamps, and thereby avoids the weaknesses in previous schemes. PMID:28759615

Smartphone-based secure authenticated session sharing in Internet of Personal Things

NASA Astrophysics Data System (ADS)

Krishnan, Ram; Ninglekhu, Jiwan

2015-03-01

In the context of password-based authentication, a user can only memorize limited number of usernames and passwords. They are generally referred to as user-credentials. Longer character length of passwords further adds complication in mastering them. The expansion of the Internet and our growing dependency on it, has made it almost impossible for us to handle the big pool of user-credentials. Using simple, same or similar passwords is considered a poor practice, as it can easily be compromised by password cracking tools and social engineering attacks. Therefore, a robust and painless technique to manage personal credentials for websites is desirable. In this paper, a novel technique for user-credentials management via a smart mobile device such as a smartphone in a local network is proposed. We present a secure user-credential management scheme in which user's account login (username) and password associated with websites domain name is saved into the mobile device's database using a mobile application. We develop a custom browser extension application for client and use it to import user's credentials linked with the corresponding website from the mobile device via the local Wi-Fi network connection. The browser extension imports and identifies the authentication credentials and pushes them into the target TextBox locations in the webpage, ready for the user to execute. This scheme is suitably demonstrated between two personal devices in a local network.

Computer Insecurity.

ERIC Educational Resources Information Center

Wilson, David L.

1994-01-01

College administrators recently appealed to students and faculty to change their computer passwords after security experts announced that tens of thousands had been stolen by computer hackers. Federal officials are investigating. Such attacks are not uncommon, but the most effective solutions are either inconvenient or cumbersome. (MSE)

Windows NT Attacks for the Evaluation of Intrusion Detection Systems

DTIC Science & Technology

2000-06-01

their passwords never expire. Their privileges allow telnet access and FTP access to the system, but do not allow local logins . Each user can...default: • Administrator: This root account allows remote and local logins and full control of system software. • Guest: This default account, setup by...realizing that the Netbus server was installed. The attack also edits the Windows NT Registry so the Netbus server restarts at every login . This

An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy

PubMed Central

2018-01-01

The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash’s protocol. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure. PMID:29547619

Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

PubMed

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Xie, Dong; Yang, Yixian

2015-06-01

The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

Cyber-Attack Methods, Why They Work on Us, and What to Do

NASA Technical Reports Server (NTRS)

Byrne, DJ

2015-01-01

Basic cyber-attack methods are well documented, and even automated with user-friendly GUIs (Graphical User Interfaces). Entire suites of attack tools are legal, conveniently packaged, and freely downloadable to anyone; more polished versions are sold with vendor support. Our team ran some of these against a selected set of projects within our organization to understand what the attacks do so that we can design and validate defenses against them. Some existing defenses were effective against the attacks, some less so. On average, every machine had twelve easily identifiable vulnerabilities, two of them "critical". Roughly 5% of passwords in use were easily crack-able. We identified a clear set of recommendations for each project, and some common patterns that emerged among them all.

The psychological effects of cyber terrorism.

PubMed

Gross, Michael L; Canetti, Daphna; Vashdi, Dana R

2016-01-01

When ordinary citizens think of cyber threats, most are probably worried about their passwords and banking details, not a terrorist attack. The thought of a shooting in a mall or a bombing at an airport is probably more frightening than a cyber breach. Yet terrorists aim for mental as well as physical destruction, and our research has found that, depending on who the attackers and the victims are, the psychological effects of cyber threats can rival those of traditional terrorism.

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

PubMed

Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

2017-12-03

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

Press touch code: A finger press based screen size independent authentication scheme for smart devices.

PubMed

Ranak, M S A Noman; Azad, Saiful; Nor, Nur Nadiah Hanim Binti Mohd; Zamli, Kamal Z

2017-01-01

Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)-a.k.a., Force Touch in Apple's MacBook, Apple Watch, ZTE's Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on-is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme.

Press touch code: A finger press based screen size independent authentication scheme for smart devices

PubMed Central

Ranak, M. S. A. Noman; Nor, Nur Nadiah Hanim Binti Mohd; Zamli, Kamal Z.

2017-01-01

Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)—a.k.a., Force Touch in Apple’s MacBook, Apple Watch, ZTE’s Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on—is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme. PMID:29084262

A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.

PubMed

Chaudhry, Shehzad Ashraf; Khan, Muhammad Tawab; Khan, Muhammad Khurram; Shon, Taeshik

2016-11-01

Recently several authentication schemes are proposed for telecare medicine information system (TMIS). Many of such schemes are proved to have weaknesses against known attacks. Furthermore, numerous such schemes cannot be used in real time scenarios. Because they assume a single server for authentication across the globe. Very recently, Amin et al. (J. Med. Syst. 39(11):180, 2015) designed an authentication scheme for secure communication between a patient and a medical practitioner using a trusted central medical server. They claimed their scheme to extend all security requirements and emphasized the efficiency of their scheme. However, the analysis in this article proves that the scheme designed by Amin et al. is vulnerable to stolen smart card and stolen verifier attacks. Furthermore, their scheme is having scalability issues along with inefficient password change and password recovery phases. Then we propose an improved scheme. The proposed scheme is more practical, secure and lightweight than Amin et al.'s scheme. The security of proposed scheme is proved using the popular automated tool ProVerif.

Seven Deadliest Network Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Prowell, Stacy J; Borkin, Michael; Kraus, Robert

2010-05-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting networks? Then you need "Seven Deadliest Network Attacks". This book pinpoints the most dangerous hacks and exploits specific to networks, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Denial of Service; War Dialing; Penetration 'Testing'; Protocol Tunneling; Spanning Tree Attacks; Man-in-the-Middle; and, Password Replay. Knowledge is power, findmore » out about the most dominant attacks currently waging war on computers and networks globally. Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how. Institute countermeasures, don't be caught defenseless again, learn techniques to make your computer and network impenetrable.« less

The psychological effects of cyber terrorism

PubMed Central

Gross, Michael L.; Canetti, Daphna; Vashdi, Dana R.

2016-01-01

When ordinary citizens think of cyber threats, most are probably worried about their passwords and banking details, not a terrorist attack. The thought of a shooting in a mall or a bombing at an airport is probably more frightening than a cyber breach. Yet terrorists aim for mental as well as physical destruction, and our research has found that, depending on who the attackers and the victims are, the psychological effects of cyber threats can rival those of traditional terrorism. PMID:28366962

Stopping computer crimes

NASA Technical Reports Server (NTRS)

Denning, Peter J.

1989-01-01

Two new books about intrusions and computer viruses remind us that attacks against our computers on networks are the actions of human beings. Cliff Stoll's book about the hacker who spent a year, beginning in Aug. 1986, attempting to use the Lawrence Berkeley Computer as a stepping-stone for access to military secrets is a spy thriller that illustrates the weaknesses of our password systems and the difficulties in compiling evidence against a hacker engaged in espionage. Pamela Kane's book about viruses that attack IBM PC's shows that viruses are the modern version of the old problem of a Trojan horse attack. It discusses the most famous viruses and their countermeasures, and it comes with a floppy disk of utility programs that will disinfect your PC and thwart future attack.

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

PubMed Central

Lee, Tian-Fu; Wang, Zeng-Bo

2017-01-01

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions. PMID:29207509

Setting a disordered password on a photonic memory

NASA Astrophysics Data System (ADS)

Su, Shih-Wei; Gou, Shih-Chuan; Chew, Lock Yue; Chang, Yu-Yen; Yu, Ite A.; Kalachev, Alexey; Liao, Wen-Te

2017-06-01

An all-optical method of setting a disordered password on different schemes of photonic memory is theoretically studied. While photons are regarded as ideal information carriers, it is imperative to implement such data protection on all-optical storage. However, we wish to address the intrinsic risk of data breaches in existing schemes of photonic memory. We theoretically demonstrate a protocol using spatially disordered laser fields to encrypt data stored on an optical memory, namely, encrypted photonic memory. To address the broadband storage, we also investigate a scheme of disordered echo memory with a high fidelity approaching unity. The proposed method increases the difficulty for the eavesdropper to retrieve the stored photon without the preset password even when the randomized and stored photon state is nearly perfectly cloned. Our results pave ways to significantly reduce the exposure of memories, required for long-distance communication, to eavesdropping and therefore restrict the optimal attack on communication protocols. The present scheme also increases the sensitivity of detecting any eavesdropper and so raises the security level of photonic information technology.

RUASN: a robust user authentication framework for wireless sensor networks.

PubMed

Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

2011-01-01

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost.

Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials

NASA Astrophysics Data System (ADS)

Park, Jun-Cheol

User privacy preservation is critical to prevent many sophisticated attacks that are based on the user's server access patterns and ID-related information. We propose a password-based user authentication scheme that provides strong privacy protection using one-time credentials. It eliminates the possibility of tracing a user's authentication history and hides the user's ID and password even from servers. In addition, it is resistant against user impersonation even if both a server's verification database and a user's smart card storage are disclosed. We also provide a revocation scheme for a user to promptly invalidate the user's credentials on a server when the user's smart card is compromised. The schemes use lightweight operations only such as computing hashes and bitwise XORs.

A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

PubMed

Das, Ashok Kumar

2015-03-01

Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

A Comprehensive Reasoning Framework for Information Survivability (User Intent Encapsulation and Reasoning About Intrusion: Implementation and Performance Assessment)

DTIC Science & Technology

2006-08-01

obvious and apparent attacks such as transferring the /etc/ passwd file from one host to another, password-cracking by comparing the entries in the /etc... passwd file to entries in another file, using a dictionary file for the same, and exploiting the vulnerabilities such as rdist, perl 5.0.1, etc. The

RUASN: A Robust User Authentication Framework for Wireless Sensor Networks

PubMed Central

Kumar, Pardeep; Choudhury, Amlan Jyoti; Sain, Mangal; Lee, Sang-Gon; Lee, Hoon-Jae

2011-01-01

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost. PMID:22163888

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

2015-11-01

In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method.

PubMed

Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

2015-01-01

Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method

PubMed Central

Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

2015-01-01

Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting. PMID:26236773

Graph Coarsening for Path Finding in Cybersecurity Graphs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hogan, Emilie A.; Johnson, John R.; Halappanavar, Mahantesh

2013-01-01

n the pass-the-hash attack, hackers repeatedly steal password hashes and move through a computer network with the goal of reaching a computer with high level administrative privileges. In this paper we apply graph coarsening in network graphs for the purpose of detecting hackers using this attack or assessing the risk level of the network's current state. We repeatedly take graph minors, which preserve the existence of paths in the graph, and take powers of the adjacency matrix to count the paths. This allows us to detect the existence of paths as well as find paths that have high risk ofmore » being used by adversaries.« less

An Efficient Searchable Encryption Against Keyword Guessing Attacks for Sharable Electronic Medical Records in Cloud-based System.

PubMed

Wu, Yilun; Lu, Xicheng; Su, Jinshu; Chen, Peixin

2016-12-01

Preserving the privacy of electronic medical records (EMRs) is extremely important especially when medical systems adopt cloud services to store patients' electronic medical records. Considering both the privacy and the utilization of EMRs, some medical systems apply searchable encryption to encrypt EMRs and enable authorized users to search over these encrypted records. Since individuals would like to share their EMRs with multiple persons, how to design an efficient searchable encryption for sharable EMRs is still a very challenge work. In this paper, we propose a cost-efficient secure channel free searchable encryption (SCF-PEKS) scheme for sharable EMRs. Comparing with existing SCF-PEKS solutions, our scheme reduces the storage overhead and achieves better computation performance. Moreover, our scheme can guard against keyword guessing attack, which is neglected by most of the existing schemes. Finally, we implement both our scheme and a latest medical-based scheme to evaluate the performance. The evaluation results show that our scheme performs much better performance than the latest one for sharable EMRs.

E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks

PubMed Central

Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

2012-01-01

A wireless medical sensor network (WMSN) can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs. PMID:22438729

E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks.

PubMed

Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

2012-01-01

A wireless medical sensor network (WMSN) can sense humans' physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals' hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients' medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

PubMed

Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

2015-01-01

Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

Robust Biometrics Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

PubMed Central

Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

2015-01-01

Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.’s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes. PMID:25978373

Study of Adversarial and Defensive Components in an Experimental Machinery Control Systems Laboratory Environment

DTIC Science & Technology

2014-09-01

prevention system (IPS), capable of performing real-time traffic analysis and packet logging on IP networks [25]. Snort’s features include protocol... analysis and content searching/matching. Snort can detect a variety of attacks and network probes, such as buffer overflows, port scans and OS...www.digitalbond.com/tools/the- rack/jtr-s7-password-cracking/ Kismet Mike Kershaw Cross- platform Open source wireless network detector and wireless sniffer

Detection of complex cyber attacks

NASA Astrophysics Data System (ADS)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

PubMed

Das, Ashok Kumar; Goswami, Adrijit

2013-06-01

Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments

PubMed Central

Huang, Yuanfei; Ma, Fangchao

2017-01-01

In order to improve the security in remote authentication systems, numerous biometric-based authentication schemes using smart cards have been proposed. Recently, Moon et al. presented an authentication scheme to remedy the flaws of Lu et al.’s scheme, and claimed that their improved protocol supports the required security properties. Unfortunately, we found that Moon et al.’s scheme still has weaknesses. In this paper, we show that Moon et al.’s scheme is vulnerable to insider attack, server spoofing attack, user impersonation attack and guessing attack. Furthermore, we propose a robust anonymous multi-server authentication scheme using public key encryption to remove the aforementioned problems. From the subsequent formal and informal security analysis, we demonstrate that our proposed scheme provides strong mutual authentication and satisfies the desirable security requirements. The functional and performance analysis shows that the improved scheme has the best secure functionality and is computational efficient. PMID:29121050

A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments.

PubMed

Guo, Hua; Wang, Pei; Zhang, Xiyong; Huang, Yuanfei; Ma, Fangchao

2017-01-01

In order to improve the security in remote authentication systems, numerous biometric-based authentication schemes using smart cards have been proposed. Recently, Moon et al. presented an authentication scheme to remedy the flaws of Lu et al.'s scheme, and claimed that their improved protocol supports the required security properties. Unfortunately, we found that Moon et al.'s scheme still has weaknesses. In this paper, we show that Moon et al.'s scheme is vulnerable to insider attack, server spoofing attack, user impersonation attack and guessing attack. Furthermore, we propose a robust anonymous multi-server authentication scheme using public key encryption to remove the aforementioned problems. From the subsequent formal and informal security analysis, we demonstrate that our proposed scheme provides strong mutual authentication and satisfies the desirable security requirements. The functional and performance analysis shows that the improved scheme has the best secure functionality and is computational efficient.

Netwar

NASA Astrophysics Data System (ADS)

Keen, Arthur A.

2006-04-01

This paper describes technology being developed at 21st Century Technologies to automate Computer Network Operations (CNO). CNO refers to DoD activities related to Attacking and Defending Computer Networks (CNA & CND). Next generation cyber threats are emerging in the form of powerful Internet services and tools that automate intelligence gathering, planning, testing, and surveillance. We will focus on "Search-Engine Hacks", queries that can retrieve lists of router/switch/server passwords, control panels, accessible cameras, software keys, VPN connection files, and vulnerable web applications. Examples include "Titan Rain" attacks against DoD facilities and the Santy worm, which identifies vulnerable sites by searching Google for URLs containing application-specific strings. This trend will result in increasingly sophisticated and automated intelligence-driven cyber attacks coordinated across multiple domains that are difficult to defeat or even understand with current technology. One traditional method of CNO relies on surveillance detection as an attack predictor. Unfortunately, surveillance detection is difficult because attackers can perform search engine-driven surveillance such as with Google Hacks, and avoid touching the target site. Therefore, attack observables represent only about 5% of the attacker's total attack time, and are inadequate to provide warning. In order to predict attacks and defend against them, CNO must also employ more sophisticated techniques and work to understand the attacker's Motives, Means and Opportunities (MMO). CNO must use automated reconnaissance tools, such as Google, to identify information vulnerabilities, and then utilize Internet tools to observe the intelligence gathering, planning, testing, and collaboration activities that represent 95% of the attacker's effort.

A user anonymity preserving three-factor authentication scheme for telecare medicine information systems.

PubMed

Tan, Zuowen

2014-03-01

The telecare medicine information system enables the patients gain health monitoring at home and access medical services over internet or mobile networks. In recent years, the schemes based on cryptography have been proposed to address the security and privacy issues in the telecare medicine information systems. However, many schemes are insecure or they have low efficiency. Recently, Awasthi and Srivastava proposed a three-factor authentication scheme for telecare medicine information systems. In this paper, we show that their scheme is vulnerable to the reflection attacks. Furthermore, it fails to provide three-factor security and the user anonymity. We propose a new three-factor authentication scheme for the telecare medicine information systems. Detailed analysis demonstrates that the proposed scheme provides mutual authentication, server not knowing password and freedom of password, biometric update and three-factor security. Moreover, the new scheme provides the user anonymity. As compared with the previous three-factor authentication schemes, the proposed scheme is more secure and practical.

A Study on the Secure User Profiling Structure and Procedure for Home Healthcare Systems.

PubMed

Ko, Hoon; Song, MoonBae

2016-01-01

Despite of various benefits such as a convenience and efficiency, home healthcare systems have some inherent security risks that may cause a serious leak on personal health information. This work presents a Secure User Profiling Structure which has the patient information including their health information. A patient and a hospital keep it at that same time, they share the updated data. While they share the data and communicate, the data can be leaked. To solve the security problems, a secure communication channel with a hash function and an One-Time Password between a client and a hospital should be established and to generate an input value to an OTP, it uses a dual hash-function. This work presents a dual hash function-based approach to generate the One-Time Password ensuring a secure communication channel with the secured key. In result, attackers are unable to decrypt the leaked information because of the secured key; in addition, the proposed method outperforms the existing methods in terms of computation cost.

Enhancing Electromagnetic Side-Channel Analysis in an Operational Environment

NASA Astrophysics Data System (ADS)

Montminy, David P.

Side-channel attacks exploit the unintentional emissions from cryptographic devices to determine the secret encryption key. This research identifies methods to make attacks demonstrated in an academic environment more operationally relevant. Algebraic cryptanalysis is used to reconcile redundant information extracted from side-channel attacks on the AES key schedule. A novel thresholding technique is used to select key byte guesses for a satisfiability solver resulting in a 97.5% success rate despite failing for 100% of attacks using standard methods. Two techniques are developed to compensate for differences in emissions from training and test devices dramatically improving the effectiveness of cross device template attacks. Mean and variance normalization improves same part number attack success rates from 65.1% to 100%, and increases the number of locations an attack can be performed by 226%. When normalization is combined with a novel technique to identify and filter signals in collected traces not related to the encryption operation, the number of traces required to perform a successful attack is reduced by 85.8% on average. Finally, software-defined radios are shown to be an effective low-cost method for collecting side-channel emissions in real-time, eliminating the need to modify or profile the target encryption device to gain precise timing information.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

PubMed

Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-06-23

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

No-signaling quantum key distribution: solution by linear programming

NASA Astrophysics Data System (ADS)

Hwang, Won-Young; Bae, Joonwoo; Killoran, Nathan

2015-02-01

We outline a straightforward approach for obtaining a secret key rate using only no-signaling constraints and linear programming. Assuming an individual attack, we consider all possible joint probabilities. Initially, we study only the case where Eve has binary outcomes, and we impose constraints due to the no-signaling principle and given measurement outcomes. Within the remaining space of joint probabilities, by using linear programming, we get bound on the probability of Eve correctly guessing Bob's bit. We then make use of an inequality that relates this guessing probability to the mutual information between Bob and a more general Eve, who is not binary-restricted. Putting our computed bound together with the Csiszár-Körner formula, we obtain a positive key generation rate. The optimal value of this rate agrees with known results, but was calculated in a more straightforward way, offering the potential of generalization to different scenarios.

SDN-based path hopping communication against eavesdropping attack

NASA Astrophysics Data System (ADS)

Zhang, Chuanhao; Bu, Youjun; Zhao, Zheng

2016-10-01

Network eavesdropping is one of the most popular means used by cyber attackers, which has been a severe threat to network communication security. Adversaries could capture and analyze network communication data from network nodes or links, monitor network status and steal sensitive data such as username and password etc. Traditional network usually uses static network configuration, and existing defense methods, including firewall, IDS, IPS etc., cannot prevent eavesdropping, which has no distinguishing characteristic. Network eavesdropping become silent during most of the time of the attacking process, which is why it is difficult to discover and to defend. But A successful eavesdropping attack also has its' precondition, which is the target path should be relatively stable and has enough time of duration. So, In order to resolve this problem, it has to work on the network architecture. In this paper, a path hopping communication(PHC) mechanism based on Software Define Network (SDN) was proposed to solve this problem. In PHC, Ends in communication packets as well as the routing paths were changed dynamically. Therefore, the traffic would be distributed to multiple flows and transmitted along different paths. so that Network eavesdropping attack could be prevented effectively. It was concluded that PHC was able to increase the overhead of Network eavesdropping, as well as the difficulty of communication data recovery.

A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems.

PubMed

Mishra, Dheerendra; Srinivas, Jangirala; Mukhopadhyay, Sourav

2014-10-01

Advancement in network technology provides new ways to utilize telecare medicine information systems (TMIS) for patient care. Although TMIS usually faces various attacks as the services are provided over the public network. Recently, Jiang et al. proposed a chaotic map-based remote user authentication scheme for TMIS. Their scheme has the merits of low cost and session key agreement using Chaos theory. It enhances the security of the system by resisting various attacks. In this paper, we analyze the security of Jiang et al.'s scheme and demonstrate that their scheme is vulnerable to denial of service attack. Moreover, we demonstrate flaws in password change phase of their scheme. Further, our aim is to propose a new chaos map-based anonymous user authentication scheme for TMIS to overcome the weaknesses of Jiang et al.'s scheme, while also retaining the original merits of their scheme. We also show that our scheme is secure against various known attacks including the attacks found in Jiang et al.'s scheme. The proposed scheme is comparable in terms of the communication and computational overheads with Jiang et al.'s scheme and other related existing schemes. Moreover, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

PubMed Central

Lee, Youngsook; Paik, Juryon

2014-01-01

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme. PMID:25302330

Security analysis and improvement of an anonymous authentication scheme for roaming services.

PubMed

Lee, Youngsook; Paik, Juryon

2014-01-01

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme.

A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System.

PubMed

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi; Wang, Chun-Cheng

2015-11-01

To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

On the security of a dynamic ID-based authentication scheme for telecare medical information systems.

PubMed

Lin, Han-Yu

2013-04-01

Telecare medical information systems (TMISs) are increasingly popular technologies for healthcare applications. Using TMISs, physicians and caregivers can monitor the vital signs of patients remotely. Since the database of TMISs stores patients' electronic medical records (EMRs), only authorized users should be granted the access to this information for the privacy concern. To keep the user anonymity, recently, Chen et al. proposed a dynamic ID-based authentication scheme for telecare medical information system. They claimed that their scheme is more secure and robust for use in a TMIS. However, we will demonstrate that their scheme fails to satisfy the user anonymity due to the dictionary attacks. It is also possible to derive a user password in case of smart card loss attacks. Additionally, an improved scheme eliminating these weaknesses is also presented.

User Account Passwords | High-Performance Computing | NREL

Science.gov Websites

Account Passwords User Account Passwords For NREL's high-performance computing (HPC) systems, learn about user account password requirements and how to set up, log in, and change passwords. Password Logging In the First Time After you request an HPC user account, you'll receive a temporary password. Set

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks.

PubMed

Park, YoHan; Park, YoungHo

2016-12-14

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.'s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment.

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks

PubMed Central

Park, YoHan; Park, YoungHo

2016-01-01

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.’s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment. PMID:27983616

Multi-factor challenge/response approach for remote biometric authentication

NASA Astrophysics Data System (ADS)

Al-Assam, Hisham; Jassim, Sabah A.

2011-06-01

Although biometric authentication is perceived to be more reliable than traditional authentication schemes, it becomes vulnerable to many attacks when it comes to remote authentication over open networks and raises serious privacy concerns. This paper proposes a biometric-based challenge-response approach to be used for remote authentication between two parties A and B over open networks. In the proposed approach, a remote authenticator system B (e.g. a bank) challenges its client A who wants to authenticate his/her self to the system by sending a one-time public random challenge. The client A responds by employing the random challenge along with secret information obtained from a password and a token to produce a one-time cancellable representation of his freshly captured biometric sample. The one-time biometric representation, which is based on multi-factor, is then sent back to B for matching. Here, we argue that eavesdropping of the one-time random challenge and/or the resulting one-time biometric representation does not compromise the security of the system, and no information about the original biometric data is leaked. In addition to securing biometric templates, the proposed protocol offers a practical solution for the replay attack on biometric systems. Moreover, we propose a new scheme for generating a password-based pseudo random numbers/permutation to be used as a building block in the proposed approach. The proposed scheme is also designed to provide protection against repudiation. We illustrate the viability and effectiveness of the proposed approach by experimental results based on two biometric modalities: fingerprint and face biometrics.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

PubMed Central

Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-01-01

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

Location-Aware Dynamic Session-Key Management for Grid-Based Wireless Sensor Networks

PubMed Central

Chen, Chin-Ling; Lin, I-Hsien

2010-01-01

Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths. PMID:22163606

Location-aware dynamic session-key management for grid-based Wireless Sensor Networks.

PubMed

Chen, Chin-Ling; Lin, I-Hsien

2010-01-01

Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths.

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

DOE Office of Scientific and Technical Information (OSTI.GOV)

McDonald, K; Curran, B

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusionmore » Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment.« less

Formal Methods for Information Protection Technology. Task 1: Formal Grammar-Based Approach and Tool for Simulation Attacks against Computer Network. Part 1

DTIC Science & Technology

2004-02-01

Protocol for Unix enumerating by stealing /etc/ passwd and (or) /etc/hosts.equiv and (or) ~/.rhosts; ISU – Identifying SID with user2sid ; IAS...null sessions””, FUE – “Finger Users Enumeration”, UTFTP – “Use of Trivial File Transfer Protocol for Unix enumerating by stealing /etc/ passwd and...Ping of Death”, UF – “UDP flooding”, IFS – “Storm of inquiries to FTP-server”, APF – “Access to Password File . passwd ”, WDPF – “Writing of Data with

Are Password Management Applications Viable? An Analysis of User Training and Reactions

ERIC Educational Resources Information Center

Ciampa, Mark

2011-01-01

Passwords have the distinction of being the most widely-used form of authentication--and the most vulnerable. With the dramatic increase today in the number of accounts that require passwords, overwhelmed users usually resort to creating weak passwords or reusing the same password for multiple accounts, thus making passwords the weakest link in…

Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage.

PubMed

Guo, Lifeng; Yau, Wei-Chuen

2015-02-01

Searchable encryption is an important cryptographic primitive that enables privacy-preserving keyword search on encrypted electronic medical records (EMRs) in cloud storage. Efficiency of such searchable encryption in a medical cloud storage system is very crucial as it involves client platforms such as smartphones or tablets that only have constrained computing power and resources. In this paper, we propose an efficient secure-channel free public key encryption with keyword search (SCF-PEKS) scheme that is proven secure in the standard model. We show that our SCF-PEKS scheme is not only secure against chosen keyword and ciphertext attacks (IND-SCF-CKCA), but also secure against keyword guessing attacks (IND-KGA). Furthermore, our proposed scheme is more efficient than other recent SCF-PEKS schemes in the literature.

A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

PubMed

Amin, Ruhul; Biswas, G P

2015-08-01

Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function.

PubMed

Das, Ashok Kumar; Goswami, Adrijit

2014-06-01

Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

Internet Address Space Management in Digital

DTIC Science & Technology

1992-09-01

password: % passwd Changing password for wade Old password: New password: Retype new password: 3. Log out of the cluster center machine by typing...that on some machine, you can use the " passwd " command on the machine where the change is needed. 16

Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing

PubMed Central

Fujiwara, M.; Waseda, A.; Nojima, R.; Moriai, S.; Ogata, W.; Sasaki, M.

2016-01-01

Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir’s (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km). PMID:27363566

Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing.

PubMed

Fujiwara, M; Waseda, A; Nojima, R; Moriai, S; Ogata, W; Sasaki, M

2016-07-01

Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir's (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km).

Alternative Fuels Data Center: Forgot Your Password?

Science.gov Websites

AFDC Printable Version Share this resource Send a link to Alternative Fuels Data Center: Forgot Your Password? to someone by E-mail Share Alternative Fuels Data Center: Forgot Your Password? on to share Alternative Fuels Data Center: Forgot Your Password? on AddThis.com... Forgot Your Password

Exploring the Use of Discrete Gestures for Authentication

NASA Astrophysics Data System (ADS)

Chong, Ming Ki; Marsden, Gary

Research in user authentication has been a growing field in HCI. Previous studies have shown that peoples’ graphical memory can be used to increase password memorability. On the other hand, with the increasing number of devices with built-in motion sensors, kinesthetic memory (or muscle memory) can also be exploited for authentication. This paper presents a novel knowledge-based authentication scheme, called gesture password, which uses discrete gestures as password elements. The research presents a study of multiple password retention using PINs and gesture passwords. The study reports that although participants could use kinesthetic memory to remember gesture passwords, retention of PINs is far superior to retention of gesture passwords.

Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

2015-01-01

A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

PubMed Central

Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

2015-01-01

A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks). PMID:25849359

A provably-secure ECC-based authentication scheme for wireless sensor networks.

PubMed

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-11-06

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

PubMed Central

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-01-01

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

On the security of two remote user authentication schemes for telecare medical information systems.

PubMed

Kim, Kee-Won; Lee, Jae-Dong

2014-05-01

The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

Cryptanalysis and security improvements of 'two-factor user authentication in wireless sensor networks'.

PubMed

Khan, Muhammad Khurram; Alghathbar, Khaled

2010-01-01

User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

Unconditional security from noisy quantum storage

NASA Astrophysics Data System (ADS)

Wehner, Stephanie

2010-03-01

We consider the implementation of two-party cryptographic primitives based on the sole physical assumption that no large-scale reliable quantum storage is available to the cheating party. An important example of such a task is secure identification. Here, Alice wants to identify herself to Bob (possibly an ATM machine) without revealing her password. More generally, Alice and Bob wish to solve problems where Alice holds an input x (e.g. her password), and Bob holds an input y (e.g. the password an honest Alice should possess), and they want to obtain the value of some function f(x,y) (e.g. the equality function). Security means that the legitimate users should not learn anything beyond this specification. That is, Alice should not learn anything about y and Bob should not learn anything about x, other than what they may be able to infer from the value of f(x,y). We show that any such problem can be solved securely in the noisy-storage model by constructing protocols for bit commitment and oblivious transfer, where we prove security against the most general attack. Our protocols can be implemented with present-day hardware used for quantum key distribution. In particular, no quantum storage is required for the honest parties. Our work raises a large number of immediate theoretical as well as experimental questions related to many aspects of quantum information science, such as for example understanding the information carrying properties of quantum channels and memories, randomness extraction, min-entropy sampling, as well as constructing small handheld devices which are suitable for the task of secure identification. [4pt] Full version available at arXiv:0906.1030 (theoretical) and arXiv:0911.2302 (practically oriented).

Comparasion of Password Generator between Coupled Linear Congruential Generator (CLCG) and Linear Congruential Generator (LCG)

NASA Astrophysics Data System (ADS)

Imamah; Djunaidy, A.; Rachmad, A.; Damayanti, F.

2018-01-01

Password is needed to access the computing services. Text password is a combination between characters, numbers and symbols. One of issues is users will often choose guessable passwords, e.g. date of birth, name of pet, or anniversary date. To address this issue, we proposed password generator using Coupled Congruential method (CLCG). CLCG is a method to solve the weakness of Linear Congruential generator (LCG). In this research, we want to prove that CLCG is really good to generate random password compared to LCG method. The result of this research proves that the highest password strength is obtained by CLCG with score 77.4%. Besides of those things, we had proved that term of LCG is also applicable to CLCG.

A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks.

PubMed

Baig, Ahmed Fraz; Hassan, Khwaja Mansoor Ul; Ghani, Anwar; Chaudhry, Shehzad Ashraf; Khan, Imran; Ashraf, Muhammad Usman

2018-01-01

Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.'s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols.

An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

PubMed

Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

2015-01-01

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks

PubMed Central

2018-01-01

Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.’s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols. PMID:29702675

Competition in the domain of wireless networks security

NASA Astrophysics Data System (ADS)

Bednarczyk, Mariusz

2017-04-01

Wireless networks are very popular and have found wide spread usage amongst various segments, also in military environment. The deployment of wireless infrastructures allow to reduce the time it takes to install and dismantle communications networks. With wireless, users are more mobile and can easily get access to the network resources all the time. However, wireless technologies like WiFi or Bluetooth have security issues that hackers have extensively exploited over the years. In the paper several serious security flaws in wireless technologies are presented. Most of them enable to get access to the internal networks and easily carry out man-in-the-middle attacks. Very often, they are used to launch massive denial of service attacks that target the physical infrastructure as well as the RF spectrum. For instance, there are well known instances of Bluetooth connection spoofing in order to steal WiFi password stored in the mobile device. To raise the security awareness and protect wireless networks against an adversary attack, an analysis of attack methods and tools over time is presented in the article. The particular attention is paid to the severity, possible targets as well as the ability to persist in the context of protective measures. Results show that an adversary can take complete control of the victims' mobile device features if the users forget to use simple safety principles.

An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

PubMed

Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

2016-08-16

In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

[Application of password manager software in health care].

PubMed

Ködmön, József

2016-12-01

When using multiple IT systems, handling of passwords in a secure manner means a potential source of problem. The most frequent issues are choosing the appropriate length and complexity, and then remembering the strong passwords. Password manager software provides a good solution for this problem, while greatly increasing the security of sensitive medical data. This article introduces a password manager software and provides basic information of the application. It also discusses how to select a really secure password manager software and suggests a practical application to efficient, safe and comfortable use for health care. Orv. Hetil., 2016, 157(52), 2066-2073.

A pedagogical example of second-order arithmetic sequences applied to the construction of computer passwords by upper elementary grade students

NASA Astrophysics Data System (ADS)

Coggins, Porter E.

2015-04-01

The purpose of this paper is (1) to present how general education elementary school age students constructed computer passwords using digital root sums and second-order arithmetic sequences, (2) argue that computer password construction can be used as an engaging introduction to generate interest in elementary school students to study mathematics related to computer science, and (3) share additional mathematical ideas accessible to elementary school students that can be used to create computer passwords. This paper serves to fill a current gap in the literature regarding the integration of mathematical content accessible to upper elementary school students and aspects of computer science in general, and computer password construction in particular. In addition, the protocols presented here can serve as a hook to generate further interest in mathematics and computer science. Students learned to create a random-looking computer password by using biometric measurements of their shoe size, height, and age in months and to create a second-order arithmetic sequence, then converted the resulting numbers into characters that become their computer passwords. This password protocol can be used to introduce students to good computer password habits that can serve a foundation for a life-long awareness of data security. A refinement of the password protocol is also presented.

Improving computer security for authentication of users: influence of proactive password restrictions.

PubMed

Proctor, Robert W; Lien, Mei-Ching; Vu, Kim-Phuong L; Schultz, E Eugene; Salvendy, Gavriel

2002-05-01

Entering a username-password combination is a widely used procedure for identification and authentication in computer systems. However, it is a notoriously weak method, in that the passwords adopted by many users are easy to crack. In an attempt to improve security, proactive password checking may be used, in which passwords must meet several criteria to be more resistant to cracking. In two experiments, we examined the influence of proactive password restrictions on the time that it took to generate an acceptable password and to use it subsequently to long in. The required length was a minimum of five characters in Experiment 1 and eight characters in Experiment 2. In both experiments, one condition had only the length restriction, and the other had additional restrictions. The additional restrictions greatly increased the time it took to generate the password but had only a small effect on the time it took to use it subsequently to long in. For the five-character passwords, 75% were cracked when no other restrictions were imposed, and this was reduced to 33% with the additional restrictions. For the eight-character passwords, 17% were cracked with no other restrictions, and 12.5% with restrictions. The results indicate that increasing the minimum character length reduces crackability and increases security, regardless of whether additional restrictions are imposed.

Multi-agent integrated password management (MIPM) application secured with encryption

NASA Astrophysics Data System (ADS)

Awang, Norkhushaini; Zukri, Nurul Hidayah Ahmad; Rashid, Nor Aimuni Md; Zulkifli, Zuhri Arafah; Nazri, Nor Afifah Mohd

2017-10-01

Users use weak passwords and reuse them on different websites and applications. Password managers are a solution to store login information for websites and help users log in automatically. This project developed a system that acts as an agent managing passwords. Multi-Agent Integrated Password Management (MIPM) is an application using encryption that provides users with secure storage of their login account information such as their username, emails and passwords. This project was developed on an Android platform with an encryption agent using Java Agent Development Environment (JADE). The purpose of the embedded agents is to act as a third-party software to ease the encryption process, and in the future, the developed encryption agents can form part of the security system. This application can be used by the computer and mobile users. Currently, users log into many applications causing them to use unique passwords to prevent password leaking. The crypto agent handles the encryption process using an Advanced Encryption Standard (AES) 128-bit encryption algorithm. As a whole, MIPM is developed on the Android application to provide a secure platform to store passwords and has high potential to be commercialised for public use.

Entropy Measurement for Biometric Verification Systems.

PubMed

Lim, Meng-Hui; Yuen, Pong C

2016-05-01

Biometric verification systems are designed to accept multiple similar biometric measurements per user due to inherent intrauser variations in the biometric data. This is important to preserve reasonable acceptance rate of genuine queries and the overall feasibility of the recognition system. However, such acceptance of multiple similar measurements decreases the imposter's difficulty of obtaining a system-acceptable measurement, thus resulting in a degraded security level. This deteriorated security needs to be measurable to provide truthful security assurance to the users. Entropy is a standard measure of security. However, the entropy formula is applicable only when there is a single acceptable possibility. In this paper, we develop an entropy-measuring model for biometric systems that accepts multiple similar measurements per user. Based on the idea of guessing entropy, the proposed model quantifies biometric system security in terms of adversarial guessing effort for two practical attacks. Excellent agreement between analytic and experimental simulation-based measurement results on a synthetic and a benchmark face dataset justify the correctness of our model and thus the feasibility of the proposed entropy-measuring approach.

A study on user authentication methodology using numeric password and fingerprint biometric information.

PubMed

Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol; Kwak, Jin

2013-01-01

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

A Study on User Authentication Methodology Using Numeric Password and Fingerprint Biometric Information

PubMed Central

Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol

2013-01-01

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility. PMID:24151601

Voice Biometrics as a Way to Self-service Password Reset

NASA Astrophysics Data System (ADS)

Hohgräfe, Bernd; Jacobi, Sebastian

Password resets are time consuming. Especially when urgent jobs need to be done, it is cumbersome to inform the user helpdesk, to identify oneself and then to wait for response. It is easy to enter a wrong password multiple times, which leads to the blocking of the application. Voice biometrics is an easy and secure way for individuals to reset their own password. Read more about how you can ease the burden of your user helpdesk and how voice biometric password resets benefit your expense situation without harming your security.

How strong are passwords used to protect personal health information in clinical trials?

PubMed

El Emam, Khaled; Moreau, Katherine; Jonker, Elizabeth

2011-02-11

Findings and statements about how securely personal health information is managed in clinical research are mixed. The objective of our study was to evaluate the security of practices used to transfer and share sensitive files in clinical trials. Two studies were performed. First, 15 password-protected files that were transmitted by email during regulated Canadian clinical trials were obtained. Commercial password recovery tools were used on these files to try to crack their passwords. Second, interviews with 20 study coordinators were conducted to understand file-sharing practices in clinical trials for files containing personal health information. We were able to crack the passwords for 93% of the files (14/15). Among these, 13 files contained thousands of records with sensitive health information on trial participants. The passwords tended to be relatively weak, using common names of locations, animals, car brands, and obvious numeric sequences. Patient information is commonly shared by email in the context of query resolution. Files containing personal health information are shared by email and, by posting them on shared drives with common passwords, to facilitate collaboration. If files containing sensitive patient information must be transferred by email, mechanisms to encrypt them and to ensure that password strength is high are necessary. More sophisticated collaboration tools are required to allow file sharing without password sharing. We provide recommendations to implement these practices.

How Strong are Passwords Used to Protect Personal Health Information in Clinical Trials?

PubMed Central

Moreau, Katherine; Jonker, Elizabeth

2011-01-01

Background Findings and statements about how securely personal health information is managed in clinical research are mixed. Objective The objective of our study was to evaluate the security of practices used to transfer and share sensitive files in clinical trials. Methods Two studies were performed. First, 15 password-protected files that were transmitted by email during regulated Canadian clinical trials were obtained. Commercial password recovery tools were used on these files to try to crack their passwords. Second, interviews with 20 study coordinators were conducted to understand file-sharing practices in clinical trials for files containing personal health information. Results We were able to crack the passwords for 93% of the files (14/15). Among these, 13 files contained thousands of records with sensitive health information on trial participants. The passwords tended to be relatively weak, using common names of locations, animals, car brands, and obvious numeric sequences. Patient information is commonly shared by email in the context of query resolution. Files containing personal health information are shared by email and, by posting them on shared drives with common passwords, to facilitate collaboration. Conclusion If files containing sensitive patient information must be transferred by email, mechanisms to encrypt them and to ensure that password strength is high are necessary. More sophisticated collaboration tools are required to allow file sharing without password sharing. We provide recommendations to implement these practices. PMID:21317106

31 CFR 363.19 - What should I do if I become aware that my password or other form of authentication has become...

Code of Federal Regulations, 2010 CFR

2010-07-01

... that my password or other form of authentication has become compromised? 363.19 Section 363.19 Money... that my password or other form of authentication has become compromised? If you become aware that your password has become compromised, that any other form of authentication has been compromised, lost, stolen...

One-Time Password Tokens | High-Performance Computing | NREL

Science.gov Websites

One-Time Password Tokens One-Time Password Tokens For connecting to NREL's high-performance computing (HPC) systems, learn how to set up a one-time password (OTP) token for remote and privileged a one-time pass code from the HPC Operations team. At the sign-in screen Enter your HPC Username in

Simpler and Safer: One Password Opens Many Online Doors

ERIC Educational Resources Information Center

Carnevale, Dan

2007-01-01

Going online nowadays often requires more log-ins and passwords than most people can remember. Faculty and staff members will sometimes write their various passwords on yellow sticky notes and post them on their computer monitors--leaving confidential data wide open to any passer-by. What if there were just one password? A single log-on for e-mail…

An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

PubMed Central

Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

2016-01-01

In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes. PMID:27537890

One-Time Password Registration Key Code Request | High-Performance

Science.gov Websites

Computing | NREL One-Time Password Registration Key Code Request One-Time Password Registration Key Code Request Use this form to request a one-time password (OTP) registration key code for using . Alternate Email In case there is a second email where we might contact you Phone In case we need to contact

31 CFR 363.17 - Who is liable if someone else accesses my TreasuryDirect ® account using my password?

Code of Federal Regulations, 2010 CFR

2010-07-01

..., password, and any other form(s) of authentication we may require. We will treat any transactions conducted using your password as having been authorized by you. We are not liable for any loss, liability, cost, or expense that you may incur as a result of transactions made using your password. [72 FR 30978...

When Sharing Is a Bad Idea: The Effects of Online Social Network Engagement and Sharing Passwords with Friends on Cyberbullying Involvement.

PubMed

Meter, Diana J; Bauman, Sheri

2015-08-01

Every day, children and adolescents communicate online via social networking sites (SNSs). They also report sharing passwords with peers and friends, a potentially risky behavior in regard to cyber safety. This longitudinal study tested the hypotheses that social network engagement in multiple settings would predict more cyberbullying involvement over time, and that youth who reported sharing passwords would also experience an increase in cyberbullying involvement. Data were collected at two time points one year apart from 1,272 third through eighth grade students. In line with the first study hypothesis, participating in more online SNSs was associated with increased cyberbullying involvement over time, as well as sharing passwords over time. Cyberbullying involvement at T1 predicted decreases in sharing passwords over time, suggesting that youth become aware of the dangers of sharing passwords as a result of their experience. Sharing passwords at T1 was unrelated to cyberbullying involvement at T2. Although it seems that youth may be learning from their previous mistakes, due to the widespread use of social media and normality of sharing passwords among young people, it is important to continue to educate youth about cyber safety and risky online behavior.

On grey levels in random CAPTCHA generation

NASA Astrophysics Data System (ADS)

Newton, Fraser; Kouritzin, Michael A.

2011-06-01

A CAPTCHA is an automatically generated test designed to distinguish between humans and computer programs; specifically, they are designed to be easy for humans but difficult for computer programs to pass in order to prevent the abuse of resources by automated bots. They are commonly seen guarding webmail registration forms, online auction sites, and preventing brute force attacks on passwords. In the following, we address the question: How does adding a grey level to random CAPTCHA generation affect the utility of the CAPTCHA? We treat the problem of generating the random CAPTCHA as one of random field simulation: An initial state of background noise is evolved over time using Gibbs sampling and an efficient algorithm for generating correlated random variables. This approach has already been found to yield highly-readable yet difficult-to-crack CAPTCHAs. We detail how the requisite parameters for introducing grey levels are estimated and how we generate the random CAPTCHA. The resulting CAPTCHA will be evaluated in terms of human readability as well as its resistance to automated attacks in the forms of character segmentation and optical character recognition.

An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

PubMed Central

Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

2015-01-01

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

Entity Resolution Workflow Installation Process and User Guide

DTIC Science & Technology

2013-07-01

Program Files\\PostgreSQL\\9.1\\data superuser ( postgres ), service account ( postgres ) password : "password" Port #: 5432 Add an environment variable...in this report. • Run the script found in <GG_HOME>\\ globalgraph-dist-1.4.6-final\\schema- ddl\\postgresSetup.bat. This script will set up Postgres ...Username: postgres DB Admin PWD: password GlobalGraph App User: gguser GlobalGraph App PWD: password • Restart the Postgres service using the Windows

Individual differences in cyber security behaviors: an examination of who is sharing passwords.

PubMed

Whitty, Monica; Doodson, James; Creese, Sadie; Hodges, Duncan

2015-01-01

In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found younger [corrected] people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns.

Individual Differences in Cyber Security Behaviors: An Examination of Who Is Sharing Passwords

PubMed Central

Doodson, James; Creese, Sadie; Hodges, Duncan

2015-01-01

Abstract In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found older people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns. PMID:25517697

Biometric template transformation: a security analysis

NASA Astrophysics Data System (ADS)

Nagar, Abhishek; Nandakumar, Karthik; Jain, Anil K.

2010-01-01

One of the critical steps in designing a secure biometric system is protecting the templates of the users that are stored either in a central database or on smart cards. If a biometric template is compromised, it leads to serious security and privacy threats because unlike passwords, it is not possible for a legitimate user to revoke his biometric identifiers and switch to another set of uncompromised identifiers. One methodology for biometric template protection is the template transformation approach, where the template, consisting of the features extracted from the biometric trait, is transformed using parameters derived from a user specific password or key. Only the transformed template is stored and matching is performed directly in the transformed domain. In this paper, we formally investigate the security strength of template transformation techniques and define six metrics that facilitate a holistic security evaluation. Furthermore, we analyze the security of two wellknown template transformation techniques, namely, Biohashing and cancelable fingerprint templates based on the proposed metrics. Our analysis indicates that both these schemes are vulnerable to intrusion and linkage attacks because it is relatively easy to obtain either a close approximation of the original template (Biohashing) or a pre-image of the transformed template (cancelable fingerprints). We argue that the security strength of template transformation techniques must consider also consider the computational complexity of obtaining a complete pre-image of the transformed template in addition to the complexity of recovering the original biometric template.

Unisys Corporation OS 1100

DTIC Science & Technology

1989-09-27

a run is always the @RUN statement, which can specify user-id, account number, and project-id. The @ PASSWD statement specifies password and security...Every-Page-Label Options PASSWD password for batch; F36 User-id validation chang for demand; comp, nent set for batch LEV change Clearance Level F33...clearance level @@PASS Change password F36 Current valid password must @@ PASSWD be specified @@SEND Display a print file F16 Sym to user-id or site-id that is

Software For Computer-Security Audits

NASA Technical Reports Server (NTRS)

Arndt, Kate; Lonsford, Emily

1994-01-01

Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

PNNL: Climate Modelling

Science.gov Websites

Runs [ Open Access : Password Protected ] CESM Development CESM Runs [ Open Access : Password Protected ] WRF Development WRF Runs [ Open Access : Password Protected ] Climate Modeling Home Projects Links Literature Manuscripts Publications Polar Group Meeting (2012) ASGC Home ASGC Jobs Web Calendar Wiki Internal

The Characteristics of User-Generated Passwords

DTIC Science & Technology

1990-03-01

electronic keys), user interface tokens (pocket devices that can generate one-time passwords) and fixed password devices ( plastic cards that contain...APPENDIX B-7 DIFFREM DIFFICULTY REMfEIBERING by PASSCHAR PASSORD CARACTERISTICS PASSCHAR Pate I of 1 Count 1 Row Pet IALPHAVET NUMERIC ALPHANUM ASCII Cal Pet

Decryption-decompression of AES protected ZIP files on GPUs

NASA Astrophysics Data System (ADS)

Duong, Tan Nhat; Pham, Phong Hong; Nguyen, Duc Huu; Nguyen, Thuy Thanh; Le, Hung Duc

2011-10-01

AES is a strong encryption system, so decryption-decompression of AES encrypted ZIP files requires very large computing power and techniques of reducing the password space. This makes implementations of techniques on common computing system not practical. In [1], we reduced the original very large password search space to a much smaller one which surely containing the correct password. Based on reduced set of passwords, in this paper, we parallel decryption, decompression and plain text recognition for encrypted ZIP files by using CUDA computing technology on graphics cards GeForce GTX295 of NVIDIA, to find out the correct password. The experimental results have shown that the speed of decrypting, decompressing, recognizing plain text and finding out the original password increases about from 45 to 180 times (depends on the number of GPUs) compared to sequential execution on the Intel Core 2 Quad Q8400 2.66 GHz. These results have demonstrated the potential applicability of GPUs in this cryptanalysis field.

Mixture Rasch model for guessing group identification

NASA Astrophysics Data System (ADS)

Siow, Hoo Leong; Mahdi, Rasidah; Siew, Eng Ling

2013-04-01

Several alternative dichotomous Item Response Theory (IRT) models have been introduced to account for guessing effect in multiple-choice assessment. The guessing effect in these models has been considered to be itemrelated. In the most classic case, pseudo-guessing in the three-parameter logistic IRT model is modeled to be the same for all the subjects but may vary across items. This is not realistic because subjects can guess worse or better than the pseudo-guessing. Derivation from the three-parameter logistic IRT model improves the situation by incorporating ability in guessing. However, it does not model non-monotone function. This paper proposes to study guessing from a subject-related aspect which is guessing test-taking behavior. Mixture Rasch model is employed to detect latent groups. A hybrid of mixture Rasch and 3-parameter logistic IRT model is proposed to model the behavior based guessing from the subjects' ways of responding the items. The subjects are assumed to simply choose a response at random. An information criterion is proposed to identify the behavior based guessing group. Results show that the proposed model selection criterion provides a promising method to identify the guessing group modeled by the hybrid model.

The Password Problem

DOE Office of Scientific and Technical Information (OSTI.GOV)

Walkup, Elizabeth

Passwords are an ubiquitous, established part of the Internet today, but they are also a huge security headache. Single sign-on, OAuth, and password managers are some of the solutions to this problem. OAuth is a new, popular method that allows people to use large, common authentication providers for many web applications. However, it comes at the expense of some privacy: OAuth makes users easy to track across websites, applications, and devices. Password managers put the power in the hands of the users, but this vulnerability survey reveals that you have to be extremely careful which program you choose. All inmore » all, password managers are the solution of choice for home users and small organizations, but large companies will probably want to invest in their own SSO solutions.« less

An Investigation of the Impact of Guessing on Coefficient α and Reliability

PubMed Central

2014-01-01

Guessing is known to influence the test reliability of multiple-choice tests. Although there are many studies that have examined the impact of guessing, they used rather restrictive assumptions (e.g., parallel test assumptions, homogeneous inter-item correlations, homogeneous item difficulty, and homogeneous guessing levels across items) to evaluate the relation between guessing and test reliability. Based on the item response theory (IRT) framework, this study investigated the extent of the impact of guessing on reliability under more realistic conditions where item difficulty, item discrimination, and guessing levels actually vary across items with three different test lengths (TL). By accommodating multiple item characteristics simultaneously, this study also focused on examining interaction effects between guessing and other variables entered in the simulation to be more realistic. The simulation of the more realistic conditions and calculations of reliability and classical test theory (CTT) item statistics were facilitated by expressing CTT item statistics, coefficient α, and reliability in terms of IRT model parameters. In addition to the general negative impact of guessing on reliability, results showed interaction effects between TL and guessing and between guessing and test difficulty.

Prevalence of Sharing Access Credentials in Electronic Medical Records

PubMed Central

Korach, Tzfania; Shreberk-Hassidim, Rony; Thomaidou, Elena; Uzefovsky, Florina; Ayal, Shahar; Ariely, Dan

2017-01-01

Objectives Confidentiality of health information is an important aspect of the physician patient relationship. The use of digital medical records has made data much more accessible. To prevent data leakage, many countries have created regulations regarding medical data accessibility. These regulations require a unique user ID for each medical staff member, and this must be protected by a password, which should be kept undisclosed by all means. Methods We performed a four-question Google Forms-based survey of medical staff. In the survey, each participant was asked if he/she ever obtained the password of another medical staff member. Then, we asked how many times such an episode occurred and the reason for it. Results A total of 299 surveys were gathered. The responses showed that 220 (73.6%) participants reported that they had obtained the password of another medical staff member. Only 171 (57.2%) estimated how many time it happened, with an average estimation of 4.75 episodes. All the residents that took part in the study (45, 15%) had obtained the password of another medical staff member, while only 57.5% (38/66) of the nurses reported this. Conclusions The use of unique user IDs and passwords to defend the privacy of medical data is a common requirement in medical organizations. Unfortunately, the use of passwords is doomed because medical staff members share their passwords with one another. Strict regulations requiring each staff member to have it's a unique user ID might lead to password sharing and to a decrease in data safety. PMID:28875052

27 CFR 73.12 - What security controls must I use for identification codes and passwords?

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2010-04-01 2010-04-01 false What security controls... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure their...

DDN Trusted Guard Gateway. Trusted Guard Gateway (TGG) Technology Assessment. Phase 2

DTIC Science & Technology

1989-02-02

strengthened via removal of the encrypted passwords from the password/group files, and imposition of limits on root, login, passwd , and super users. For...amongst these are the removal of the list of encoded passwords from the etc/ passwd file, and the removal of any special privileges from the root ID

Implications of What Children Know about Computer Passwords

ERIC Educational Resources Information Center

Coggins, Porter E.

2013-01-01

The purpose of this article is to present several implications and recommendations regarding what elementary school children, aged 9-12 years, know about computer passwords and what they know about why computer passwords are important. Student knowledge can then be used to make relevant curriculum decisions based in conjunction with applicable…

Secure Biometric Multi-Logon System Based on Current Authentication Technologies

NASA Astrophysics Data System (ADS)

Tait, Bobby L.

The need for accurate authentication in the current IT world is of utmost importance. Users rely on current IT technologies to facilitate in day to day interactions with nearly all environments. Strong authentication technologies like the various biometric technologies have been in existence for many years. Many of these technologies, for instance fingerprint biometrics, have reached maturity. However, passwords and pins are still the most commonly used authentication mechanisms at this stage. An average user has to be authenticated in various situations during daily interaction with his or her environment, by means of a pin or a password. This results in many different passwords and pins that the user has to remember. The user will eventually either start documenting these passwords and pins, or often, simply use the same password and pin for all authentication situations.

Provably Secure Password-based Authentication in TLS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier

2005-12-20

In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised tomore » the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.« less

Generating cancelable fingerprint templates.

PubMed

Ratha, Nalini K; Chikkerur, Sharat; Connell, Jonathan H; Bolle, Ruud M

2007-04-01

Biometrics-based authentication systems offer obvious usability advantages over traditional password and token-based authentication schemes. However, biometrics raises several privacy concerns. A biometric is permanently associated with a user and cannot be changed. Hence, if a biometric identifier is compromised, it is lost forever and possibly for every application where the biometric is used. Moreover, if the same biometric is used in multiple applications, a user can potentially be tracked from one application to the next by cross-matching biometric databases. In this paper, we demonstrate several methods to generate multiple cancelable identifiers from fingerprint images to overcome these problems. In essence, a user can be given as many biometric identifiers as needed by issuing a new transformation "key." The identifiers can be cancelled and replaced when compromised. We empirically compare the performance of several algorithms such as Cartesian, polar, and surface folding transformations of the minutiae positions. It is demonstrated through multiple experiments that we can achieve revocability and prevent cross-matching of biometric databases. It is also shown that the transforms are noninvertible by demonstrating that it is computationally as hard to recover the original biometric identifier from a transformed version as by randomly guessing. Based on these empirical results and a theoretical analysis we conclude that feature-level cancelable biometric construction is practicable in large biometric deployments.

CUE: counterfeit-resistant usable eye movement-based authentication via oculomotor plant characteristics and complex eye movement patterns

NASA Astrophysics Data System (ADS)

Komogortsev, Oleg V.; Karpov, Alexey; Holland, Corey D.

2012-06-01

The widespread use of computers throughout modern society introduces the necessity for usable and counterfeit-resistant authentication methods to ensure secure access to personal resources such as bank accounts, e-mail, and social media. Current authentication methods require tedious memorization of lengthy pass phrases, are often prone to shouldersurfing, and may be easily replicated (either by counterfeiting parts of the human body or by guessing an authentication token based on readily available information). This paper describes preliminary work toward a counterfeit-resistant usable eye movement-based (CUE) authentication method. CUE does not require any passwords (improving the memorability aspect of the authentication system), and aims to provide high resistance to spoofing and shoulder-surfing by employing the combined biometric capabilities of two behavioral biometric traits: 1) oculomotor plant characteristics (OPC) which represent the internal, non-visible, anatomical structure of the eye; 2) complex eye movement patterns (CEM) which represent the strategies employed by the brain to guide visual attention. Both OPC and CEM are extracted from the eye movement signal provided by an eye tracking system. Preliminary results indicate that the fusion of OPC and CEM traits is capable of providing a 30% reduction in authentication error when compared to the authentication accuracy of individual traits.

Time Pattern Locking Scheme for Secure Multimedia Contents in Human-Centric Device

PubMed Central

Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

2014-01-01

Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties. PMID:25202737

Time pattern locking scheme for secure multimedia contents in human-centric device.

PubMed

Kim, Hyun-Woo; Kim, Jun-Ho; Park, Jong Hyuk; Jeong, Young-Sik

2014-01-01

Among the various smart multimedia devices, multimedia smartphones have become the most widespread due to their convenient portability and real-time information sharing, as well as various other built-in features. Accordingly, since personal and business activities can be carried out using multimedia smartphones without restrictions based on time and location, people have more leisure time and convenience than ever. However, problems such as loss, theft, and information leakage because of convenient portability have also increased proportionally. As a result, most multimedia smartphones are equipped with various built-in locking features. Pattern lock, personal identification numbers, and passwords are the most used locking features on current smartphones, but these are vulnerable to shoulder surfing and smudge attacks, allowing malicious users to bypass the security feature easily. In particular, the smudge attack technique is a convenient way to unlock multimedia smartphones after they have been stolen. In this paper, we propose the secure locking screen using time pattern (SLSTP) focusing on improved security and convenience for users to support human-centric multimedia device completely. The SLSTP can provide a simple interface to users and reduce the risk factors pertaining to security leakage to malicious third parties.

An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem.

PubMed

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2015-03-01

The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

76 FR 11680 - Service Contracts and Non-Vessel-Operating Service Arrangements; Transmission of Approved Log-In...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-03

... Contracts and Non-Vessel-Operating Service Arrangements; Transmission of Approved Log-In ID and Passwords... advise applicants for log-in IDs and passwords. DATES: The Final Rule is effective March 3, 2011. FOR... the U.S. Mail to transmit approved log-on IDs and password to registrants in the Commission's...

Password Complexity Recommendations: xezandpAxat8Um or P4$$w0rd!!!!

DTIC Science & Technology

2014-10-01

have we seen the computer screen with fast- scrolling characters, with good answers being indicated one by one? This is not a MasterMind game ! Password...security/2013/ 05/how-crackers-make-minced- meat -out-of-your-passwords (Access Date: 2014-04-02). 18 DRDC-RDDC-2014-R27 DOCUMENT CONTROL DATA (Security

Using cloud models of heartbeats as the entity identifier to secure mobile devices.

PubMed

Fu, Donglai; Liu, Yanhua

2017-01-01

Mobile devices are extensively used to store more private and often sensitive information. Therefore, it is important to protect them against unauthorised access. Authentication ensures that authorised users can use mobile devices. However, traditional authentication methods, such as numerical or graphic passwords, are vulnerable to passive attacks. For example, an adversary can steal the password by snooping from a shorter distance. To avoid these problems, this study presents a biometric approach that uses cloud models of heartbeats as the entity identifier to secure mobile devices. Here, it is identified that these concepts including cloud model or cloud have nothing to do with cloud computing. The cloud model appearing in the study is the cognitive model. In the proposed method, heartbeats are collected by two ECG electrodes that are connected to one mobile device. The backward normal cloud generator is used to generate ECG standard cloud models characterising the heartbeat template. When a user tries to have access to their mobile device, cloud models regenerated by fresh heartbeats will be compared with ECG standard cloud models to determine if the current user can use this mobile device. This authentication method was evaluated from three aspects including accuracy, authentication time and energy consumption. The proposed method gives 86.04% of true acceptance rate with 2.73% of false acceptance rate. One authentication can be done in 6s, and this processing consumes about 2000 mW of power.

An improved anonymous authentication scheme for roaming in ubiquitous networks.

PubMed

Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick; Won, Dongho

2018-01-01

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people's lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.'s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al's scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

An improved anonymous authentication scheme for roaming in ubiquitous networks

PubMed Central

Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick

2018-01-01

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments. PMID:29505575

Group Management Method of RFID Passwords for Privacy Protection

NASA Astrophysics Data System (ADS)

Kobayashi, Yuichi; Kuwana, Toshiyuki; Taniguchi, Yoji; Komoda, Norihisa

When RFID tag is used in the whole item lifecycle including a consumer scene or a recycle scene, we have to protect consumer privacy in the state that RFID tag is stuck on an item. We use the low cost RFID tag that has the access control function using a password, and we propose a method which manages RFID tags by passwords identical to each group of RFID tags. This proposal improves safety of RFID system because the proposal method is able to reduce the traceability for a RFID tag, and hold down the influence for disclosure of RFID passwords in the both scenes.

The Exploration of the Relationship between Guessing and Latent Ability in IRT Models

ERIC Educational Resources Information Center

Gao, Song

2011-01-01

This study explored the relationship between successful guessing and latent ability in IRT models. A new IRT model was developed with a guessing function integrating probability of guessing an item correctly with the examinee's ability and the item parameters. The conventional 3PL IRT model was compared with the new 2PL-Guessing model on…

A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

PubMed

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

2014-09-01

Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

Advanced Terrain Representation for the Microticcit Workstation: System Maintenance Manual

DTIC Science & Technology

1986-02-01

enter the */ /* password. */ /* Inputs: passwd - password to compare userfs entry to */ /* Outputs: TRUE - if password entered correctly...include "atrdefs.h" #include "ctype.h" extern char window[]; /* useable portion of screen */ 1 i getpw( passwd ) char passwd []; { int c...blank input window */ pcvgcp(&row,*col); curs_off(); nchars - ntries - 0; len « strlen( passwd ); pcvwca(len,• *,REVIDEO); /* process keys till user

Distributed Password Cracking

DTIC Science & Technology

2009-12-01

other services for early UNIX systems at Bell labs. In many UNIX based systems, the field added to ‘etc/ passwd ’ file to carry GCOS ID information was...charset, and external. struct options_main { /* Option flags */ opt_flags flags; /* Password files */ struct list_main * passwd ; /* Password file...object PASSWD . It is part of several other data structures. struct PASSWD { int id; char *login; char *passwd_hash; int UID

Guessing versus Choosing an Upcoming Task

PubMed Central

Kleinsorge, Thomas; Scheil, Juliane

2016-01-01

We compared the effects of guessing vs. choosing an upcoming task. In a task-switching paradigm with four tasks, two groups of participants were asked to either guess or choose which task will be presented next under otherwise identical conditions. The upcoming task corresponded to participants’ guesses or choices in 75 % of the trials. However, only participants in the Choosing condition were correctly informed about this, whereas participants in the Guessing condition were told that tasks were determined at random. In the Guessing condition, we replicated previous findings of a pronounced reduction of switch costs in case of incorrect guesses. This switch cost reduction was considerably less pronounced with denied choices in the Choosing condition. We suggest that in the Choosing condition, the signaling of prediction errors associated with denied choices is attenuated because a certain proportion of denied choices is consistent with the overall representation of the situation as conveyed by task instructions. In the Guessing condition, in contrast, the mismatch of guessed and actual task is resolved solely on the level of individual trials by strengthening the representation of the actual task. PMID:27047423

How to Speak an Authentication Secret Securely from an Eavesdropper

NASA Astrophysics Data System (ADS)

O'Gorman, Lawrence; Brotman, Lynne; Sammon, Michael

When authenticating over the telephone or mobile headphone, the user cannot always assure that no eavesdropper hears the password or authentication secret. We describe an eavesdropper-resistant, challenge-response authentication scheme for spoken authentication where an attacker can hear the user’s voiced responses. This scheme entails the user to memorize a small number of plaintext-ciphertext pairs. At authentication, these are challenged in random order and interspersed with camouflage elements. It is shown that the response can be made to appear random so that no information on the memorized secret can be learned by eavesdroppers. We describe the method along with parameter value tradeoffs of security strength, authentication time, and memory effort. This scheme was designed for user authentication of wireless headsets used for hands-free communication by healthcare staff at a hospital.

Password-free network security through joint use of audio and video

NASA Astrophysics Data System (ADS)

Civanlar, Mehmet R.; Chen, Tsuhan

1997-01-01

REmote authentication is vital for many network based applications. As the number of such applications increases, user friendliness of the authentication process, particularly as it relates to password management, becomes as important as its reliability. The multimedia capabilities of the modern terminal equipment can provide the basis for a dependable and easy to use authentication system which does not require the user to memorize passwords. This paper outlines our implementation of an authentication system based on the joint use of the speech and facial video of a user. Our implementation shows that the voice and the video of the associated lip movements, when used together, can be very effective for password free authentication.

Encryption Characteristics of Two USB-based Personal Health Record Devices

PubMed Central

Wright, Adam; Sittig, Dean F.

2007-01-01

Personal health records (PHRs) hold great promise for empowering patients and increasing the accuracy and completeness of health information. We reviewed two small USB-based PHR devices that allow a patient to easily store and transport their personal health information. Both devices offer password protection and encryption features. Analysis of the devices shows that they store their data in a Microsoft Access database. Due to a flaw in the encryption of this database, recovering the user’s password can be accomplished with minimal effort. Our analysis also showed that, rather than encrypting health information with the password chosen by the user, the devices stored the user’s password as a string in the database and then encrypted that database with a common password set by the manufacturer. This is another serious vulnerability. This article describes the weaknesses we discovered, outlines three critical flaws with the security model used by the devices, and recommends four guidelines for improving the security of similar devices. PMID:17460132

Parallel Guessing: A Strategy for High-Speed Computation

DTIC Science & Technology

1984-09-19

for using additional hardware to obtain higher processing speed). In this paper we argue that parallel guessing for image analysis is a useful...from a true solution, or the correctness of a guess, can be readily checked. We review image - analysis algorithms having a parallel guessing or

Computer-Access-Code Matrices

NASA Technical Reports Server (NTRS)

Collins, Earl R., Jr.

1990-01-01

Authorized users respond to changing challenges with changing passwords. Scheme for controlling access to computers defeats eavesdroppers and "hackers". Based on password system of challenge and password or sign, challenge, and countersign correlated with random alphanumeric codes in matrices of two or more dimensions. Codes stored on floppy disk or plug-in card and changed frequently. For even higher security, matrices of four or more dimensions used, just as cubes compounded into hypercubes in concurrent processing.

Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chevassut, Olivier; Milner, Joseph; Pointcheval, David

2008-04-21

The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on anmore » analysis of relevant patents in the area.« less

Comment on 3PL IRT Adjustment for Guessing

ERIC Educational Resources Information Center

Chiu, Ting-Wei; Camilli, Gregory

2013-01-01

Guessing behavior is an issue discussed widely with regard to multiple choice tests. Its primary effect is on number-correct scores for examinees at lower levels of proficiency. This is a systematic error or bias, which increases observed test scores. Guessing also can inflate random error variance. Correction or adjustment for guessing formulas…

Children's Awareness of Their Own Certainty and Understanding of Deduction and Guessing

ERIC Educational Resources Information Center

Pillow, Bradford H.; Anderson, Katherine L.

2006-01-01

We conducted three studies that investigated first through third grade children's ability to identify and remember deductive inference or guessing as the source of a belief, to detect and retain the certainty of a belief generated through inference or guessing and to evaluate another observer's inferences and guesses. Immediately following a…

Evaluating the Impact of Guessing and Its Interactions With Other Test Characteristics on Confidence Interval Procedures for Coefficient Alpha

PubMed Central

Paek, Insu

2015-01-01

The effect of guessing on the point estimate of coefficient alpha has been studied in the literature, but the impact of guessing and its interactions with other test characteristics on the interval estimators for coefficient alpha has not been fully investigated. This study examined the impact of guessing and its interactions with other test characteristics on four confidence interval (CI) procedures for coefficient alpha in terms of coverage rate (CR), length, and the degree of asymmetry of CI estimates. In addition, interval estimates of coefficient alpha when data follow the essentially tau-equivalent condition were investigated as a supplement to the case of dichotomous data with examinee guessing. For dichotomous data with guessing, the results did not reveal salient negative effects of guessing and its interactions with other test characteristics (sample size, test length, coefficient alpha levels) on CR and the degree of asymmetry, but the effect of guessing was salient as a main effect and an interaction effect with sample size on the length of the CI estimates, making longer CI estimates as guessing increases, especially when combined with a small sample size. Other important effects (e.g., CI procedures on CR) are also discussed. PMID:29795863

Storage-based Intrusion Detection: Watching storage activity for suspicious behavior

DTIC Science & Technology

2002-10-01

password management involves a pair of inter-related files (/etc/ passwd and /etc/shadow). The corresponding access pat- terns seen at the storage...example, consider a UNIX system password file (/etc/ passwd ), which con- sists of a set of well-defined records. Records are delimited by a line-break, and...etc/ passwd and verify that they conform to a set of basic integrity rules: 7-field records, non-empty password field, legal default shell, legal home

Gout

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Osteonecrosis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Vasculitis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

PubMed

Mishra, Dheerendra

2015-03-01

Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

Polymyalgia Rheumatica

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Neck Pain

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Psoriatic Arthritis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Juvenile Arthritis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Dermatomyositis (Juvenile)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Metabolic Myopathies

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Spinal Stenosis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

The Potential Use of the Discouraging Random Guessing (DRG) Approach in Multiple-Choice Exams in Medical Education.

ERIC Educational Resources Information Center

Friedman, Miriam; And Others

1987-01-01

Test performances of sophomore medical students on a pretest and final exam (under guessing and no-guessing instructions) were compared. Discouraging random guessing produced test information with improved test reliability and less distortion of item difficulty. More able examinees were less compliant than less able examinees. (Author/RH)

Acquiring Different Senses of the Verb "To Know."

ERIC Educational Resources Information Center

Richards, Meredith Martin; Brown, Melissa Leath

Children's understanding of the epistemological terms "know" and "guess" was investigated in two studies with four- to ten-year-old subjects. Two adult players guessed at the location of a ball hidden in one of two boxes. On each trial the child was asked questions about "knowing" and "guessing" both before and after the guessing took place.…

Find a Rheumatologist

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Antinuclear Antibodies (ANA)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Sex and Arthritis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Joint Injection/Aspiration

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Giant Cell Arteritis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Carpal Tunnel Syndrome

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Tendinitis and Bursitis

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Practical Computer Security through Cryptography

NASA Technical Reports Server (NTRS)

McNab, David; Twetev, David (Technical Monitor)

1998-01-01

The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

PubMed

Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick; Won, Dongho

2017-01-01

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

DOE's Computer Incident Advisory Capability (CIAC)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schultz, E.

1990-09-01

Computer security is essential in maintaining quality in the computing environment. Computer security incidents, however, are becoming more sophisticated. The DOE Computer Incident Advisory Capability (CIAC) team was formed primarily to assist DOE sites in responding to computer security incidents. Among CIAC's other responsibilities are gathering and distributing information to DOE sites, providing training workshops, coordinating with other agencies, response teams, and vendors, creating guidelines for incident handling, and developing software tools. CIAC has already provided considerable assistance to DOE sites faced with virus infections and worm and hacker attacks, has issued over 40 information bulletins, and has developed andmore » presented a workshop on incident handling. CIAC's experience in helping sites has produced several lessons learned, including the need to follow effective procedures to avoid virus infections in small systems and the need for sound password management and system administration in networked systems. CIAC's activity and scope will expand in the future. 4 refs.« less

A Password System Based on Sketches

DTIC Science & Technology

2016-07-12

than traditional passwords. Biometrics include biological properties such as fingerprints, voices, faces, and even handwriting . Fingerprints have been...perturbation of the sketch495 results in a corresponding change in the model, which is exactly what we imply when we say that model is (locally...Conf. on Frontiers in Handwriting Recognition (2010) 339–344.690 [29] M. Martinez-Diaz, J. Fierrez, J. Galbally, The DooDB Graphical Password Database: Data Analysis and Benchmark Results, IEEE Access 1 (2013) 596–605. 32 33

PKPass

DOE Office of Scientific and Technical Information (OSTI.GOV)

Adamson, Ryan M.

Password management solutions exist, but few are designed for enterprise systems administrators sharing oncall rotations. Due to the Multi-Factor Level of Assurance 4 effort, DOE is now distributing PIV cards with cryptographically signed certificate and private key pairs to administrators and other security-significant users. We utilize this public key infrastructure (PKI) to encrypt passwords for other recipients in a secure way. This is cross platform (works on OSX and Linux systems), and has already been adopted internally by the NCCS systems administration staff to replace their old password book system.

HIV and Rheumatic Disease

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

What Is a Rheumatologist?

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Genetics and Rheumatic Disease

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Pregnancy and Rheumatic Disease

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

HCV and Rheumatic Disease

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

American College of Rheumatology

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Sjögren's Syndrome

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Granulomatosis with Polyangiitis (Wegener's)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Calcium Pyrophosphate Deposition (CPPD)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

NSAIDs (Nonsteroidal Anti-inflammatory Drugs)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Osteonecrosis of the Jaw (ONJ)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

The Costs and Benefits of Testing and Guessing on Recognition Memory

PubMed Central

Huff, Mark J.; Balota, David A.; Hutchison, Keith A.

2016-01-01

We examined whether two types of interpolated tasks (i.e., retrieval-practice via free recall or guessing a missing critical item) improved final recognition for related and unrelated word lists relative to restudying or completing a filler task. Both retrieval-practice and guessing tasks improved correct recognition relative to restudy and filler tasks, particularly when study lists were semantically related. However, both retrieval practice and guessing also generally inflated false recognition for the non-presented critical words. These patterns were found when final recognition was completed during a short delay within the same experimental session (Experiment 1) and following a 24-hr delay (Experiment 2). In Experiment 3, task instructions were presented randomly after each list to determine whether retrieval-practice and guessing effects were influenced by task-expectancy processes. In contrast to Experiments 1 and 2, final recognition following retrieval practice and guessing was equivalent to restudy, suggesting that the observed retrieval-practice and guessing advantages were in part due to preparatory task-based processing during study. PMID:26950490

Children's and adults' evaluation of the certainty of deductive inferences, inductive inferences, and guesses.

PubMed

Pillow, Bradford H

2002-01-01

Two experiments investigated kindergarten through fourth-grade children's and adults' (N = 128) ability to (1) evaluate the certainty of deductive inferences, inductive inferences, and guesses; and (2) explain the origins of inferential knowledge. When judging their own cognitive state, children in first grade and older rated deductive inferences as more certain than guesses; but when judging another person's knowledge, children did not distinguish valid inferences from invalid inferences and guesses until fourth grade. By third grade, children differentiated their own deductive inferences from inductive inferences and guesses, but only adults both differentiated deductive inferences from inductive inferences and differentiated inductive inferences from guesses. Children's recognition of their own inferences may contribute to the development of knowledge about cognitive processes, scientific reasoning, and a constructivist epistemology.

Cryopyrin-Associated Autoinflammatory Syndromes (CAPS) - Juvenile

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Children's and adults' judgments of the certainty of deductive inferences, inductive inferences, and guesses.

PubMed

Pillow, Bradford H; Pearson, Raeanne M; Hecht, Mary; Bremer, Amanda

2010-01-01

Children and adults rated their own certainty following inductive inferences, deductive inferences, and guesses. Beginning in kindergarten, participants rated deductions as more certain than weak inductions or guesses. Deductions were rated as more certain than strong inductions beginning in Grade 3, and fourth-grade children and adults differentiated strong inductions, weak inductions, and informed guesses from pure guesses. By Grade 3, participants also gave different types of explanations for their deductions and inductions. These results are discussed in relation to children's concepts of cognitive processes, logical reasoning, and epistemological development.

Evaluating the Impact of Guessing and Its Interactions with Other Test Characteristics on Confidence Interval Procedures for Coefficient Alpha

ERIC Educational Resources Information Center

Paek, Insu

2016-01-01

The effect of guessing on the point estimate of coefficient alpha has been studied in the literature, but the impact of guessing and its interactions with other test characteristics on the interval estimators for coefficient alpha has not been fully investigated. This study examined the impact of guessing and its interactions with other test…

Optical key system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hagans, K.G.; Clough, R.E.

2000-04-25

An optical key system comprises a battery-operated optical key and an isolated lock that derives both its operating power and unlock signals from the correct optical key. A light emitting diode or laser diode is included within the optical key and is connected to transmit a bit-serial password. The key user physically enters either the code-to-transmit directly, or an index to a pseudorandom number code, in the key. Such person identification numbers can be retained permanently, or ephemeral. When a send button is pressed, the key transmits a beam of light modulated with the password information. The modulated beam ofmore » light is received by a corresponding optical lock with a photovoltaic cell that produces enough power from the beam of light to operate a password-screen digital logic. In one application, an acceptable password allows a two watt power laser diode to pump ignition and timing information over a fiberoptic cable into a sealed engine compartment. The receipt of a good password allows the fuel pump, spark, and starter systems to each operate. Therefore, bypassing the lock mechanism as is now routine with automobile thieves is pointless because the engine is so thoroughly disabled.« less

Optical key system

DOEpatents

Hagans, Karla G.; Clough, Robert E.

2000-01-01

An optical key system comprises a battery-operated optical key and an isolated lock that derives both its operating power and unlock signals from the correct optical key. A light emitting diode or laser diode is included within the optical key and is connected to transmit a bit-serial password. The key user physically enters either the code-to-transmit directly, or an index to a pseudorandom number code, in the key. Such person identification numbers can be retained permanently, or ephemeral. When a send button is pressed, the key transmits a beam of light modulated with the password information. The modulated beam of light is received by a corresponding optical lock with a photovoltaic cell that produces enough power from the beam of light to operate a password-screen digital logic. In one application, an acceptable password allows a two watt power laser diode to pump ignition and timing information over a fiberoptic cable into a sealed engine compartment. The receipt of a good password allows the fuel pump, spark, and starter systems to each operate. Therefore, bypassing the lock mechanism as is now routine with automobile thieves is pointless because the engine is so thoroughly disabled.

Immune System and Its Link to Rheumatic Diseases

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Periodic Fever, Aphthous Stomatitis, Pharyngitis, Adenitis Syndrome (PFAPA)

MedlinePlus

... Keep me signed in Passwords are Case Sensitive. Ex. Enter smith as follows: Smith Forgot Username/Password? ... Erythematosus (Juvenile) Takayasu's Arteritis Tendinitis & Bursitis Tumor Necrosis Factor Receptor Associated Periodic Syndrome (Juvenile) Vasculitis Enfermedades y ...

Device-independent two-party cryptography secure against sequential attacks

NASA Astrophysics Data System (ADS)

Kaniewski, Jędrzej; Wehner, Stephanie

2016-05-01

The goal of two-party cryptography is to enable two parties, Alice and Bob, to solve common tasks without the need for mutual trust. Examples of such tasks are private access to a database, and secure identification. Quantum communication enables security for all of these problems in the noisy-storage model by sending more signals than the adversary can store in a certain time frame. Here, we initiate the study of device-independent (DI) protocols for two-party cryptography in the noisy-storage model. Specifically, we present a relatively easy to implement protocol for a cryptographic building block known as weak string erasure and prove its security even if the devices used in the protocol are prepared by the dishonest party. DI two-party cryptography is made challenging by the fact that Alice and Bob do not trust each other, which requires new techniques to establish security. We fully analyse the case of memoryless devices (for which sequential attacks are optimal) and the case of sequential attacks for arbitrary devices. The key ingredient of the proof, which might be of independent interest, is an explicit (and tight) relation between the violation of the Clauser-Horne-Shimony-Holt inequality observed by Alice and Bob and uncertainty generated by Alice against Bob who is forced to measure his system before finding out Alice’s setting (guessing with postmeasurement information). In particular, we show that security is possible for arbitrarily small violation.

76 FR 30408 - Agency Forms Submitted for OMB Review, Request for Comments

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-25

... conduct business with the agency electronically. As part of the system, the RRB collects information..., the requestor can apply for a PIN/ Password online. Once the PIN/Password has been established, the...

Cryptanalysis of Password Protection of Oracle Database Management System (DBMS)

NASA Astrophysics Data System (ADS)

Koishibayev, Timur; Umarova, Zhanat

2016-04-01

This article discusses the currently available encryption algorithms in the Oracle database, also the proposed upgraded encryption algorithm, which consists of 4 steps. In conclusion we make an analysis of password encryption of Oracle Database.

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

PubMed

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2015-09-01

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to other related schemes. As a result, our scheme is very appropriate for practical applications in TMIS.

Age-related differences in guessing on free and forced recall tests.

PubMed

Huff, Mark J; Meade, Michelle L; Hutchison, Keith A

2011-05-01

This study examined possible age-related differences in recall, guessing, and metacognition on free recall tests and forced recall tests. Participants studied categorised and unrelated word lists and were asked to recall the items under one of the following test conditions: standard free recall, free recall with a penalty for guessing, free recall with no penalty for guessing, or forced recall. The results demonstrated interesting age differences regarding the impact of liberal test instructions (i.e., forced recall and no penalty) relative to more conservative test instructions (i.e., standard free recall and penalty) on memory performance. Specifically, once guessing was controlled, younger adults' recall of categorised lists varied in accordance with test instructions while older adults' recall of categorised lists did not differ between conservative and liberal test instructions, presumably because older adults approach standard free recall tests of categorised lists with a greater propensity towards guessing than young adults.

What Is the PE Password? Incorporating Vocabulary in Your Elementary PE Program

ERIC Educational Resources Information Center

Robelee, Margaret E.

2016-01-01

This article describes a novel program for third through fifth grade called "What is the PE Password?" that teaches vocabulary words and concepts without sacrificing activity time in order to support Common Core learning.

Connecting to HPC VPN | High-Performance Computing | NREL

Science.gov Websites

and password will match your NREL network account login/password. From OS X or Linux, open a terminal finalized. Open a Remote Desktop connection using server name WINHPC02 (this is the login node). Mac Mac

Password Cracking Using Sony Playstations

NASA Astrophysics Data System (ADS)

Kleinhans, Hugo; Butts, Jonathan; Shenoi, Sujeet

Law enforcement agencies frequently encounter encrypted digital evidence for which the cryptographic keys are unknown or unavailable. Password cracking - whether it employs brute force or sophisticated cryptanalytic techniques - requires massive computational resources. This paper evaluates the benefits of using the Sony PlayStation 3 (PS3) to crack passwords. The PS3 offers massive computational power at relatively low cost. Moreover, multiple PS3 systems can be introduced easily to expand parallel processing when additional power is needed. This paper also describes a distributed framework designed to enable law enforcement agents to crack encrypted archives and applications in an efficient and cost-effective manner.

Backup key generation model for one-time password security protocol

NASA Astrophysics Data System (ADS)

Jeyanthi, N.; Kundu, Sourav

2017-11-01

The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications’user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token.

Agency affects adults', but not children's, guessing preferences in a game of chance.

PubMed

Harris, Adam J L; Rowley, Martin G; Beck, Sarah R; Robinson, Elizabeth J; McColgan, Kerry L

2011-09-01

Adults and children have recently been shown to prefer guessing the outcome of a die roll after the die has been rolled (but remained out of sight) rather than before it has been rolled. This result is contrary to the predictions of the competence hypothesis (Heath & Tversky, 1991 ), which proposes that people are sensitive to the degree of their relative ignorance and therefore prefer to guess about an outcome it is impossible to know, rather than one that they could know, but do not. We investigated the potential role of agency in guessing preferences about a novel game of chance. When the experimenter controlled the outcome, we replicated the finding that adults and 5- to 6-year-old children preferred to make their guess after the outcome had been determined. For adults only, this preference reversed when they exerted control over the outcome about which they were guessing. The adult data appear best explained by a modified version of the competence hypothesis that highlights the notion of control or responsibility. It is proposed that potential attributions of blame are related to the guesser's role in determining the outcome. The child data were consistent with an imagination-based account of guessing preferences.

Alternative Fuels Data Center: Petroleum and Emission Reduction Planning

Science.gov Websites

Add Goal × Log In You need an account to save your plans. If you already have an account, log in below. Otherwise, create an account. Email address: Password: Confirm password: LOG IN Cancel Forgot

Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing.

PubMed

Ehatisham-Ul-Haq, Muhammad; Azam, Muhammad Awais; Loo, Jonathan; Shuang, Kai; Islam, Syed; Naeem, Usman; Amin, Yasar

2017-09-06

Smartphones are context-aware devices that provide a compelling platform for ubiquitous computing and assist users in accomplishing many of their routine tasks anytime and anywhere, such as sending and receiving emails. The nature of tasks conducted with these devices has evolved with the exponential increase in the sensing and computing capabilities of a smartphone. Due to the ease of use and convenience, many users tend to store their private data, such as personal identifiers and bank account details, on their smartphone. However, this sensitive data can be vulnerable if the device gets stolen or lost. A traditional approach for protecting this type of data on mobile devices is to authenticate users with mechanisms such as PINs, passwords, and fingerprint recognition. However, these techniques are vulnerable to user compliance and a plethora of attacks, such as smudge attacks. The work in this paper addresses these challenges by proposing a novel authentication framework, which is based on recognizing the behavioral traits of smartphone users using the embedded sensors of smartphone, such as Accelerometer, Gyroscope and Magnetometer. The proposed framework also provides a platform for carrying out multi-class smart user authentication, which provides different levels of access to a wide range of smartphone users. This work has been validated with a series of experiments, which demonstrate the effectiveness of the proposed framework.

Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing

PubMed Central

Ehatisham-ul-Haq, Muhammad; Azam, Muhammad Awais; Loo, Jonathan; Shuang, Kai; Islam, Syed; Naeem, Usman; Amin, Yasar

2017-01-01

Smartphones are context-aware devices that provide a compelling platform for ubiquitous computing and assist users in accomplishing many of their routine tasks anytime and anywhere, such as sending and receiving emails. The nature of tasks conducted with these devices has evolved with the exponential increase in the sensing and computing capabilities of a smartphone. Due to the ease of use and convenience, many users tend to store their private data, such as personal identifiers and bank account details, on their smartphone. However, this sensitive data can be vulnerable if the device gets stolen or lost. A traditional approach for protecting this type of data on mobile devices is to authenticate users with mechanisms such as PINs, passwords, and fingerprint recognition. However, these techniques are vulnerable to user compliance and a plethora of attacks, such as smudge attacks. The work in this paper addresses these challenges by proposing a novel authentication framework, which is based on recognizing the behavioral traits of smartphone users using the embedded sensors of smartphone, such as Accelerometer, Gyroscope and Magnetometer. The proposed framework also provides a platform for carrying out multi-class smart user authentication, which provides different levels of access to a wide range of smartphone users. This work has been validated with a series of experiments, which demonstrate the effectiveness of the proposed framework. PMID:28878177

Exploring the perceptual biases associated with believing and disbelieving in paranormal phenomena.

PubMed

Simmonds-Moore, Christine

2014-08-01

Ninety-five participants (32 believers, 30 disbelievers and 33 neutral believers in the paranormal) participated in an experiment comprising one visual and one auditory block of trials. Each block included one ESP, two degraded stimuli and one random trial. Each trial included 8 screens or epochs of "random" noise. Participants entered a guess if they perceived a stimulus or changed their mind about stimulus identity, rated guesses for confidence and made notes during each trial. Believers and disbelievers did not differ in the number of guesses made, or in their ability to detect degraded stimuli. Believers displayed a trend toward making faster guesses for some conditions and significantly higher confidence and more misidentifications concerning guesses than disbelievers. Guesses, misidentifications and faster response latencies were generally more likely in the visual than auditory conditions. ESP performance was no different from chance. ESP performance did not differ between belief groups or sensory modalities. Copyright © 2014 Elsevier Inc. All rights reserved.

Influences of Source - Item Contingency and Schematic Knowledge on Source Monitoring: Tests of the Probability-Matching Account

PubMed Central

Bayen, Ute J.; Kuhlmann, Beatrice G.

2010-01-01

The authors investigated conditions under which judgments in source-monitoring tasks are influenced by prior schematic knowledge. According to a probability-matching account of source guessing (Spaniol & Bayen, 2002), when people do not remember the source of information, they match source guessing probabilities to the perceived contingency between sources and item types. When they do not have a representation of a contingency, they base their guesses on prior schematic knowledge. The authors provide support for this account in two experiments with sources presenting information that was expected for one source and somewhat unexpected for another. Schema-relevant information about the sources was provided at the time of encoding. When contingency perception was impeded by dividing attention, participants showed schema-based guessing (Experiment 1). Manipulating source - item contingency also affected guessing (Experiment 2). When this contingency was schema-inconsistent, it superseded schema-based expectations and led to schema-inconsistent guessing. PMID:21603251

Predictive ability of an early diagnostic guess in patients presenting with chest pain; a longitudinal descriptive study

PubMed Central

2010-01-01

Background The intuitive early diagnostic guess could play an important role in reaching a final diagnosis. However, no study to date has attempted to quantify the importance of general practitioners' (GPs) ability to correctly appraise the origin of chest pain within the first minutes of an encounter. Methods The validation study was nested in a multicentre cohort study with a one year follow-up and included 626 successive patients who presented with chest pain and were attended by 58 GPs in Western Switzerland. The early diagnostic guess was assessed prior to a patient's history being taken by a GP and was then compared to a diagnosis of chest pain observed over the next year. Results Using summary measures clustered at the GP's level, the early diagnostic guess was confirmed by further investigation in 51.0% (CI 95%; 49.4% to 52.5%) of patients presenting with chest pain. The early diagnostic guess was more accurate in patients with a life threatening illness (65.4%; CI 95% 64.5% to 66.3%) and in patients who did not feel anxious (62.9%; CI 95% 62.5% to 63.3%). The predictive abilities of an early diagnostic guess were consistent among GPs. Conclusions The GPs early diagnostic guess was correct in one out of two patients presenting with chest pain. The probability of a correct guess was higher in patients with a life-threatening illness and in patients not feeling anxious about their pain. PMID:20170544

Predictive ability of an early diagnostic guess in patients presenting with chest pain; a longitudinal descriptive study.

PubMed

Verdon, François; Junod, Michel; Herzig, Lilli; Vaucher, Paul; Burnand, Bernard; Bischoff, Thomas; Pécoud, Alain; Favrat, Bernard

2010-02-21

The intuitive early diagnostic guess could play an important role in reaching a final diagnosis. However, no study to date has attempted to quantify the importance of general practitioners' (GPs) ability to correctly appraise the origin of chest pain within the first minutes of an encounter. The validation study was nested in a multicentre cohort study with a one year follow-up and included 626 successive patients who presented with chest pain and were attended by 58 GPs in Western Switzerland. The early diagnostic guess was assessed prior to a patient's history being taken by a GP and was then compared to a diagnosis of chest pain observed over the next year. Using summary measures clustered at the GP's level, the early diagnostic guess was confirmed by further investigation in 51.0% (CI 95%; 49.4% to 52.5%) of patients presenting with chest pain. The early diagnostic guess was more accurate in patients with a life threatening illness (65.4%; CI 95% 64.5% to 66.3%) and in patients who did not feel anxious (62.9%; CI 95% 62.5% to 63.3%). The predictive abilities of an early diagnostic guess were consistent among GPs. The GPs early diagnostic guess was correct in one out of two patients presenting with chest pain. The probability of a correct guess was higher in patients with a life-threatening illness and in patients not feeling anxious about their pain.

Evaluating the contributions of task expectancy in the testing and guessing benefits on recognition memory.

PubMed

Huff, Mark J; Yates, Tyler J; Balota, David A

2018-05-03

Recently, we have shown that two types of initial testing (recall of a list or guessing of critical items repeated over 12 study/test cycles) improved final recognition of related and unrelated word lists relative to restudy. These benefits were eliminated, however, when test instructions were manipulated within subjects and presented after study of each list, procedures designed to minimise expectancy of a specific type of upcoming test [Huff, Balota, & Hutchison, 2016. The costs and benefits of testing and guessing on recognition memory. Journal of Experimental Psychology: Learning, Memory, and Cognition, 42, 1559-1572. doi: 10.1037/xlm0000269 ], suggesting that testing and guessing effects may be influenced by encoding strategies specific for the type of upcoming task. We follow-up these experiments by examining test-expectancy processes in guessing and testing. Testing and guessing benefits over restudy were not found when test instructions were presented either after (Experiment 1) or before (Experiment 2) a single study/task cycle was completed, nor were benefits found when instructions were presented before study/task cycles and the task was repeated three times (Experiment 3). Testing and guessing benefits emerged only when instructions were presented before a study/task cycle and the task was repeated six times (Experiments 4A and 4B). These experiments demonstrate that initial testing and guessing can produce memory benefits in recognition, but only following substantial task repetitions which likely promote task-expectancy processes.

75 FR 5579 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-03

... with re-entry controlled by passwords. The DLA Enterprise Hotline Program Database is also password...: * * * * * System location: Delete entry and replace with ``Director, DLA Accountability Office (DA), Headquarters....'' * * * * * Retention and disposal: Delete entry and replace with ``Records are destroyed/deleted 10 years after...

A resettable and reprogrammable DNA-based security system to identify multiple users with hierarchy.

PubMed

Li, Hailong; Hong, Wei; Dong, Shaojun; Liu, Yaqing; Wang, Erkang

2014-03-25

Molecular-level security devices have raised ever-increasing interest in recent years to protect data and information from illegal invasion. Prior molecular keypad locks have an output signal dependent upon not only the appropriate combination but also the exact sequence of inputs, but it cannot be reset or reprogrammed. Here, a DNA-based security system with reset and never-reported reprogram function is successfully developed in proof-of-principle, with which one can change the password in case that the system is cracked. The previous password becomes invalid in the reprogrammed security system. Interestingly, more than one password is designed to permit multiple users to access. By harnessing the intrinsic merit of the different passwords, the system can distinguish different user who is endowed with prior authority. The intelligent device is addressed on solid support and facilitates electronic processes, avoiding chemical accumulation in the system by simple removal of the electrode from the input solution and indicating a main avenue for its further development.

Correction.

PubMed

2015-03-01

In the January 2015 issue of Cyberpsychology, Behavior, and Social Networking (vol. 18, no. 1, pp. 3–7), the article "Individual Differences in Cyber Security Behaviors: An Examination of Who Is Sharing Passwords." by Prof. Monica Whitty et al., has an error in wording in the abstract. The sentence in question was originally printed as: Contrary to our hypotheses, we found older people and individuals who score high on self-monitoring were more likely to share passwords. It should read: Contrary to our hypotheses, we found younger people and individuals who score high on self-monitoring were more likely to share passwords. The authors wish to apologize for the error.

Children's and Adults' Evaluation of Their Own Inductive Inferences, Deductive Inferences, and Guesses

ERIC Educational Resources Information Center

Pillow, Bradford H.; Pearson, RaeAnne M.

2009-01-01

Adults' and kindergarten through fourth-grade children's evaluations and explanations of inductive inferences, deductive inferences, and guesses were assessed. Beginning in kindergarten, participants rated deductions as more certain than weak inductions or guesses. Beginning in third grade, deductions were rated as more certain than strong…

The Ranschburg Effect: Tests of the Guessing-Bias and Proactive Interference Hypotheses

ERIC Educational Resources Information Center

Walsh, Michael F.; Schwartz, Marian

1977-01-01

The guessing-bias and proactive interference hypotheses of the Ranschburg Effect were investigated by giving three groups different instructions as to guessing during recall. Results failed to support the prediction that the effect should be reduced or eliminated on shift trials. Neither hypothesis received significant support. (CHK)

Generically Used Expert Scheduling System (GUESS): User's Guide Version 1.0

NASA Technical Reports Server (NTRS)

Liebowitz, Jay; Krishnamurthy, Vijaya; Rodens, Ira

1996-01-01

This user's guide contains instructions explaining how to best operate the program GUESS, a generic expert scheduling system. GUESS incorporates several important features for a generic scheduler, including automatic scheduling routines to generate a 'first' schedule for the user, a user interface that includes Gantt charts and enables the human scheduler to manipulate schedules manually, diagnostic report generators, and a variety of scheduling techniques. The current version of GUESS runs on an IBM PC or compatible in the Windows 3.1 or Windows '95 environment.

Simple group password-based authenticated key agreements for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

2013-04-01

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

50 CFR 679.91 - Amendment 80 Program annual harvester privileges.

Code of Federal Regulations, 2011 CFR

2011-10-01

...) Hand delivery or carrier: NMFS, Room 713, 709 West 9th Street, Juneau, AK 99801. (iv) Electronic: http... using the transferor's NMFS ID, password, and Transfer Key and submitting the transfer request, the... on the computer screen. By using the transferee's NMFS ID, password and Transfer Key, the designated...

50 CFR 679.91 - Amendment 80 Program annual harvester privileges.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., Room 713, 709 West 9th Street, Juneau, AK 99801. (iv) Electronic: http://alaskafisheries.noaa.gov. (2... using the transferor's NMFS ID, password, and Transfer Key and submitting the transfer request, the... on the computer screen. By using the transferee's NMFS ID, password and Transfer Key, the designated...

50 CFR 679.91 - Amendment 80 Program annual harvester privileges.

Code of Federal Regulations, 2010 CFR

2010-10-01

...) Hand delivery or carrier: NMFS, Room 713, 709 West 9th Street, Juneau, AK 99801. (iv) Electronic: http... using the transferor's NMFS ID, password, and Transfer Key and submitting the transfer request, the... on the computer screen. By using the transferee's NMFS ID, password and Transfer Key, the designated...

50 CFR 679.91 - Amendment 80 Program annual harvester privileges.

Code of Federal Regulations, 2012 CFR

2012-10-01

...) Hand delivery or carrier: NMFS, Room 713, 709 West 9th Street, Juneau, AK 99801. (iv) Electronic: http... using the transferor's NMFS ID, password, and Transfer Key and submitting the transfer request, the... on the computer screen. By using the transferee's NMFS ID, password and Transfer Key, the designated...

50 CFR 679.91 - Amendment 80 Program annual harvester privileges.

Code of Federal Regulations, 2013 CFR

2013-10-01

...) Hand delivery or carrier: NMFS, Room 713, 709 West 9th Street, Juneau, AK 99801. (iv) Electronic: http... using the transferor's NMFS ID, password, and Transfer Key and submitting the transfer request, the... on the computer screen. By using the transferee's NMFS ID, password and Transfer Key, the designated...

21 CFR 11.300 - Controls for identification codes/passwords.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 1 2011-04-01 2011-04-01 false Controls for identification codes/passwords. 11.300 Section 11.300 Food and Drugs FOOD AND DRUG ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN... attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational...

21 CFR 11.300 - Controls for identification codes/passwords.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 1 2010-04-01 2010-04-01 false Controls for identification codes/passwords. 11.300 Section 11.300 Food and Drugs FOOD AND DRUG ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN... attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational...

Beyond Passwords: Usage and Policy Transformation

DTIC Science & Technology

2007-03-01

case scenario for lost productivity due to users leaving their CAC at work, in their computer, is costing 261 work years per year with an estimated ...one for your CAC) are you currently using? ..................................................................................................... 43...PASSWORDS: USAGE AND POLICY TRANSFORMATION I. Introduction Background Currently , the primary method for network authentication on the

21 CFR 11.300 - Controls for identification codes/passwords.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 1 2012-04-01 2012-04-01 false Controls for identification codes/passwords. 11.300 Section 11.300 Food and Drugs FOOD AND DRUG ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN SERVICES GENERAL ELECTRONIC RECORDS; ELECTRONIC SIGNATURES Electronic Signatures § 11.300 Controls for...

The Costs and Benefits of Testing and Guessing on Recognition Memory

ERIC Educational Resources Information Center

Huff, Mark J.; Balota, David A.; Hutchison, Keith A.

2016-01-01

We examined whether 2 types of interpolated tasks (i.e., retrieval-practice via free recall or guessing a missing critical item) improved final recognition for related and unrelated word lists relative to restudying or completing a filler task. Both retrieval-practice and guessing tasks improved correct recognition relative to restudy and filler…

Children's and Adults' Judgments of the Certainty of Deductive Inferences, Inductive Inferences, and Guesses

ERIC Educational Resources Information Center

Pillow, Bradford H.; Pearson, RaeAnne M.; Hecht, Mary; Bremer, Amanda

2010-01-01

Children and adults rated their own certainty following inductive inferences, deductive inferences, and guesses. Beginning in kindergarten, participants rated deductions as more certain than weak inductions or guesses. Deductions were rated as more certain than strong inductions beginning in Grade 3, and fourth-grade children and adults…

Extracting forensic evidence from biometric devices

NASA Astrophysics Data System (ADS)

Geradts, Zeno J.; Ruifrok, Arnout C.

2003-08-01

Over the past few years, both large multinationals and governments have begun to contribute to even larger projects on biometric devices. Terrorist attacks in America and in other countries have highlighted the need for better identification systems for people as well as improved systems for controlling access to buildings. Another reason for investment in Research and Development in Biometric Devices, is the massive growth in internet-based systems -- whether for e-commerce, e-government or internal processes within organizations. The interface between the system and the user is routinely abused, as people have to remember many complex passwords and handle tokens of various types. In this paper an overview is given of the information that is important to know before an examination of such is systems can be done in a forensic proper way. In forensic evidence with biometric devices the forensic examiner should consider the possibilities of tampering with the biometric systems or the possibilities of unauthorized access before drawing conclusions.

Addressing the vulnerabilities of pass-thoughts

NASA Astrophysics Data System (ADS)

Fernandez, Gabriel C.; Danko, Amanda S.

2016-05-01

As biometrics become increasingly pervasive, consumer electronics are reaping the benefits of improved authentication methods. Leveraging the physical characteristics of a user reduces the burden of setting and remembering complex passwords, while enabling stronger security. Multi-factor systems lend further credence to this model, increasing security via multiple passive data points. In recent years, brainwaves have been shown to be another feasible source for biometric authentication. Physically unique to an individual in certain circumstances, the signals can also be changed by the user at will, making them more robust than static physical characteristics. No paradigm is impervious however, and even well-established medical technologies have deficiencies. In this work, a system for biometric authentication via brainwaves is constructed with electroencephalography (EEG). The efficacy of EEG biometrics via existing consumer electronics is evaluated, and vulnerabilities of such a system are enumerated. Impersonation attacks are performed to expose the extent to which the system is vulnerable. Finally, a multimodal system combining EEG with additional factors is recommended and outlined.

Security analysis and enhanced user authentication in proxy mobile IPv6 networks

PubMed Central

Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick

2017-01-01

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key. PMID:28719621

Research and Design of Rootkit Detection Method

NASA Astrophysics Data System (ADS)

Liu, Leian; Yin, Zuanxing; Shen, Yuli; Lin, Haitao; Wang, Hongjiang

Rootkit is one of the most important issues of network communication systems, which is related to the security and privacy of Internet users. Because of the existence of the back door of the operating system, a hacker can use rootkit to attack and invade other people's computers and thus he can capture passwords and message traffic to and from these computers easily. With the development of the rootkit technology, its applications are more and more extensive and it becomes increasingly difficult to detect it. In addition, for various reasons such as trade secrets, being difficult to be developed, and so on, the rootkit detection technology information and effective tools are still relatively scarce. In this paper, based on the in-depth analysis of the rootkit detection technology, a new kind of the rootkit detection structure is designed and a new method (software), X-Anti, is proposed. Test results show that software designed based on structure proposed is much more efficient than any other rootkit detection software.

Method for guessing the response of a physical system to an arbitrary input

DOEpatents

Wolpert, David H.

1996-01-01

Stacked generalization is used to minimize the generalization errors of one or more generalizers acting on a known set of input values and output values representing a physical manifestation and a transformation of that manifestation, e.g., hand-written characters to ASCII characters, spoken speech to computer command, etc. Stacked generalization acts to deduce the biases of the generalizer(s) with respect to a known learning set and then correct for those biases. This deduction proceeds by generalizing in a second space whose inputs are the guesses of the original generalizers when taught with part of the learning set and trying to guess the rest of it, and whose output is the correct guess. Stacked generalization can be used to combine multiple generalizers or to provide a correction to a guess from a single generalizer.

The dynamics of fidelity over the time course of long-term memory.

PubMed

Persaud, Kimele; Hemmer, Pernille

2016-08-01

Bayesian models of cognition assume that prior knowledge about the world influences judgments. Recent approaches have suggested that the loss of fidelity from working to long-term (LT) memory is simply due to an increased rate of guessing (e.g. Brady, Konkle, Gill, Oliva, & Alvarez, 2013). That is, recall is the result of either remembering (with some noise) or guessing. This stands in contrast to Bayesian models of cognition while assume that prior knowledge about the world influences judgments, and that recall is a combination of expectations learned from the environment and noisy memory representations. Here, we evaluate the time course of fidelity in LT episodic memory, and the relative contribution of prior category knowledge and guessing, using a continuous recall paradigm. At an aggregate level, performance reflects a high rate of guessing. However, when aggregate data is partitioned by lag (i.e., the number of presentations from study to test), or is un-aggregated, performance appears to be more complex than just remembering with some noise and guessing. We implemented three models: the standard remember-guess model, a three-component remember-guess model, and a Bayesian mixture model and evaluated these models against the data. The results emphasize the importance of taking into account the influence of prior category knowledge on memory. Copyright © 2016 Elsevier Inc. All rights reserved.

Correction for Guessing in the Framework of the 3PL Item Response Theory

ERIC Educational Resources Information Center

Chiu, Ting-Wei

2010-01-01

Guessing behavior is an important topic with regard to assessing proficiency on multiple choice tests, particularly for examinees at lower levels of proficiency due to greater the potential for systematic error or bias which that inflates observed test scores. Methods that incorporate a correction for guessing on high-stakes tests generally rely…

Children's Understanding of the Words "Know" and "Guess."

ERIC Educational Resources Information Center

Miscione, John L.; And Others

This study investigated preschool children's understanding of the words "know" and "guess." Subjects for the study were 48 male and female preschool children ranging in age from 3.6 to 6.6 years. The children were divided into three age groups representing one year intervals. The task for the study involved a "guessing" game in which a colored…

Children's Evaluation of the Certainty of Another Person's Inductive Inferences and Guesses

ERIC Educational Resources Information Center

Pillow, Bradford H.; Pearson, RaeAnne M.

2012-01-01

In three studies, 5-10-year-old children and an adult comparison group judged another's certainty in making inductive inferences and guesses. Participants observed a puppet make strong inductions, weak inductions, and guesses. Participants either had no information about the correctness of the puppet's conclusion, knew that the puppet was correct,…

IRT Models for Ability-Based Guessing

ERIC Educational Resources Information Center

Martin, Ernesto San; del Pino, Guido; De Boeck, Paul

2006-01-01

An ability-based guessing model is formulated and applied to several data sets regarding educational tests in language and in mathematics. The formulation of the model is such that the probability of a correct guess does not only depend on the item but also on the ability of the individual, weighted with a general discrimination parameter. By so…

Alternative Fuels Data Center: Plug-In Electric Vehicle Readiness Scorecard

Science.gov Websites

track progress toward PEV readiness. Get started evaluating your community. Create Account Log in to your account. Email Password Forgot your password? LOG IN Public reporting burden for this collection of information is estimated to average (20.5 hours) per response, including the time for reviewing

A Comparison of Password Techniques for Multilevel Authentication Mechanisms

DTIC Science & Technology

1990-06-01

an individual user’s perceptions, personal interests and personal history . This information is unique to the individual and is neither commonly...a user may associative passwords profile around the Beatles . In this case, cues may include "abbey", "john", "yellow" and "george" and have responses

General Framework for Evaluating Password Complexity and Strength

DTIC Science & Technology

2015-11-15

stronger password requirements: User attitudes and behaviors,” in Pro- ceedings of the Sixth Symposium on Usable Privacy and Security, ser. SOUPS ’10. New...Proceedings of the Eighth Symposium on Usable Privacy and Security, ser. SOUPS ’12. New York, NY, USA: ACM, 2012, pp. 1–20. [22] P. Kelley, S. Komanduri

Improved initial guess with semi-subpixel level accuracy in digital image correlation by feature-based method

NASA Astrophysics Data System (ADS)

Zhang, Yunlu; Yan, Lei; Liou, Frank

2018-05-01

The quality initial guess of deformation parameters in digital image correlation (DIC) has a serious impact on convergence, robustness, and efficiency of the following subpixel level searching stage. In this work, an improved feature-based initial guess (FB-IG) scheme is presented to provide initial guess for points of interest (POIs) inside a large region. Oriented FAST and Rotated BRIEF (ORB) features are semi-uniformly extracted from the region of interest (ROI) and matched to provide initial deformation information. False matched pairs are eliminated by the novel feature guided Gaussian mixture model (FG-GMM) point set registration algorithm, and nonuniform deformation parameters of the versatile reproducing kernel Hilbert space (RKHS) function are calculated simultaneously. Validations on simulated images and real-world mini tensile test verify that this scheme can robustly and accurately compute initial guesses with semi-subpixel level accuracy in cases with small or large translation, deformation, or rotation.

Understanding inference as a source of knowledge: children's ability to evaluate the certainty of deduction, perception, and guessing.

PubMed

Pillow, B H; Hill, V; Boyce, A; Stein, C

2000-03-01

Three experiments investigated children's understanding of inference as a source of knowledge. Children observed a puppet make a statement about the color of one of two hidden toys after the puppet (a) looked directly at the toy (looking), (b) looked at the other toy (inference), or (c) looked at neither toy (guessing). Most 4-, 5-, and 6-year-olds did not rate the puppet as being more certain of the toy's color after the puppet looked directly at it or inferred its color than they did after the puppet guessed its color. Most 8 and 9-year-olds distinguished inference and looking from guessing. The tendency to explain the puppet's knowledge by referring to inference increased with age. Children who referred to inference in their explanations were more likely to judge deductive inference as more certain than guessing.

Symmetric weak ternary quantum homomorphic encryption schemes

NASA Astrophysics Data System (ADS)

Wang, Yuqi; She, Kun; Luo, Qingbin; Yang, Fan; Zhao, Chao

2016-03-01

Based on a ternary quantum logic circuit, four symmetric weak ternary quantum homomorphic encryption (QHE) schemes were proposed. First, for a one-qutrit rotation gate, a QHE scheme was constructed. Second, in view of the synthesis of a general 3 × 3 unitary transformation, another one-qutrit QHE scheme was proposed. Third, according to the one-qutrit scheme, the two-qutrit QHE scheme about generalized controlled X (GCX(m,n)) gate was constructed and further generalized to the n-qutrit unitary matrix case. Finally, the security of these schemes was analyzed in two respects. It can be concluded that the attacker can correctly guess the encryption key with a maximum probability pk = 1/33n, thus it can better protect the privacy of users’ data. Moreover, these schemes can be well integrated into the future quantum remote server architecture, and thus the computational security of the users’ private quantum information can be well protected in a distributed computing environment.

Min-entropy uncertainty relation for finite-size cryptography

NASA Astrophysics Data System (ADS)

Ng, Nelly Huei Ying; Berta, Mario; Wehner, Stephanie

2012-10-01

Apart from their foundational significance, entropic uncertainty relations play a central role in proving the security of quantum cryptographic protocols. Of particular interest are therefore relations in terms of the smooth min-entropy for Bennett-Brassard 1984 (BB84) and six-state encodings. The smooth min-entropy Hminɛ(X/B) quantifies the negative logarithm of the probability for an attacker B to guess X, except with a small failure probability ɛ. Previously, strong uncertainty relations were obtained which are valid in the limit of large block lengths. Here, we prove an alternative uncertainty relation in terms of the smooth min-entropy that is only marginally less strong but has the crucial property that it can be applied to rather small block lengths. This paves the way for a practical implementation of many cryptographic protocols. As part of our proof we show tight uncertainty relations for a family of Rényi entropies that may be of independent interest.

Benford’s Law: Textbook Exercises and Multiple-Choice Testbanks

PubMed Central

Slepkov, Aaron D.; Ironside, Kevin B.; DiBattista, David

2015-01-01

Benford’s Law describes the finding that the distribution of leading (or leftmost) digits of innumerable datasets follows a well-defined logarithmic trend, rather than an intuitive uniformity. In practice this means that the most common leading digit is 1, with an expected frequency of 30.1%, and the least common is 9, with an expected frequency of 4.6%. Currently, the most common application of Benford’s Law is in detecting number invention and tampering such as found in accounting-, tax-, and voter-fraud. We demonstrate that answers to end-of-chapter exercises in physics and chemistry textbooks conform to Benford’s Law. Subsequently, we investigate whether this fact can be used to gain advantage over random guessing in multiple-choice tests, and find that while testbank answers in introductory physics closely conform to Benford’s Law, the testbank is nonetheless secure against such a Benford’s attack for banal reasons. PMID:25689468

Benford's Law: textbook exercises and multiple-choice testbanks.

PubMed

Slepkov, Aaron D; Ironside, Kevin B; DiBattista, David

2015-01-01

Benford's Law describes the finding that the distribution of leading (or leftmost) digits of innumerable datasets follows a well-defined logarithmic trend, rather than an intuitive uniformity. In practice this means that the most common leading digit is 1, with an expected frequency of 30.1%, and the least common is 9, with an expected frequency of 4.6%. Currently, the most common application of Benford's Law is in detecting number invention and tampering such as found in accounting-, tax-, and voter-fraud. We demonstrate that answers to end-of-chapter exercises in physics and chemistry textbooks conform to Benford's Law. Subsequently, we investigate whether this fact can be used to gain advantage over random guessing in multiple-choice tests, and find that while testbank answers in introductory physics closely conform to Benford's Law, the testbank is nonetheless secure against such a Benford's attack for banal reasons.

Computerized Classification Testing under the One-Parameter Logistic Response Model with Ability-Based Guessing

ERIC Educational Resources Information Center

Wang, Wen-Chung; Huang, Sheng-Yun

2011-01-01

The one-parameter logistic model with ability-based guessing (1PL-AG) has been recently developed to account for effect of ability on guessing behavior in multiple-choice items. In this study, the authors developed algorithms for computerized classification testing under the 1PL-AG and conducted a series of simulations to evaluate their…

Getting Lucky: How Guessing Threatens the Validity of Performance Classifications

ERIC Educational Resources Information Center

Foley, Brett P.

2016-01-01

There is always a chance that examinees will answer multiple choice (MC) items correctly by guessing. Design choices in some modern exams have created situations where guessing at random through the full exam--rather than only for a subset of items where the examinee does not know the answer--can be an effective strategy to pass the exam. This…

An age-related attentuation of selectivity of choice in a modified guessing task.

PubMed

Sanford, A J; Jack, E; Maule, A J

1977-01-01

Previous research has shown that older Ss tend to be less selective in multi-source monitoring tasks in that they do not observe the more likely source of information as frequently as do the young. On the other hand, it has also been found that in a simple guessing-game or probability matching task older Ss are no different in their patterns of prediction. An experiment is described below in which old and young Ss take part in a simple quessing-game task where uncertainty as to the success of a guess is made artificially high by the introduction of a proportion of trials on which the stimulus event occurring could not be guessed. Under these conditions old Ss were less selective in their responses. It is suggested that the results support a view that older Ss are less selective at high levels of uncertainty in the likelihood of a guess being the correct one, and that the result is consistent with both types of earlier results, goes part-way towards clarifying the differences, and provides a further example of a situation in which attenuated guessing-selectivity is associated with age.

Denoising forced-choice detection data.

PubMed

García-Pérez, Miguel A

2010-02-01

Observers in a two-alternative forced-choice (2AFC) detection task face the need to produce a response at random (a guess) on trials in which neither presentation appeared to display a stimulus. Observers could alternatively be instructed to use a 'guess' key on those trials, a key that would produce a random guess and would also record the resultant correct or wrong response as emanating from a computer-generated guess. A simulation study shows that 'denoising' 2AFC data with information regarding which responses are a result of guesses yields estimates of detection threshold and spread of the psychometric function that are far more precise than those obtained in the absence of this information, and parallel the precision of estimates obtained with yes-no tasks running for the same number of trials. Simulations also show that partial compliance with the instructions to use the 'guess' key reduces the quality of the estimates, which nevertheless continue to be more precise than those obtained from conventional 2AFC data if the observers are still moderately compliant. An empirical study testing the validity of simulation results showed that denoised 2AFC estimates of spread were clearly superior to conventional 2AFC estimates and similar to yes-no estimates, but variations in threshold across observers and across sessions hid the benefits of denoising for threshold estimation. The empirical study also proved the feasibility of using a 'guess' key in addition to the conventional response keys defined in 2AFC tasks.

17 CFR 269.7 - Form ID, uniform application for access codes to file on EDGAR.

Code of Federal Regulations, 2010 CFR

2010-04-01

... on to the EDGAR system, submit filings, and change its CCC. (d) Password Modification Authorization Code (PMAC)—allows a filer, filing agent or training agent to change its Password. [69 FR 22710, Apr... Sections Affected, which appears in the Finding Aids section of the printed volume and on GPO Access. ...

17 CFR 249.446 - Form ID, uniform application for access codes to file on EDGAR.

Code of Federal Regulations, 2010 CFR

2010-04-01

... log on to the EDGAR system, submit filings, and change its CCC. (d) Password Modification Authorization Code (PMAC)—allows a filer, filing agent or training agent to change its Password. [69 FR 22710... Sections Affected, which appears in the Finding Aids section of the printed volume and on GPO Access. ...

Multiple-Choice Exams and Guessing: Results from a One-Year Study of General Chemistry Tests Designed to Discourage Guessing

ERIC Educational Resources Information Center

Campbell, Mark L.

2015-01-01

Multiple-choice exams, while widely used, are necessarily imprecise due to the contribution of the final student score due to guessing. This past year at the United States Naval Academy the construction and grading scheme for the department-wide general chemistry multiple-choice exams were revised with the goal of decreasing the contribution of…

The ironic effect of guessing: increased false memory for mediated lists in younger and older adults

PubMed Central

Coane, Jennifer H.; Huff, Mark J.; Hutchison, Keith A.

2016-01-01

Younger and older adults studied lists of words directly (e.g., creek, water) or indirectly (e.g., beaver, faucet) related to a nonpresented critical lure (CL; e.g., river). Indirect (i.e., mediated) lists presented items that were only related to CLs through nonpresented mediators (i.e., directly related items). Following study, participants completed a condition-specific task, math, a recall test with or without a warning about the CL, or tried to guess the CL. On a final recognition test, warnings (vs. math and recall without warning) decreased false recognition for direct lists, and guessing increased mediated false recognition (an ironic effect of guessing) in both age groups. The observed age-invariance of the ironic effect of guessing suggests that processes involved in mediated false memory are preserved in aging and confirms the effect is largely due to activation in semantic networks during encoding and to the strengthening of these networks during the interpolated tasks. PMID:26393390

The ironic effect of guessing: increased false memory for mediated lists in younger and older adults.

PubMed

Coane, Jennifer H; Huff, Mark J; Hutchison, Keith A

2016-01-01

Younger and older adults studied lists of words directly (e.g., creek, water) or indirectly (e.g., beaver, faucet) related to a nonpresented critical lure (CL; e.g., river). Indirect (i.e., mediated) lists presented items that were only related to CLs through nonpresented mediators (i.e., directly related items). Following study, participants completed a condition-specific task, math, a recall test with or without a warning about the CL, or tried to guess the CL. On a final recognition test, warnings (vs. math and recall without warning) decreased false recognition for direct lists, and guessing increased mediated false recognition (an ironic effect of guessing) in both age groups. The observed age-invariance of the ironic effect of guessing suggests that processes involved in mediated false memory are preserved in aging and confirms the effect is largely due to activation in semantic networks during encoding and to the strengthening of these networks during the interpolated tasks.

46 CFR Appendix A to Part 530 - Instructions for the Filing of Service Contracts

Code of Federal Regulations, 2011 CFR

2011-10-01

... file service contracts. BTCL will direct OIRM to provide approved filers with a log-on ID and password. Filers who wish a third party (publisher) to file their service contracts must so indicate on Form FMC-83... home page, http://www.fmc.gov. A. Registration, Log-on ID and Password To register for filing, a...

46 CFR Appendix A to Part 530 - Instructions for the Filing of Service Contracts

Code of Federal Regulations, 2010 CFR

2010-10-01

... file service contracts. BTCL will direct OIRM to provide approved filers with a log-on ID and password. Filers who wish a third party (publisher) to file their service contracts must so indicate on Form FMC-83... home page, http://www.fmc.gov. A. Registration, Log-on ID and Password To register for filing, a...

The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers

DTIC Science & Technology

2014-07-07

POST re- quest, LastPass will store h’ as authenticating Alice. Mallory can then use otp’ to log-in to LastPass us- ing otp’. Of course , decrypting the...everywhere. [36] M. Rochkind. Security, forms, and error handling. In Expert PHP and MySQL , pages 191–247. Springer, 2013. [37] D. Silver, S. Jana, E

17 CFR 249.446 - Form ID, uniform application for access codes to file on EDGAR.

Code of Federal Regulations, 2011 CFR

2011-04-01

... log on to the EDGAR system, submit filings, and change its CCC. (d) Password Modification Authorization Code (PMAC)—allows a filer, filing agent or training agent to change its Password. [69 FR 22710... Sections Affected, which appears in the Finding Aids section of the printed volume and at at www.fdsys.gov. ...

17 CFR 269.7 - Form ID, uniform application for access codes to file on EDGAR.

Code of Federal Regulations, 2011 CFR

2011-04-01

... on to the EDGAR system, submit filings, and change its CCC. (d) Password Modification Authorization Code (PMAC)—allows a filer, filing agent or training agent to change its Password. [69 FR 22710, Apr... Sections Affected, which appears in the Finding Aids section of the printed volume and at at www.fdsys.gov. ...

Apple OS X VPN Set Up | High-Performance Computing | NREL

Science.gov Websites

software using that conf file and your UserID Start the connection using your password plus the 6-digit OTP . Configure the Client Software Start the Endian Connect App (It should have installed into Applications in an password" link, and add your UserID. Start the app, and begin configuring the connection by clicking

Misinformation, partial knowledge and guessing in true/false tests.

PubMed

Burton, Richard F

2002-09-01

Examiners disagree on whether or not multiple choice and true/false tests should be negatively marked. Much of the debate has been clouded by neglect of the role of misinformation and by vagueness regarding both the specification of test types and "partial knowledge" in relation to guessing. Moreover, variations in risk-taking in the face of negative marking have too often been treated in absolute terms rather than in relation to the effect of guessing on test unreliability. This paper aims to clarify these points and to compare the ill-effects on test reliability of guessing and of variable risk-taking. Three published studies on medical students are examined. These compare responses in true/false tests obtained with both negative marking and number-right scoring. The studies yield data on misinformation and on the extent to which students may fail to benefit from distrusted partial knowledge when there is negative marking. A simple statistical model is used to compare variations in risk-taking with test unreliability due to blind guessing under number-right scoring conditions. Partial knowledge should be least problematic with independent true/false items. The effect on test reliability of blind guessing under number-right conditions is generally greater than that due to the over-cautiousness of some students when there is negative marking.

Keystroke Dynamics-Based Credential Hardening Systems

NASA Astrophysics Data System (ADS)

Bartlow, Nick; Cukic, Bojan

abstract Keystroke dynamics are becoming a well-known method for strengthening username- and password-based credential sets. The familiarity and ease of use of these traditional authentication schemes combined with the increased trustworthiness associated with biometrics makes them prime candidates for application in many web-based scenarios. Our keystroke dynamics system uses Breiman’s random forests algorithm to classify keystroke input sequences as genuine or imposter. The system is capable of operating at various points on a traditional ROC curve depending on application-specific security needs. As a username/password authentication scheme, our approach decreases the system penetration rate associated with compromised passwords up to 99.15%. Beyond presenting results demonstrating the credential hardening effect of our scheme, we look into the notion that a user’s familiarity to components of a credential set can non-trivially impact error rates.

Secure password-based authenticated key exchange for web services

DOE Office of Scientific and Technical Information (OSTI.GOV)

Liang, Fang; Meder, Samuel; Chevassut, Olivier

This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options inmore » the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.« less

Interception and modification of network authentication packets with the purpose of allowing alternative authentication modes

DOEpatents

Kent, Alexander Dale [Los Alamos, NM

2008-09-02

Methods and systems in a data/computer network for authenticating identifying data transmitted from a client to a server through use of a gateway interface system which are communicately coupled to each other are disclosed. An authentication packet transmitted from a client to a server of the data network is intercepted by the interface, wherein the authentication packet is encrypted with a one-time password for transmission from the client to the server. The one-time password associated with the authentication packet can be verified utilizing a one-time password token system. The authentication packet can then be modified for acceptance by the server, wherein the response packet generated by the server is thereafter intercepted, verified and modified for transmission back to the client in a similar but reverse process.

Towards understanding the guessing game: a dynamical systems’ perspective

NASA Astrophysics Data System (ADS)

Reimann, Stefan

2004-08-01

The so-called “Guessing Game” or α-Beauty Contest serves as a paradigmatic conceptual framework for competitive price formation on financial markets beyond traditional equilibrium finance. It highlights features that are reasonable to consider when dealing with price formation on real markets. Nonetheless this game is still poorly understood. We propose a model which is essentially based on two assumptions: (1) players consider intervals rather than exact numbers to cope with incomplete knowledge and (2) players iteratively update their recent guesses. It provides an explanation for typical patterns observed in real data, such as the strict positivity of outcomes in the 1-shot setting, the skew background distribution of guessed numbers, as well as the polynomial convergence towards the game-theoretic Nash equilibrium in the iterative setting.

From Legion to Avaki: The Persistence of Vision

DTIC Science & Technology

2006-01-01

person, but what component, is requesting an action. 5.3.1 Authentication Users authenticate themselves to a Legion grid with the login paradigm...password supplied during login is compared to the password in the state of the authentication object in order to permit or deny subsequent access to...In either case, the credential is protected by the security of the underlying operating system. Although login is the most commonly used method

Cybersecurity Education for Military Officers

DTIC Science & Technology

2017-12-01

lecture showed the math behind the possible combinations of passwords of different lengths, and made the recommendation to increase your password to...2. Math the system to the real world: Use of effective metaphors and real world language wherever possible. 3. User Control: Try to give the user...given any training on this topic outside of annual NKO courses. I was a math major for my undergraduate degree, so I have no computer science

Beyond Firewalls: Professional Certification Ensures Your Staff Will Understand Information Security in Its Proper Context

ERIC Educational Resources Information Center

Svetcov, Eric

2004-01-01

When it comes to security, many people do not know what they do not know. Consider for example, an administrator who leaves her password taped under her keyboard, or a teacher who doesn't change his password (ever!) or can't be bothered to log out or lock the computer, all the firewalls and antivirus programs in the world will not protect a…

A reliable user authentication and key agreement scheme for Web-based Hospital-acquired Infection Surveillance Information System.

PubMed

Wu, Zhen-Yu; Tseng, Yi-Ju; Chung, Yufang; Chen, Yee-Chun; Lai, Feipei

2012-08-01

With the rapid development of the Internet, both digitization and electronic orientation are required on various applications in the daily life. For hospital-acquired infection control, a Web-based Hospital-acquired Infection Surveillance System was implemented. Clinical data from different hospitals and systems were collected and analyzed. The hospital-acquired infection screening rules in this system utilized this information to detect different patterns of defined hospital-acquired infection. Moreover, these data were integrated into the user interface of a signal entry point to assist physicians and healthcare providers in making decisions. Based on Service-Oriented Architecture, web-service techniques which were suitable for integrating heterogeneous platforms, protocols, and applications, were used. In summary, this system simplifies the workflow of hospital infection control and improves the healthcare quality. However, it is probable for attackers to intercept the process of data transmission or access to the user interface. To tackle the illegal access and to prevent the information from being stolen during transmission over the insecure Internet, a password-based user authentication scheme is proposed for information integrity.

Guessing right for the next war: streamlining, pooling, and right-timing force design decisions for an environment of uncertainty

DTIC Science & Technology

2017-05-25

Guessing Right for the Next War: Streamlining, Pooling, and Right-Timing Force Design Decisions for an Environment of Uncertainty A...JUN 2016 – MAY 2017 4. TITLE AND SUBTITLE Guessing Right for the Next War: Streamlining, Pooling, and Right- Timing Force Design Decisions for an...committing to one force design solution to modern combat. The Army after World War II shied away from temporary organizational systems like these in

Determination of an Optimal Control Strategy for a Generic Surface Vehicle

DTIC Science & Technology

2014-06-18

paragraphs uses the numerical procedure in MATLAB’s BVP (bvp4c) algorithm using the continuation method. The goal is to find a solution to the set of...solution. Solving the BVP problem using bvp4c requires an initial guess for the solution. Note that the algorithm is very sensitive to the particular...form of the initial guess. The quality of the initial guess is paramount in convergence speed of the BVP algorithm and often determines if the

The neural encoding of guesses in the human brain.

PubMed

Bode, Stefan; Bogler, Carsten; Soon, Chun Siong; Haynes, John-Dylan

2012-01-16

Human perception depends heavily on the quality of sensory information. When objects are hard to see we often believe ourselves to be purely guessing. Here we investigated whether such guesses use brain networks involved in perceptual decision making or independent networks. We used a combination of fMRI and pattern classification to test how visibility affects the signals, which determine choices. We found that decisions regarding clearly visible objects are predicted by signals in sensory brain regions, whereas different regions in parietal cortex became predictive when subjects were shown invisible objects and believed themselves to be purely guessing. This parietal network was highly overlapping with regions, which have previously been shown to encode free decisions. Thus, the brain might use a dedicated network for determining choices when insufficient sensory information is available. Copyright © 2011 Elsevier Inc. All rights reserved.

Priming guesses on a forced-recall test.

PubMed

Gibson, Janet M; Meade, Michelle L

2004-07-01

The forced-recall paradigm requires participants to fill all spaces on the memory test even if they cannot remember all the list words. In the present study, the authors used that paradigm to examine the influence of implicit memory on guessing--when participants fill remaining spaces after they cannot remember list items. They measured explicit memory as the percentage of targets that participants designated as remembered from the list and implicit memory as the percentage of targets they wrote but did not designate as remembered (beyond chance level). The authors examined implicit memory on guessing with forced recall (Experiment 1), forced cued recall with younger and older adults (Experiment 2), and forced free and cued recall under a depth-of-processing manipulation (Experiment 3). They conclude that implicit memory influences guesses of targets in the forced-recall paradigm.

System Connection via SSH Gateway | High-Performance Computing | NREL

Science.gov Websites

;@peregrine.hpc.nrel.gov First time logging in? If this is the first time you've logged in with your new account, you will password. You will be prompted to enter it a second time, then you will be logged off. Just reconnect with your HPC password at any time, you can simply use the passwd command. Remote Users If you're connecting

One Time Passwords in Everything (OPIE): Experiences with Building and Using Stringer Authentication

DTIC Science & Technology

1995-01-01

opiepasswd(1). The name change brings it more in line with its UNIX counterpart passwd (1), which should make both programs easier to remember for users. This...char * passwd ) int opiehash(char *x, unsigned algorithm) The one-time password schemes implemented in OPIE, as rst described in [Hal94], compute a...seed, passwd ); while (sequence-- != 0) opiehash(result, algorithm); opiebtoe(result,words); Send words. : : : 6 Deployment Every machine that has

Design and implementation of face recognition system based on Windows

NASA Astrophysics Data System (ADS)

Zhang, Min; Liu, Ting; Li, Ailan

2015-07-01

In view of the basic Windows login password input way lacking of safety and convenient operation, we will introduce the biometrics technology, face recognition, into the computer to login system. Not only can it encrypt the computer system, also according to the level to identify administrators at all levels. With the enhancement of the system security, user input can neither be a cumbersome nor worry about being stolen password confidential.

Random multispace quantization as an analytic mechanism for BioHashing of biometric and random identity inputs.

PubMed

Teoh, Andrew B J; Goh, Alwyn; Ngo, David C L

2006-12-01

Biometric analysis for identity verification is becoming a widespread reality. Such implementations necessitate large-scale capture and storage of biometric data, which raises serious issues in terms of data privacy and (if such data is compromised) identity theft. These problems stem from the essential permanence of biometric data, which (unlike secret passwords or physical tokens) cannot be refreshed or reissued if compromised. Our previously presented biometric-hash framework prescribes the integration of external (password or token-derived) randomness with user-specific biometrics, resulting in bitstring outputs with security characteristics (i.e., noninvertibility) comparable to cryptographic ciphers or hashes. The resultant BioHashes are hence cancellable, i.e., straightforwardly revoked and reissued (via refreshed password or reissued token) if compromised. BioHashing furthermore enhances recognition effectiveness, which is explained in this paper as arising from the Random Multispace Quantization (RMQ) of biometric and external random inputs.

Incorrect predictions reduce switch costs.

PubMed

Kleinsorge, Thomas; Scheil, Juliane

2015-07-01

In three experiments, we combined two sources of conflict within a modified task-switching procedure. The first source of conflict was the one inherent in any task switching situation, namely the conflict between a task set activated by the recent performance of another task and the task set needed to perform the actually relevant task. The second source of conflict was induced by requiring participants to guess aspects of the upcoming task (Exps. 1 & 2: task identity; Exp. 3: position of task precue). In case of an incorrect guess, a conflict accrues between the representation of the guessed task and the actually relevant task. In Experiments 1 and 2, incorrect guesses led to an overall increase of reaction times and error rates, but they reduced task switch costs compared to conditions in which participants predicted the correct task. In Experiment 3, incorrect guesses resulted in faster performance overall and to a selective decrease of reaction times in task switch trials when the cue-target interval was long. We interpret these findings in terms of an enhanced level of controlled processing induced by a combination of two sources of conflict converging upon the same target of cognitive control. Copyright © 2015 Elsevier B.V. All rights reserved.

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

DTIC Science & Technology

2007-01-15

it can detect specifically proscribed content changes to critical files (e.g., illegal shells inserted into /etc/ passwd ). Fourth, it can detect the...UNIX password management involves a pair of inter-related files (/etc/ passwd and /etc/shadow). The corresponding access patterns seen at the storage...content integrity verification is utilized. As a concrete example, consider a UNIX system password file (/etc/ passwd ), which consists of a set of well

Implementing an Intrusion Detection System in the Mysea Architecture

DTIC Science & Technology

2008-06-01

password for each user passwd <username> then follow the prompts 2. PostgreSQL 7.4.18 Installation Perform the following steps as root: 1. Copy...password changed Repeat for user snort. exit After making the groups and users the group and passwd file needs to be updated. Set security and...untrusted/bin/xtsmkgroup > /etc/group chmod 644 /etc/group /xts/untrusted/bin/xtsmkpasswd > /etc/ passwd chmod 644 /etc/ passwd 3. PostgreSQL 7.4.18

Children's Developing Understanding of Mental Verbs: Remember, Know, and Guess.

ERIC Educational Resources Information Center

Johnson, Carl Nils; Wellman, Henry M.

1980-01-01

Preschoolers interpreted mental verbs with respect to their mental state in contrast to external state. These children were nontheless ignorant of definitive distinctions between the mental verbs, completely confusing cases of remembering, knowing, and guessing. (Author/RH)

Privacy Enhancements for Inexact Biometric Templates

NASA Astrophysics Data System (ADS)

Ratha, Nalini; Chikkerur, Sharat; Connell, Jonathan; Bolle, Ruud

Traditional authentication schemes utilize tokens or depend on some secret knowledge possessed by the user for verifying his or her identity. Although these techniques are widely used, they have several limitations. Both tokenand knowledge-based approaches cannot differentiate between an authorized user and an impersonator having access to the tokens or passwords. Biometrics-based authentication schemes overcome these limitations while offering usability advantages in the area of password management. However, despite its obvious advantages, the use of biometrics raises several security and privacy concerns.

Research Using In Vivo Simulation of Meta-Organizational Shared Decision Making (SDM). Task 3: Testing the Shared Decision Making Framework in Vivo

DTIC Science & Technology

2011-12-01

developed to address the two main research questions (see Annex A). Exact wording of the questions varied during interviews to accommodate the...centre at DMS 3rd floor. All electronic files (including digital audio and video recordings) with participant data are being encrypted and password...locked filing cabinet at the University of Ottawa. Electronic files will remain encrypted, password protected and stored on a server to which only the

The fast encryption package

NASA Technical Reports Server (NTRS)

Bishop, Matt

1988-01-01

The organization of some tools to help improve passwork security at a UNIX-based site is described along with how to install and use them. These tools and their associated library enable a site to force users to pick reasonably safe passwords (safe being site configurable) and to enable site management to try to crack existing passworks. The library contains various versions of a very fast implementation of the Data Encryption Standard and of the one-way encryption functions used to encryp the password.

The role of guessing and boundaries on date estimation biases.

PubMed

Lee, Peter James; Brown, Norman R

2004-08-01

This study investigates the causes of event-dating biases. Two hundred participants provided knowledge ratings and date estimates for 64 news events. Four independent groups dated the same events under different boundary constraints. Analysis across all responses showed that forward telescoping decreased with boundary age, concurring with the boundary-effects model. With guesses removed from the data set, backward telescoping was greatly reduced, but forward telescoping was unaffected by boundaries. This dissociation indicates that multiple factors (e.g., guessing and reconstructive strategies) are responsible for different dating biases and argue against a boundary explanation of forward telescoping.

Target-present guessing as a function of target prevalence and accumulated information in visual search.

PubMed

Peltier, Chad; Becker, Mark W

2017-05-01

Target prevalence influences visual search behavior. At low target prevalence, miss rates are high and false alarms are low, while the opposite is true at high prevalence. Several models of search aim to describe search behavior, one of which has been specifically intended to model search at varying prevalence levels. The multiple decision model (Wolfe & Van Wert, Current Biology, 20(2), 121--124, 2010) posits that all searches that end before the observer detects a target result in a target-absent response. However, researchers have found very high false alarms in high-prevalence searches, suggesting that prevalence rates may be used as a source of information to make "educated guesses" after search termination. Here, we further examine the ability for prevalence level and knowledge gained during visual search to influence guessing rates. We manipulate target prevalence and the amount of information that an observer accumulates about a search display prior to making a response to test if these sources of evidence are used to inform target present guess rates. We find that observers use both information about target prevalence rates and information about the proportion of the array inspected prior to making a response allowing them to make an informed and statistically driven guess about the target's presence.

Using patients' narratives to reveal gender stereotypes among medical students.

PubMed

Andersson, Jenny; Salander, Pär; Hamberg, Katarina

2013-07-01

Gender bias exists in patient treatment, and, like most people, health care providers harbor gender stereotypes. In this study, the authors examined the gender stereotypes that medical students hold about patients. In 2005, in Umeå, Sweden, the authors collected 81 narratives written by patients who had undergone cancer treatment; all information that might reveal the patients' gender was removed from the texts. Eighty-seven medical students read 40 or 41 narratives each, guessed the patient's gender, and explained their guess. The authors analyzed the students' explanations qualitatively and quantitatively to reveal the students' gender stereotypes and to determine whether those stereotypes had any predictive value for correctly guessing a patient's gender. The students' explanations contained 21 categories of justifications, 12 of which were significantly associated with the students guessing one gender or the other. Only three categories successfully predicted a correct identification of gender; two categories were more often associated with incorrect guesses. Medical students enter their training program with culturally shared stereotypes about male and female patients that could cause bias during their future careers as physicians. To prevent this, medical curricula must address gender stereotypes and their possible consequences. The impact of implicit stereotypes must be included in discussions about gender bias in health care.

Immediate Feedback Assessment Technique in a Chemistry Classroom

NASA Astrophysics Data System (ADS)

Taylor, Kate R.

The Immediate Feedback Assessment Technique, or IFAT, is a new testing system that turns a student's traditional multiple-choice testing into a chance for hands-on learning; and provides teachers with an opportunity to obtain more information about a student's knowledge during testing. In the current study we wanted to know if: When students are given the second-chance afforded by the IFAT system, are they guessing or using prior knowledge when making their second chance choice. Additionally, while there has been some adaptation of this testing system in non-science disciplines, we wanted to study if the IFAT-system would be well- received among faculty in the sciences, more specifically chemistry faculty. By comparing the students rate of success on second-chance afforded by the IFAT-system versus the statistical likelihood of guessing correctly, statistical analysis was used to determine if we observed enough students earning the second-chance points to reject the likelihood that students were randomly guessing. Our data analysis revealed that is statistically highly unlikely that students were only guessing when the IFAT system was utilized. (It is important to note that while we can find that students are getting the answer correct at a much higher rate than random guessing we can never truly know if every student is using thought or not.).

Electronic patient data confidentiality practices among surgical trainees: questionnaire study.

PubMed

Mole, Damian J; Fox, Colin; Napolitano, Giulio

2006-10-01

The objective of this work was to evaluate the safeguards implemented by surgical trainees to protect the confidentiality of electronic patient data through a structured questionnaire sent to Northern Ireland surgical trainees. A group of 32 basic and higher surgical trainees attending a meeting of the Northern Ireland Association of Surgeons-in-Training were invited to complete a questionnaire regarding their computer use, UK Data Protection Act, 1988 registration and electronic data confidentiality practices. Of these 32 trainees, 29 returned completed questionnaires of whom 26 trainees regularly stored sensitive patient data for audit or research purposes on a computer. Only one person was registered under the Data Protection Act, 1988. Of the computers used to store and analyse sensitive data, only 3 of 14 desktops, 8 of 19 laptops and 3 of 14 hand-held computers forced a password logon. Of the 29 trainees, 16 used the same password for all machines, and 25 of 27 passwords were less than 8 characters long. Two respondents declined to reveal details of their secure passwords. Half of all trainees had never adjusted their internet security settings, despite all 14 desktops, 16 of 19 laptops and 5 of 14 hand-helds being routinely connected to the internet. Of the 29 trainees, 28 never encrypted their sensitive data files. Ten trainees had sent unencrypted sensitive patient data over the internet, using a non-secure server. Electronic data confidentiality practices amongst Northern Ireland surgical trainees are unsafe. Simple practical measures to safeguard confidentiality are recommended.

Guessing imagined and live chance events: adults behave like children with live events.

PubMed

Robinson, E J; Pendle, J E C; Rowley, M G; Beck, S R; McColgan, K L T

2009-11-01

An established finding is that adults prefer to guess before rather than after a chance event has happened. This is interpreted in terms of aversion to guessing when relatively incompetent: After throwing, the fall could be known. Adults (N=71, mean age 18;11, N=28, mean age 48;0) showed this preference with imagined die-throwing as in the published studies. With live die-throwing, children (N=64, aged 6 and 8 years; N=50, aged 5 and 6 years) and 15-year-olds (N=93, 46) showed the opposite preference, as did 17 adults. Seventeen-year-olds (N=82) were more likely to prefer to guess after throwing with live rather than imagined die-throwing. Reliance on imagined situations in the literature on decision-making under uncertainty ignores the possibility that adults imagine inaccurately how they would really feel: After a real die has been thrown, adults, like children, may feel there is less ambiguity about the outcome.

Implicit recognition based on lateralized perceptual fluency.

PubMed

Vargas, Iliana M; Voss, Joel L; Paller, Ken A

2012-02-06

In some circumstances, accurate recognition of repeated images in an explicit memory test is driven by implicit memory. We propose that this "implicit recognition" results from perceptual fluency that influences responding without awareness of memory retrieval. Here we examined whether recognition would vary if images appeared in the same or different visual hemifield during learning and testing. Kaleidoscope images were briefly presented left or right of fixation during divided-attention encoding. Presentation in the same visual hemifield at test produced higher recognition accuracy than presentation in the opposite visual hemifield, but only for guess responses. These correct guesses likely reflect a contribution from implicit recognition, given that when the stimulated visual hemifield was the same at study and test, recognition accuracy was higher for guess responses than for responses with any level of confidence. The dramatic difference in guessing accuracy as a function of lateralized perceptual overlap between study and test suggests that implicit recognition arises from memory storage in visual cortical networks that mediate repetition-induced fluency increments.

Integration of social information by human groups

PubMed Central

Granovskiy, Boris; Gold, Jason M.; Sumpter, David; Goldstone, Robert L.

2015-01-01

We consider a situation in which individuals search for accurate decisions without direct feedback on their accuracy but with information about the decisions made by peers in their group. The “wisdom of crowds” hypothesis states that the average judgment of many individuals can give a good estimate of, for example, the outcomes of sporting events and the answers to trivia questions. Two conditions for the application of wisdom of crowds are that estimates should be independent and unbiased. Here, we study how individuals integrate social information when answering trivia questions with answers that range between 0 and 100% (e.g., ‘What percentage of Americans are left-handed?’). We find that, consistent with the wisdom of crowds hypothesis, average performance improves with group size. However, individuals show a consistent bias to produce estimates that are insufficiently extreme. We find that social information provides significant, albeit small, improvement to group performance. Outliers with answers far from the correct answer move towards the position of the group mean. Given that these outliers also tend to be nearer to 50% than do the answers of other group members, this move creates group polarization away from 50%. By looking at individual performance over different questions we find that some people are more likely to be affected by social influence than others. There is also evidence that people differ in their competence in answering questions, but lack of competence is not significantly correlated with willingness to change guesses. We develop a mathematical model based on these results that postulates a cognitive process in which people first decide whether to take into account peer guesses, and if so, to move in the direction of these guesses. The size of the move is proportional to the distance between their own guess and the average guess of the group. This model closely approximates the distribution of guess movements and shows how outlying incorrect opinions can be systematically removed from a group resulting, in some situations, in improved group performance. However, improvement is only predicted for cases in which the initial guesses of individuals in the group are biased. PMID:26189568

Integration of Social Information by Human Groups.

PubMed

Granovskiy, Boris; Gold, Jason M; Sumpter, David J T; Goldstone, Robert L

2015-07-01

We consider a situation in which individuals search for accurate decisions without direct feedback on their accuracy, but with information about the decisions made by peers in their group. The "wisdom of crowds" hypothesis states that the average judgment of many individuals can give a good estimate of, for example, the outcomes of sporting events and the answers to trivia questions. Two conditions for the application of wisdom of crowds are that estimates should be independent and unbiased. Here, we study how individuals integrate social information when answering trivia questions with answers that range between 0% and 100% (e.g., "What percentage of Americans are left-handed?"). We find that, consistent with the wisdom of crowds hypothesis, average performance improves with group size. However, individuals show a consistent bias to produce estimates that are insufficiently extreme. We find that social information provides significant, albeit small, improvement to group performance. Outliers with answers far from the correct answer move toward the position of the group mean. Given that these outliers also tend to be nearer to 50% than do the answers of other group members, this move creates group polarization away from 50%. By looking at individual performance over different questions we find that some people are more likely to be affected by social influence than others. There is also evidence that people differ in their competence in answering questions, but lack of competence is not significantly correlated with willingness to change guesses. We develop a mathematical model based on these results that postulates a cognitive process in which people first decide whether to take into account peer guesses, and if so, to move in the direction of these guesses. The size of the move is proportional to the distance between their own guess and the average guess of the group. This model closely approximates the distribution of guess movements and shows how outlying incorrect opinions can be systematically removed from a group resulting, in some situations, in improved group performance. However, improvement is only predicted for cases in which the initial guesses of individuals in the group are biased. Copyright © 2015 Cognitive Science Society, Inc.

Controlling Guessing Bias in the Dichotomous Rasch Model Applied to a Large-Scale, Vertically Scaled Testing Program

PubMed Central

Andrich, David; Marais, Ida; Humphry, Stephen Mark

2015-01-01

Recent research has shown how the statistical bias in Rasch model difficulty estimates induced by guessing in multiple-choice items can be eliminated. Using vertical scaling of a high-profile national reading test, it is shown that the dominant effect of removing such bias is a nonlinear change in the unit of scale across the continuum. The consequence is that the proficiencies of the more proficient students are increased relative to those of the less proficient. Not controlling the guessing bias underestimates the progress of students across 7 years of schooling with important educational implications. PMID:29795871

Partitioned-Interval Quantum Optical Communications Receiver

NASA Technical Reports Server (NTRS)

Vilnrotter, Victor A.

2013-01-01

The proposed quantum receiver in this innovation partitions each binary signal interval into two unequal segments: a short "pre-measurement" segment in the beginning of the symbol interval used to make an initial guess with better probability than 50/50 guessing, and a much longer segment used to make the high-sensitivity signal detection via field-cancellation and photon-counting detection. It was found that by assigning as little as 10% of the total signal energy to the pre-measurement segment, the initial 50/50 guess can be improved to about 70/30, using the best available measurements such as classical coherent or "optimized Kennedy" detection.

Multiple-choice examinations: adopting an evidence-based approach to exam technique.

PubMed

Hammond, E J; McIndoe, A K; Sansome, A J; Spargo, P M

1998-11-01

Negatively marked multiple-choice questions (MCQs) are part of the assessment process in both the Primary and Final examinations for the fellowship of the Royal College of Anaesthetists. It is said that candidates who guess will lose marks in the MCQ paper. We studied candidates attending a pre-examination revision course and have shown that an evaluation of examination technique is an important part of an individual's preparation. All candidates benefited substantially from backing their educated guesses while only 3 out of 27 lost marks from backing their wild guesses. Failure to appreciate the relationship between knowledge and technique may significantly affect a candidate's performance in the examination.

Number Guessing

ERIC Educational Resources Information Center

Sezin, Fatin

2009-01-01

It is instructive and interesting to find hidden numbers by using different positional numeration systems. Most of the present guessing techniques use the binary system expressed as less-than, greater-than or present-absent type information. This article describes how, by employing four cards having integers 1-64 written in different colours, one…

Orbital Battleship: A Guessing Game to Reinforce Atomic Structure

ERIC Educational Resources Information Center

Kurushkin, Mikhail; Mikhaylenko, Maria

2016-01-01

A competitive educational guessing game "Orbital Battleship" which reinforces Madelung's and Hund's rules, values of quantum numbers, and understanding of periodicity was designed. The game develops strategic thinking, is not time-consuming, requires minimal preparation and supervision, and is an efficient and fun alternative to more…

The effect of unsuccessful retrieval on children's subsequent learning.

PubMed

Carneiro, Paula; Lapa, Ana; Finn, Bridgid

2018-02-01

It is well known that successful retrieval enhances subsequent adults' learning by promoting long-term retention. Recent research has also found benefits from unsuccessful retrieval, but the evidence is not as clear-cut when the participants are children. In this study, we employed a methodology based on guessing-the weak associate paradigm-to test whether children can learn from generated errors or whether errors are harmful for learning. We tested second- and third-grade children in Experiment 1 and tested preschool and kindergarten children in Experiment 2. With slight differences in the method, in both experiments children heard the experimenter saying one word (cue) and were asked to guess an associate word (guess condition) or to listen to the correspondent target-associated word (study condition), followed by corrective feedback in both conditions. At the end of the guessing phase, the children undertook a cued-recall task in which they were presented with each cue and were asked to say the corrected target. Together, the results showed that older children-those in kindergarten and early elementary school-benefited from unsuccessful retrieval. Older children showed more correct responses and fewer errors in the guess condition. In contrast, preschoolers produced similar levels of correct and error responses in the two conditions. In conclusion, generating errors seems to be beneficial for future learning of children older than 5years. Copyright © 2017 Elsevier Inc. All rights reserved.

Insecure Behaviors on Mobile Devices Under Stress

DTIC Science & Technology

2014-04-08

a text or in an email . The most secure network is only as secure as its most careless user. Thus, in the current project we sought to discover the...challenges in mobile security is human behavior. The most secure password may be useless if it is sent as a text or in an email . The most secure network...The most secure password may be useless if it is sent as a text or in an email . The most secure network is only as secure as its most careless user

Secure Server Login by Using Third Party and Chaotic System

NASA Astrophysics Data System (ADS)

Abdulatif, Firas A.; zuhiar, Maan

2018-05-01

Server is popular among all companies and it used by most of them but due to the security threat on the server make this companies are concerned when using it so that in this paper we will design a secure system based on one time password and third parity authentication (smart phone). The proposed system make security to the login process of server by using one time password to authenticate person how have permission to login and third parity device (smart phone) as other level of security.

Uneducated Guesses: Using Evidence to Uncover Misguided Education Policies

ERIC Educational Resources Information Center

Wainer, Howard

2011-01-01

"Uneducated Guesses" challenges everything our policymakers thought they knew about education and education reform, from how to close the achievement gap in public schools to admission standards for top universities. In this explosive book, Howard Wainer uses statistical evidence to show why some of the most widely held beliefs in…

Guess the Number of . . .

ERIC Educational Resources Information Center

Housen, Monica

2017-01-01

In this article, Monica Housen describes how she uses Guess the Number of . . . , a game that develops estimation skills and persistence to provide a fun, to provide a meaningful experience for her high school students. Each week she displays objects in a clear plastic container, like those for pretzels sold in bulk. Students enter a…

Subjective qualities of memories associated with the picture superiority effect in schizophrenia.

PubMed

Huron, Caroline; Danion, Jean-Marie; Rizzo, Lydia; Killofer, Valérie; Damiens, Annabelle

2003-02-01

Patients with schizophrenia (n = 24) matched with 24 normal subjects were presented with both words and pictures. On a recognition memory task, they were asked to give remember, know, or guess responses to items that were recognized on the basis of conscious recollection, familiarity, or guessing, respectively. Compared with normal subjects, patients exhibited a lower picture superiority effect selectively related to remember responses. Unlike normal subjects, they did not exhibit any word superiority effect in relation to guess responses; this explains why the overall picture superiority effect appeared to be intact. These results emphasize the need to take into account the subjective states of awareness when analyzing memory impairments in schizophrenia.

Older adults' use of metacognitive knowledge in source monitoring: spared monitoring but impaired control.

PubMed

Kuhlmann, Beatrice G; Touron, Dayna R

2011-03-01

While episodic memory declines with age, metacognitive monitoring is spared. The current study explored whether older adults can use their preserved metacognitive knowledge to make source guesses in the absence of source memory. Through repetition, words from two sources (italic vs. bold text type) differed in memorability. There were no age differences in monitoring this difference despite an age difference in memory. Older adults used their metacognitive knowledge to make source guesses but showed a deficit in varying their source guessing based on word recognition. Therefore, older adults may not fully benefit from metacognitive knowledge about sources in source monitoring. (c) 2011 APA, all rights reserved.

Simultaneous Retrieval of Temperature, Water Vapor and Ozone Atmospheric Profiles from IASI: Compression, De-noising, First Guess Retrieval and Inversion Algorithms

NASA Technical Reports Server (NTRS)

Aires, F.; Rossow, W. B.; Scott, N. A.; Chedin, A.; Hansen, James E. (Technical Monitor)

2001-01-01

A fast temperature water vapor and ozone atmospheric profile retrieval algorithm is developed for the high spectral resolution Infrared Atmospheric Sounding Interferometer (IASI) space-borne instrument. Compression and de-noising of IASI observations are performed using Principal Component Analysis. This preprocessing methodology also allows, for a fast pattern recognition in a climatological data set to obtain a first guess. Then, a neural network using first guess information is developed to retrieve simultaneously temperature, water vapor and ozone atmospheric profiles. The performance of the resulting fast and accurate inverse model is evaluated with a large diversified data set of radiosondes atmospheres including rare events.

Are participants concerned about privacy and security when using short message service to report product adherence in a rectal microbicide trial?

PubMed

Giguere, Rebecca; Brown, William; Balán, Ivan C; Dolezal, Curtis; Ho, Titcha; Sheinfil, Alan; Ibitoye, Mobolaji; Lama, Javier R; McGowan, Ian; Cranston, Ross D; Carballo-Diéguez, Alex

2018-04-01

During a Phase 2 rectal microbicide trial, men who have sex with men and transgender women (n = 187) in 4 countries (Peru, South Africa, Thailand, United States) reported product use daily via short message service (SMS). To prevent disclosure of study participation, the SMS system program included privacy and security features. We evaluated participants' perceptions of privacy while using the system and acceptability of privacy/security features. To protect privacy, the SMS system: (1) confirmed participant availability before sending the study questions, (2) required a password, and (3) did not reveal product name or study participation. To ensure security, the system reminded participants to lock phone/delete messages. A computer-assisted self-interview (CASI), administered at the final visit, measured burden of privacy and security features and SMS privacy concerns. A subsample of 33 participants underwent an in-depth interview (IDI). Based on CASI, 85% had no privacy concerns; only 5% were very concerned. Most were not bothered by the need for a password (73%) or instructions to delete messages (82%). Based on IDI, reasons for low privacy concerns included sending SMS in private or feeling that texting would not draw attention. A few IDI participants found the password unnecessary and more than half did not delete messages. Most participants were not concerned that the SMS system would compromise their confidentiality. SMS privacy and security features were effective and not burdensome. Short ID-related passwords, ambiguous language, and reminders to implement privacy and security-enhancing behaviors are recommended for SMS systems.

Integrating Visual Mnemonics and Input Feedback With Passphrases to Improve the Usability and Security of Digital Authentication.

PubMed

Juang, Kevin; Greenstein, Joel

2018-04-01

We developed a new authentication system based on passphrases instead of passwords. Our new system incorporates a user-generated mnemonic picture displayed during login, definition tooltips, error correction to reduce typographical errors, a decoy-based input masking technique, and random passphrase generation using either a specialized wordlist or a sentence template. Passphrases exhibit a greater level of security than traditional passwords, but their wider adoption has been hindered by human factors issues. Our assertion is that the added features of our system work particularly well with passphrases and help address these shortcomings. We conducted a study to evaluate our new system with a customized 1,450-word list and our new system with a 6-word sentence structure against the control conditions of a user-created passphrase of at least 24 characters and a system-generated passphrase using a 10,326-word list. Fifty participants completed two sessions so that we could measure the usability and security of the authentication schemes. With the new system conditions, memorability was improved, and security was equivalent to or better than the control conditions. Usability and overall ratings also favored the new system conditions over the control conditions. Our research presents a new authentication system using innovative techniques that improve on the usability and security of existing password and passphrase authentication systems. In computer security, drastic changes should never happen overnight, but we recommend that our contributions be incorporated into current authentication systems to help facilitate a transition from passwords to usable passphrases.

Electronic Patient Data Confidentiality Practices Among Surgical Trainees: Questionnaire Study

PubMed Central

Mole, Damian J; Fox, Colin; Napolitano, Giulio

2006-01-01

INTRODUCTION The objective of this work was to evaluate the safeguards implemented by surgical trainees to protect the confidentiality of electronic patient data through a structured questionnaire sent to Northern Ireland surgical trainees. PARTICIPANTS AND METHODS A group of 32 basic and higher surgical trainees attending a meeting of the Northern Ireland Association of Surgeons-in-Training were invited to complete a questionnaire regarding their computer use, UK Data Protection Act, 1988 registration and electronic data confidentiality practices. RESULTS Of these 32 trainees, 29 returned completed questionnaires of whom 26 trainees regularly stored sensitive patient data for audit or research purposes on a computer. Only one person was registered under the Data Protection Act, 1988. Of the computers used to store and analyse sensitive data, only 3 of 14 desktops, 8 of 19 laptops and 3 of 14 hand-held computers forced a password logon. Of the 29 trainees, 16 used the same password for all machines, and 25 of 27 passwords were less than 8 characters long. Two respondents declined to reveal details of their secure passwords. Half of all trainees had never adjusted their internet security settings, despite all 14 desktops, 16 of 19 laptops and 5 of 14 hand-helds being routinely connected to the internet. Of the 29 trainees, 28 never encrypted their sensitive data files. Ten trainees had sent unencrypted sensitive patient data over the internet, using a non-secure server. CONCLUSIONS Electronic data confidentiality practices amongst Northern Ireland surgical trainees are unsafe. Simple practical measures to safeguard confidentiality are recommended. PMID:17059715

Does Incorrect Guessing Impair Fact Learning?

ERIC Educational Resources Information Center

Kang, Sean H. K.; Pashler, Harold; Cepeda, Nicholas J.; Rohrer, Doug; Carpenter, Shana K.; Mozer, Michael C.

2011-01-01

Taking a test has been shown to produce enhanced retention of the retrieved information. On tests, however, students often encounter questions the answers for which they are unsure. Should they guess anyway, even if they are likely to answer incorrectly? Or are errors engrained, impairing subsequent learning of the correct answer? We sought to…

A New Procedure for Detection of Students' Rapid Guessing Responses Using Response Time

ERIC Educational Resources Information Center

Guo, Hongwen; Rios, Joseph A.; Haberman, Shelby; Liu, Ou Lydia; Wang, Jing; Paek, Insu

2016-01-01

Unmotivated test takers using rapid guessing in item responses can affect validity studies and teacher and institution performance evaluation negatively, making it critical to identify these test takers. The authors propose a new nonparametric method for finding response-time thresholds for flagging item responses that result from rapid-guessing…

Guessing and the Rasch Model

ERIC Educational Resources Information Center

Holster, Trevor A.; Lake, J.

2016-01-01

Stewart questioned Beglar's use of Rasch analysis of the Vocabulary Size Test (VST) and advocated the use of 3-parameter logistic item response theory (3PLIRT) on the basis that it models a non-zero lower asymptote for items, often called a "guessing" parameter. In support of this theory, Stewart presented fit statistics derived from…

Analyzing Algebraic Thinking Using "Guess My Number" Problems

ERIC Educational Resources Information Center

Patton, Barba; De Los Santos, Estella

2012-01-01

The purpose of this study was to assess student knowledge of numeric, visual and algebraic representations. A definite gap between arithmetic and algebra has been documented in the research. The researchers' goal was to identify a link between the two. Using four "Guess My Number" problems, seventh and tenth grade students were asked to write…

An Effectiveness Index and Profile for Instructional Media.

ERIC Educational Resources Information Center

Bond, Jack H.

A scale was developed for judging the relative value of various media in teaching children. Posttest scores were partitioned into several components: error, prior knowledge, guessing, and gain from the learning exercise. By estimating the amounts of prior knowledge, guessing, and error, and then subtracting these from the total score, an index of…

The Effect of Testing Condition on Word Guessing in Elementary School Children

ERIC Educational Resources Information Center

Mannamaa, Mairi; Kikas, Eve; Raidvee, Aire

2008-01-01

Elementary school children's word guessing is studied, and the results from individual and collective testing conditions are compared. The participants are 764 students from the second, third, and fourth grades (ages 8-11, 541 students from mainstream regular classes and 223 students with learning disabilities). About half of these students are…

A Two-Parameter Latent Trait Model. Methodology Project.

ERIC Educational Resources Information Center

Choppin, Bruce

On well-constructed multiple-choice tests, the most serious threat to measurement is not variation in item discrimination, but the guessing behavior that may be adopted by some students. Ways of ameliorating the effects of guessing are discussed, especially for problems in latent trait models. A new item response model, including an item parameter…

A novel approach to transformed biometrics using successive projections

NASA Astrophysics Data System (ADS)

Gopi, E. S.

2010-02-01

Unlike user created password, number of biometrics is limited for creating account in different organizations. Transformed biometrics attempts to solve the problem by transforming the biometric into another form, which is unique to the particular organization. This makes the availability of different transformed biometrics in different organizations transformed from the same biometrics and helps in foolproof transactions. In this article a novel approach to transformed biometrics using successive projection technique is suggested .In the proposed technique, the user can register up to 5*4n-1 organizations if the length of the biometric password is 'n'.

Mathematics in the Making: Mapping Verbal Discourse in Polya's "Let Us Teach Guessing" Lesson

ERIC Educational Resources Information Center

Truxaw, Mary P.; DeFranco, Thomas C.

2007-01-01

This paper describes a detailed analysis of verbal discourse within an exemplary mathematics lesson--that is, George Polya teaching in the Mathematics Association of America [MAA] video classic, "Let Us Teach Guessing" (1966). The results of the analysis reveal an inductive model of teaching that represents recursive cycles rather than linear…

Guess Who's Coming to Dinner: The Importance of Multiculturalism in the Aftermath of Hurricane Katrina

ERIC Educational Resources Information Center

Moore, Alicia L.

2007-01-01

The importance of multiculturalism in the aftermath of Hurricane Katrina can be illustrated through a comparative view of the 1967 controversial, seminal, and Academy Award winning film, "Guess Who's Coming to Dinner". In the film, a multicultural cast starred in a groundbreaking tale of interracial marriage--then still illegal in some United…

Young Children's Reasoning in Games of Nonsocial and Social Logic: "Tic Tac Toe" and a "Guessing Game".

ERIC Educational Resources Information Center

Fernie, David E.; DeVries, Rheta

This research study tests Selman's (1980) hypothesis that different games pull players toward particular kinds of reasoning through a developmental comparison of children's reasoning in two games, Tic Tac Toe and the Guessing Game. The present study focuses on two basic questions and their educational implications: (1) What differences and…

Identifying Measurement Disturbance Effects Using Rasch Item Fit Statistics and the Logit Residual Index.

ERIC Educational Resources Information Center

Mount, Robert E.; Schumacker, Randall E.

1998-01-01

A Monte Carlo study was conducted using simulated dichotomous data to determine the effects of guessing on Rasch item fit statistics and the Logit Residual Index. Results indicate that no significant differences were found between the mean Rasch item fit statistics for each distribution type as the probability of guessing the correct answer…

The Effect of Guessing on Item Reliability under Answer-Until-Correct Scoring

ERIC Educational Resources Information Center

Kane, Michael; Moloney, James

1978-01-01

The answer-until-correct (AUC) procedure requires that examinees respond to a multi-choice item until they answer it correctly. Using a modified version of Horst's model for examinee behavior, this paper compares the effect of guessing on item reliability for the AUC procedure and the zero-one scoring procedure. (Author/CTM)

A Response to Holster and Lake Regarding Guessing and the Rasch Model

ERIC Educational Resources Information Center

Stewart, Jeffrey; McLean, Stuart; Kramer, Brandon

2017-01-01

Stewart questioned vocabulary size estimation methods proposed by Beglar and Nation for the Vocabulary Size Test, further arguing Rasch mean square (MSQ) fit statistics cannot determine the proportion of random guesses contained in the average learner's raw score, because the average value will be near 1 by design. He illustrated this by…

"A Spinach with a V on It": What 3-Year-Olds See in Standard and Enhanced Blissymbols.

ERIC Educational Resources Information Center

Raghavendra, Parimala; Fristoe, Macalyne

1990-01-01

Standard or enhanced Blissymbols, designed to represent familiar actions, attributes, and objects, were shown to 20 3 year olds, who guessed their meaning. The number of their guesses that referred to the enhancements was twice as great as the number that referred to the standard Blissymbol base. (Author/JDD)

Influences of Source-Item Contingency and Schematic Knowledge on Source Monitoring: Tests of the Probability-Matching Account

ERIC Educational Resources Information Center

Bayen, Ute J.; Kuhlmann, Beatrice G.

2011-01-01

The authors investigated conditions under which judgments in source-monitoring tasks are influenced by prior schematic knowledge. According to a probability-matching account of source guessing (Spaniol & Bayen, 2002), when people do not remember the source of information, they match source-guessing probabilities to the perceived contingency…

Network Authentication Protocol Studies

DTIC Science & Technology

2009-04-01

the 37th Annual Hawaii International Conference on System Sciences (HICSS’04), 2004. [86] R . Corin, S. Malladi , J. Alves-Foss, and S. Etalle. Guess...requirement work products Corin03a [Corin03a] R . Corin, S. Malladi , J. Alves-Foss, and S. Etalle. Guess what? Here is a new tool that finds some new guessing...Cryptosystem………………………………………………………………… 7 Figure 3.1: A Bundle……………………………………………………………………….. 43 Figure 5.1: Penetrator strands combining a) F, R strands

Direct Multiple Shooting Optimization with Variable Problem Parameters

NASA Technical Reports Server (NTRS)

Whitley, Ryan J.; Ocampo, Cesar A.

2009-01-01

Taking advantage of a novel approach to the design of the orbital transfer optimization problem and advanced non-linear programming algorithms, several optimal transfer trajectories are found for problems with and without known analytic solutions. This method treats the fixed known gravitational constants as optimization variables in order to reduce the need for an advanced initial guess. Complex periodic orbits are targeted with very simple guesses and the ability to find optimal transfers in spite of these bad guesses is successfully demonstrated. Impulsive transfers are considered for orbits in both the 2-body frame as well as the circular restricted three-body problem (CRTBP). The results with this new approach demonstrate the potential for increasing robustness for all types of orbit transfer problems.

The Development and Validation of the Game User Experience Satisfaction Scale (GUESS).

PubMed

Phan, Mikki H; Keebler, Joseph R; Chaparro, Barbara S

2016-12-01

The aim of this study was to develop and psychometrically validate a new instrument that comprehensively measures video game satisfaction based on key factors. Playtesting is often conducted in the video game industry to help game developers build better games by providing insight into the players' attitudes and preferences. However, quality feedback is difficult to obtain from playtesting sessions without a quality gaming assessment tool. There is a need for a psychometrically validated and comprehensive gaming scale that is appropriate for playtesting and game evaluation purposes. The process of developing and validating this new scale followed current best practices of scale development and validation. As a result, a mixed-method design that consisted of item pool generation, expert review, questionnaire pilot study, exploratory factor analysis (N = 629), and confirmatory factor analysis (N = 729) was implemented. A new instrument measuring video game satisfaction, called the Game User Experience Satisfaction Scale (GUESS), with nine subscales emerged. The GUESS was demonstrated to have content validity, internal consistency, and convergent and discriminant validity. The GUESS was developed and validated based on the assessments of over 450 unique video game titles across many popular genres. Thus, it can be applied across many types of video games in the industry both as a way to assess what aspects of a game contribute to user satisfaction and as a tool to aid in debriefing users on their gaming experience. The GUESS can be administered to evaluate user satisfaction of different types of video games by a variety of users. © 2016, Human Factors and Ergonomics Society.

Ultrasonic prediction of term birth weight in Hispanic women. Accuracy in an outpatient clinic.

PubMed

Nahum, Gerard G; Pham, Krystle Q; McHugh, John P

2003-01-01

To investigate the accuracy of ultrasonic fetal biometric algorithms for estimating term fetal weight. Ultrasonographic fetal biometric assessments were made in 74 Hispanic women who delivered at 37-42 weeks of gestation. Measurements were taken of the fetal biparietal diameter, head circumference, abdominal circumference and femur length. Twenty-seven standard fetal biometric algorithms were assessed for their accuracy in predicting fetal weight. Results were compared to those obtained by merely guessing the mean term birth weight in each case. The correlation between ultrasonically predicted and actual birth weights ranged from 0.52 to 0.79. The different ultrasonic algorithms estimated fetal weight to within +/- 8.6-15.0% (+/- 295-520 g) of actual birth weight as compared with +/- 13.6% (+/- 449 g) for guessing the mean birth weight in each case (mean +/- SD). The mean absolute prediction errors for 17 of the ultrasonic equations (63%) were superior to those obtained by guessing the mean birth weight by 3.2-5.0% (96-154 g) (P < .05). Fourteen algorithms (52%) were more accurate for predicting fetal weight to within +/- 15%, and 20 algorithms (74%) were more accurate for predicting fetal weight to within +/- 10% of actual birth weight than simply guessing the mean birth weight (P < .05). Ten ultrasonic equations (37%) showed significant utility for predicting fetal weight > 4,000 g (likelihood ratio > 5.0). Term fetal weight predictions using the majority of sonographic fetal biometric equations are more accurate, by up to 154 g and 5%, than simply guessing the population-specific mean birth weight.

Application of a computationally efficient method to approximate gap model results with a probabilistic approach

NASA Astrophysics Data System (ADS)

Scherstjanoi, M.; Kaplan, J. O.; Lischke, H.

2014-02-01

To be able to simulate climate change effects on forest dynamics over the whole of Switzerland, we adapted the second generation DGVM LPJ-GUESS to the Alpine environment. We modified model functions, tuned model parameters, and implemented new tree species to represent the potential natural vegetation of Alpine landscapes. Furthermore, we increased the computational efficiency of the model to enable area-covering simulations in a fine resolution (1 km) sufficient for the complex topography of the Alps, which resulted in more than 32 000 simulation grid cells. To this aim, we applied the recently developed method GAPPARD (Scherstjanoi et al., 2013) to LPJ-GUESS. GAPPARD derives mean output values from a combination of simulation runs without disturbances and a patch age distribution defined by the disturbance frequency. With this computationally efficient method, that increased the model's speed by approximately the factor 8, we were able to faster detect shortcomings of LPJ-GUESS functions and parameters. We used the adapted LPJ-GUESS together with GAPPARD to assess the influence of one climate change scenario on dynamics of tree species composition and biomass throughout the 21st century in Switzerland. To allow for comparison with the original model, we additionally simulated forest dynamics along a north-south-transect through Switzerland. The results from this transect confirmed the high value of the GAPPARD method despite some limitations towards extreme climatic events. It allowed for the first time to obtain area-wide, detailed high resolution LPJ-GUESS simulation results for a large part of the Alpine region.

Game of Words: Prototype of a Digital Game Focusing on Oral Production (and Comprehension) through Asynchronous Interaction

ERIC Educational Resources Information Center

Loiseau, Mathieu; Hallal, Racha; Ballot, Pauline; Gazidedja, Ada

2016-01-01

In this paper, we present a learning game designed according to a strategy focusing on favouring the learners' "playful attitude". The game's modalities pertain to what we might call "guessing games". The chosen avatar of such guessing games both exists as learning and Commercial Off The Shelf (COTS) board games. We explain in…

Detection of Differential Item Functioning with Nonlinear Regression: A Non-IRT Approach Accounting for Guessing

ERIC Educational Resources Information Center

Drabinová, Adéla; Martinková, Patrícia

2017-01-01

In this article we present a general approach not relying on item response theory models (non-IRT) to detect differential item functioning (DIF) in dichotomous items with presence of guessing. The proposed nonlinear regression (NLR) procedure for DIF detection is an extension of method based on logistic regression. As a non-IRT approach, NLR can…

The Incidence of Clueing in Multiple Choice Testbank Questions in Accounting: Some Evidence from Australia

ERIC Educational Resources Information Center

Ibbett, Nicole L.; Wheldon, Brett J.

2016-01-01

In 2014 Central Queensland University (CQU) in Australia banned the use of multiple choice questions (MCQs) as an assessment tool. One of the reasons given for this decision was that MCQs provide an opportunity for students to "pass" by merely guessing their answers. The mathematical likelihood of a student passing by guessing alone can…

Improving Preschoolers' Recognition Memory for Faces with Orienting Information.

ERIC Educational Resources Information Center

Montepare, Joann M.

To determine whether preschool children's memory for unfamiliar faces could be facilitated by giving them orienting information about faces, 4- and 5-year-old subjects were told that they were going to play a guessing game in which they would be looking at faces and guessing which ones they had seen before. In study 1, 6 boys and 6 girls within…

An Alternative to the 3PL: Using Asymmetric Item Characteristic Curves to Address Guessing Effects

ERIC Educational Resources Information Center

Lee, Sora; Bolt, Daniel M.

2018-01-01

Both the statistical and interpretational shortcomings of the three-parameter logistic (3PL) model in accommodating guessing effects on multiple-choice items are well documented. We consider the use of a residual heteroscedasticity (RH) model as an alternative, and compare its performance to the 3PL with real test data sets and through simulation…

An Examination of At-Risk College Freshmen's Expository Literacy Skills Using Interactive Online Writing Activities

ERIC Educational Resources Information Center

Mongillo, Geraldine; Wilder, Hilary

2012-01-01

This qualitative study focused on at-risk college freshmen's ability to read and write expository text using game-like, online expository writing activities. These activities required participants to write descriptions of a target object so that peers could guess what the object was, after which they were given the results of those guesses as…

Grade of Membership Response Time Model for Detecting Guessing Behaviors

ERIC Educational Resources Information Center

Pokropek, Artur

2016-01-01

A response model that is able to detect guessing behaviors and produce unbiased estimates in low-stake conditions using timing information is proposed. The model is a special case of the grade of membership model in which responses are modeled as partial members of a class that is affected by motivation and a class that responds only according to…

A monogamy-of-entanglement game with applications to device-independent quantum cryptography

NASA Astrophysics Data System (ADS)

Tomamichel, Marco; Fehr, Serge; Kaniewski, Jędrzej; Wehner, Stephanie

2013-10-01

We consider a game in which two separate laboratories collaborate to prepare a quantum system and are then asked to guess the outcome of a measurement performed by a third party in a random basis on that system. Intuitively, by the uncertainty principle and the monogamy of entanglement, the probability that both players simultaneously succeed in guessing the outcome correctly is bounded. We are interested in the question of how the success probability scales when many such games are performed in parallel. We show that any strategy that maximizes the probability to win every game individually is also optimal for the parallel repetition of the game. Our result implies that the optimal guessing probability can be achieved without the use of entanglement. We explore several applications of this result. Firstly, we show that it implies security for standard BB84 quantum key distribution when the receiving party uses fully untrusted measurement devices, i.e. we show that BB84 is one-sided device independent. Secondly, we show how our result can be used to prove security of a one-round position-verification scheme. Finally, we generalize a well-known uncertainty relation for the guessing probability to quantum side information.

Evaluating the coupled vegetation-fire model, LPJ-GUESS-SPITFIRE, against observed tropical forest biomass

NASA Astrophysics Data System (ADS)

Spessa, Allan; Forrest, Matthew; Werner, Christian; Steinkamp, Joerg; Hickler, Thomas

2013-04-01

Wildfire is a fundamental Earth System process. It is the most important disturbance worldwide in terms of area and variety of biomes affected; a major mechanism by which carbon is transferred from the land to the atmosphere (2-4 Pg per annum, equiv. 20-30% of global fossil fuel emissions over the last decade); and globally a significant source of particulate aerosols and trace greenhouse gases. Fire is also potentially important as a feedback in the climate system. If climate change favours more intense fire regimes, this would result in a net transfer of carbon from ecosystems to the atmosphere, as well as higher emissions, and under certain circumstances, increased troposphere ozone production- all contributing to positive climate-land surface feedbacks. Quantitative analysis of fire-vegetation-climate interactions has been held back until recently by a lack of consistent global data sets on fire, and by the underdeveloped state of dynamic vegetation-fire modelling. Dynamic vegetation-fire modelling is an essential part of our forecasting armory for examining the possible impacts of climate, fire regimes and land-use on ecosystems and emissions from biomass burning beyond the observation period, as part of future climate or paleo-climate studies. LPJ-GUESS is a process-based model of vegetation dynamics designed for regional to global applications. It combines features of the Lund-Potsdam-Jena Dynamic Global Vegetation Model (LPJ-DGVM) with those of the General Ecosystem Simulator (GUESS) in a single, flexible modelling framework. The models have identical representations of eco-physiological and biogeochemical processes, including the hydrological cycle. However, they differ in the detail with which vegetation dynamics and canopy structure are simulated. Simplified, computationally efficient representations are used in the LPJ-DGVM, while LPJ-GUESS employs a gap-model approach, which better captures ecological succession and hence ecosystem changes due to disturbance such as fire. SPITFIRE (SPread and InTensity of FIRe and Emissions) mechanistically simulates the number of fires, area burnt, fire intensity, crown fires, fire-induced plant mortality, and emissions of carbon, trace gases and aerosols from biomass burning. Originally developed as an embedded model within LPJ-DGVM, SPITFIRE has since been coupled to LPJ-GUESS. However, neither LPJ-DGVM-SPITFIRE nor LPJ-GUESS-SPITFIRE has been fully benchmarked, especially in terms of how well each model simulates vegetation patterns and biomass in areas where fire is known to be important. This information is crucial if we are to have confidence in the models in forecasting fire, emissions from biomass burning and fire-climate impacts on ecosystems. Here we report on the benchmarking of the LPJ-GUESS-SPITFIRE model. We benchmarked LPJ-GUESS-SPITFIRE driven by a combination of daily reanalysis climate data (Sheffield 2012), monthly GFEDv3 burnt area data (1997-2009) (van der Werf et al. 2010) and long-term annual fire statistics (1901 to 2000) (Mouillot and Field 2005) against new Lidar-based biomass data for tropical forests and savannas (Saatchi et al. 2011; Baccini et al., 2012). Our new work has focused on revising the way GUESS simulates tree allometry, light penetration through the tree canopy and sapling recruitment, and how GUESS-SPITFIRE simulates fire-induced mortality, all based on recent literature, as well as a more explicit accounting of land cover change (JRC's GLC 2009). We present how these combined changes result in a much improved simulation of tree carbon across the tropics, including the Americas, Africa, Asia and Australia. Our results are compared with respect to more empirical-based approaches to calculating emissions from biomass burning. We discuss our findings in terms of improved forecasting of fire, emissions from biomass burning and fire-climate impacts on ecosystems.

Development of a Response Planner using the UCT Algorithm for Cyber Defense

DTIC Science & Technology

2013-03-01

writer2l, guess passwd r2l, imap r2l, ipsweep probe, land dos, loadmodule u2r, multihop r2l, neptune dos, nmap probe, perl u2r, phf r2l, pod dos, portsweep...2646 10 pod 201 11 back 956 12 guess passwd 53 Item Type Count 13 ftp write 8 14 multihop 7 15 rootkit 10 16 buffer overflow 30 17 imap 11 18...pod 0 0 0 87 6 11 0 0 64 33 0 0 0 0 k = back 908 0 0 0 0 0 0 0 0 0 47 0 1 0 l = guess passwd 0 0 0 42 3 0 1 0 0 0 0 5 1 0 m = buffer overflow 0 0 17

A Strategic Design of an Opto-Chemical Security Device with Resettable and Reconfigurable Password Based Upon Dual Channel Two-in-One Chemosensor Molecule.

PubMed

Majumdar, Tapas; Haldar, Basudeb; Mallick, Arabinda

2017-02-20

A simple strategy is proposed to design and develop an intelligent device based on dual channel ion responsive spectral properties of a commercially available molecule, harmine (HM). The system can process different sets of opto-chemical inputs generating different patterns as fluorescence outputs at specific wavelengths which can provide an additional level of protection exploiting both password and pattern recognitions. The proposed system could have the potential to come up with highly secured combinatorial locks at the molecular level that could pose valuable real time and on-site applications for user authentication.

A Strategic Design of an Opto-Chemical Security Device with Resettable and Reconfigurable Password Based Upon Dual Channel Two-in-One Chemosensor Molecule

NASA Astrophysics Data System (ADS)

Majumdar, Tapas; Haldar, Basudeb; Mallick, Arabinda

2017-02-01

A simple strategy is proposed to design and develop an intelligent device based on dual channel ion responsive spectral properties of a commercially available molecule, harmine (HM). The system can process different sets of opto-chemical inputs generating different patterns as fluorescence outputs at specific wavelengths which can provide an additional level of protection exploiting both password and pattern recognitions. The proposed system could have the potential to come up with highly secured combinatorial locks at the molecular level that could pose valuable real time and on-site applications for user authentication.

Puzzler Solution: Just Making an Observation | Poster

Cancer.gov

Editor’s Note: It looks like we stumped you. None of the puzzler guesses were correct, but our winner was the closest to getting it right. He guessed it was a sanitary sewer clean-out pipe, and that’s what the photo looks like, according to our source at Facilities Maintenance and Engineering. Please continue reading for the correct puzzler solution. By Ashley DeVine, Staff

A Study on the Relationship between English Vocabulary Threshold and Word Guessing Strategy for Pre-University Chinese Students in Malaysia

ERIC Educational Resources Information Center

Juan, Wu Xiao; Abidin, Mohamad Jafre Zainol; Eng, Lin Siew

2013-01-01

This survey aims at studying the relationship between English vocabulary threshold and word guessing strategy that is used in reading comprehension learning among 80 pre-university Chinese students in Malaysia. T-test is the main statistical test for this research, and the collected data is analysed using SPSS. From the standard deviation test…

Controlling Guessing Bias in the Dichotomous Rasch Model Applied to a Large-Scale, Vertically Scaled Testing Program

ERIC Educational Resources Information Center

Andrich, David; Marais, Ida; Humphry, Stephen Mark

2016-01-01

Recent research has shown how the statistical bias in Rasch model difficulty estimates induced by guessing in multiple-choice items can be eliminated. Using vertical scaling of a high-profile national reading test, it is shown that the dominant effect of removing such bias is a nonlinear change in the unit of scale across the continuum. The…

Puzzler Solution: Just Making an Observation | Poster

Cancer.gov

Editor’s Note: It looks like we stumped you. None of the puzzler guesses were correct, but our winner was the closest to getting it right. He guessed it was a sanitary sewer clean-out pipe, and that’s what the photo looks like, according to our source at Facilities Maintenance and Engineering. Please continue reading for the correct puzzler solution. By Ashley DeVine, Staff Writer

"Playing with Words": Effects of an Anagram Solving Game-Like Application for Primary Education Students

ERIC Educational Resources Information Center

Panagiotakopoulos, Chris T.; Sarris, Menelaos E.

2013-01-01

The present study reports the basic characteristics of a game-like application entitled "Playing with Words-PwW". PwW is a single-user application where a word must be guessed given an anagram of that word. Anagrams are presented from a predefined word list and users can repeatedly try to guess the word, from which the anagram is…

Question structure impacts efficiency and performance in an interactive guessing game: implications for strategy engagement and executive functioning.

PubMed

Longenecker, Julia; Liu, Kristy; Chen, Eric Y H

2012-12-30

In an interactive guessing game, controls had higher performance and efficiency than patients with schizophrenia in correct trials. Patients' difficulties generating efficient questions suggest an increased taxation of working memory and an inability to engage an appropriate strategy, leading to impulsive behavior and reduced success. Copyright © 2012 Elsevier Ireland Ltd. All rights reserved.

Interpolation of unevenly spaced data using a parabolic leapfrog correction method and cubic splines

Treesearch

Julio L. Guardado; William T. Sommers

1977-01-01

The technique proposed allows interpolation of data recorded at unevenly spaced sites to a regular grid or to other sites. Known data are interpolated to an initial guess field grid of unevenly spaced rows and columns by a simple distance weighting procedure. The initial guess field is then adjusted by using a parabolic leapfrog correction and the known data. The final...

Children's Perception of Black and White Boxes and Bobo Dolls as a Reflection of How They Regard Their Own and Other's Racial Membership.

ERIC Educational Resources Information Center

Stabler, John R.; Johnson, Edward E.

Investigation of how children's responses to black and white objects reflect racial concepts is reported. One series of experiments asking Headstart children to guess which objects they liked or disliked were hidden in black or white boxes. Although white children guessed more often that positively evaluated objects were in white boxes, black…

Application of a computationally efficient method to approximate gap model results with a probabilistic approach

NASA Astrophysics Data System (ADS)

Scherstjanoi, M.; Kaplan, J. O.; Lischke, H.

2014-07-01

To be able to simulate climate change effects on forest dynamics over the whole of Switzerland, we adapted the second-generation DGVM (dynamic global vegetation model) LPJ-GUESS (Lund-Potsdam-Jena General Ecosystem Simulator) to the Alpine environment. We modified model functions, tuned model parameters, and implemented new tree species to represent the potential natural vegetation of Alpine landscapes. Furthermore, we increased the computational efficiency of the model to enable area-covering simulations in a fine resolution (1 km) sufficient for the complex topography of the Alps, which resulted in more than 32 000 simulation grid cells. To this aim, we applied the recently developed method GAPPARD (approximating GAP model results with a Probabilistic Approach to account for stand Replacing Disturbances) (Scherstjanoi et al., 2013) to LPJ-GUESS. GAPPARD derives mean output values from a combination of simulation runs without disturbances and a patch age distribution defined by the disturbance frequency. With this computationally efficient method, which increased the model's speed by approximately the factor 8, we were able to faster detect the shortcomings of LPJ-GUESS functions and parameters. We used the adapted LPJ-GUESS together with GAPPARD to assess the influence of one climate change scenario on dynamics of tree species composition and biomass throughout the 21st century in Switzerland. To allow for comparison with the original model, we additionally simulated forest dynamics along a north-south transect through Switzerland. The results from this transect confirmed the high value of the GAPPARD method despite some limitations towards extreme climatic events. It allowed for the first time to obtain area-wide, detailed high-resolution LPJ-GUESS simulation results for a large part of the Alpine region.

Balance in machine architecture: Bandwidth on board and offboard, integer/control speed and flops versus memory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fischler, M.

1992-04-01

The issues to be addressed here are those of balance'' in machine architecture. By this, we mean how much emphasis must be placed on various aspects of the system to maximize its usefulness for physics. There are three components that contribute to the utility of a system: How the machine can be used, how big a problem can be attacked, and what the effective capabilities (power) of the hardware are like. The effective power issue is a matter of evaluating the impact of design decisions trading off architectural features such as memory bandwidth and interprocessor communication capabilities. What is studiedmore » is the effect these machine parameters have on how quickly the system can solve desired problems. There is a reasonable method for studying this: One selects a few representative algorithms and computes the impact of changing memory bandwidths, and so forth. The only room for controversy here is in the selection of representative problems. The issue of how big a problem can be attacked boils down to a balance of memory size versus power. Although this is a balance issue it is very different than the effective power situation, because no firm answer can be given at this time. The power to memory ratio is highly problem dependent, and optimizing it requires several pieces of physics input, including: how big a lattice is needed for interesting results; what sort of algorithms are best to use; and how many sweeps are needed to get valid results. We seem to be at the threshold of learning things about these issues, but for now, the memory size issue will necessarily be addressed in terms of best guesses, rules of thumb, and researchers' opinions.« less

Balance in machine architecture: Bandwidth on board and offboard, integer/control speed and flops versus memory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fischler, M.

1992-04-01

The issues to be addressed here are those of ``balance`` in machine architecture. By this, we mean how much emphasis must be placed on various aspects of the system to maximize its usefulness for physics. There are three components that contribute to the utility of a system: How the machine can be used, how big a problem can be attacked, and what the effective capabilities (power) of the hardware are like. The effective power issue is a matter of evaluating the impact of design decisions trading off architectural features such as memory bandwidth and interprocessor communication capabilities. What is studiedmore » is the effect these machine parameters have on how quickly the system can solve desired problems. There is a reasonable method for studying this: One selects a few representative algorithms and computes the impact of changing memory bandwidths, and so forth. The only room for controversy here is in the selection of representative problems. The issue of how big a problem can be attacked boils down to a balance of memory size versus power. Although this is a balance issue it is very different than the effective power situation, because no firm answer can be given at this time. The power to memory ratio is highly problem dependent, and optimizing it requires several pieces of physics input, including: how big a lattice is needed for interesting results; what sort of algorithms are best to use; and how many sweeps are needed to get valid results. We seem to be at the threshold of learning things about these issues, but for now, the memory size issue will necessarily be addressed in terms of best guesses, rules of thumb, and researchers` opinions.« less

Algorithm based on the Thomson problem for determination of equilibrium structures of metal nanoclusters

NASA Astrophysics Data System (ADS)

Arias, E.; Florez, E.; Pérez-Torres, J. F.

2017-06-01

A new algorithm for the determination of equilibrium structures suitable for metal nanoclusters is proposed. The algorithm performs a stochastic search of the minima associated with the nuclear potential energy function restricted to a sphere (similar to the Thomson problem), in order to guess configurations of the nuclear positions. Subsequently, the guessed configurations are further optimized driven by the total energy function using the conventional gradient descent method. This methodology is equivalent to using the valence shell electron pair repulsion model in guessing initial configurations in the traditional molecular quantum chemistry. The framework is illustrated in several clusters of increasing complexity: Cu7, Cu9, and Cu11 as benchmark systems, and Cu38 and Ni9 as novel systems. New equilibrium structures for Cu9, Cu11, Cu38, and Ni9 are reported.

Detecting Patterns of Anomalies

DTIC Science & Technology

2009-03-01

0.0057 0.9668 ± 0.0053 guess passwd 0.7316 ± 0.0133 0.7792 ± 0.0145 mailbomb 0.1782 ± 0.0104 0.2243 ± 0.014 neptune 0.9938 ± 0.003 0.9938 ± 0.003 smurf...1.0 ± 0.0 1.0 ± 0.0 0.727 ± 0.051 guess passwd 1.0 ± 0.0 1.0 ± 0.0 0.957 ± 0.016 1.0 ± 0.0 0.610 ± 0.045 mailbomb 0.788 ± 0.02 0.82 ± 0.023 0.276...0.951 ± 0.004 0.882 ± 0.021 0.215 ± 0.042 guess passwd 0.991 ± 0.002 0.773 ± 0.008 0.124 ± 0.005 0.804 ± 0.013 0.205 ± 0.041 mailbomb 0.587 ± 0.007

Algorithm based on the Thomson problem for determination of equilibrium structures of metal nanoclusters.

PubMed

Arias, E; Florez, E; Pérez-Torres, J F

2017-06-28

A new algorithm for the determination of equilibrium structures suitable for metal nanoclusters is proposed. The algorithm performs a stochastic search of the minima associated with the nuclear potential energy function restricted to a sphere (similar to the Thomson problem), in order to guess configurations of the nuclear positions. Subsequently, the guessed configurations are further optimized driven by the total energy function using the conventional gradient descent method. This methodology is equivalent to using the valence shell electron pair repulsion model in guessing initial configurations in the traditional molecular quantum chemistry. The framework is illustrated in several clusters of increasing complexity: Cu 7 , Cu 9 , and Cu 11 as benchmark systems, and Cu 38 and Ni 9 as novel systems. New equilibrium structures for Cu 9 , Cu 11 , Cu 38 , and Ni 9 are reported.

Objective analysis of pseudostress over the Indian Ocean using a direct-minimization approach

NASA Technical Reports Server (NTRS)

Legler, David M.; Navon, I. M.; O'Brien, James J.

1989-01-01

A technique not previously used in objective analysis of meteorological data is used here to produce monthly average surface pseudostress data over the Indian Ocean. An initial guess field is derived and a cost functional is constructed with five terms: approximation to initial guess, approximation to climatology, a smoothness parameter, and two kinematic terms. The functional is minimized using a conjugate-gradient technique, and the weight for the climatology term controls the overall balance of influence between the climatology and the initial guess. Results from various weight combinations are presented for January and July 1984. Quantitative and qualitative comparisons to the subject analysis are made to find which weight combination provides the best results. The weight on the approximation to climatology is found to balance the influence of the original field and climatology.

An Empirical Test of a Strategy for Training Examinees in the Use of Partial Information in Taking Multiple Choice Tests.

ERIC Educational Resources Information Center

Bliss, Leonard B.

The aim of this study was to show that the superiority of corrected-for-guessing scores over number right scores as true score estimates depends on the ability of examinees to recognize situations where they can eliminate one or more alternatives as incorrect and to omit items where they would only be guessing randomly. Previous investigations…

Understanding Inference as a Source of Knowledge: Children's Ability To Evaluate the Certainty of Deduction, Perception, and Guessing.

ERIC Educational Resources Information Center

Pillow, Bradford H.; Hill, Valerie; Boyce, April; Stein, Catherine

2000-01-01

Three experiments investigated children's understanding of inference as a knowledge source. Most 4- to 6-year-olds did not rate a puppet as more certain of a toy's color after the puppet looked at the toy or inferred its color than they did after the puppet guessed the color. Most 8- and 9-year-olds distinguished inference and looking from…

A Generic Expert Scheduling System Architecture and Toolkit: GUESS (Generically Used Expert Scheduling System)

NASA Technical Reports Server (NTRS)

Liebowitz, Jay; Krishnamurthy, Vijaya; Rodens, Ira; Houston, Chapman; Liebowitz, Alisa; Baek, Seung; Radko, Joe; Zeide, Janet

1996-01-01

Scheduling has become an increasingly important element in today's society and workplace. Within the NASA environment, scheduling is one of the most frequently performed and challenging functions. Towards meeting NASA's scheduling needs, a research version of a generic expert scheduling system architecture and toolkit has been developed. This final report describes the development and testing of GUESS (Generically Used Expert Scheduling System).

Telling good from bad news: ADHD differentially affects processing of positive and negative feedback during guessing.

PubMed

van Meel, Catharina S; Oosterlaan, Jaap; Heslenfeld, Dirk J; Sergeant, Joseph A

2005-01-01

Neuroimaging studies on ADHD suggest abnormalities in brain regions associated with decision-making and reward processing such as the anterior cingulate cortex (ACC) and orbitofrontal cortex. Recently, event-related potential (ERP) studies demonstrated that the ACC is involved in processing feedback signals during guessing and gambling. The resulting negative deflection, the 'feedback-related negativity' (FRN) has been interpreted as reflecting an error in reward prediction. In the present study, ERPs elicited by positive and negative feedback were recorded in children with ADHD and normal controls during guessing. 'Correct' and 'incorrect' guesses resulted in respectively monetary gains and losses. The FRN amplitude to losses was more pronounced in the ADHD group than in normal controls. Positive and negative feedback differentially affected long latency components in the ERP waveforms of normal controls, but not ADHD children. These later deflections might be related to further emotional or strategic processing. The present findings suggest an enhanced sensitivity to unfavourable outcomes in children with ADHD, probably due to abnormalities in mesolimbic reward circuits. In addition, further processing, such as affective evaluation and the assessment of future consequences of the feedback signal seems to be altered in ADHD. These results may further help understanding the neural basis of decision-making deficits in ADHD.

Influences of Age and Emotion on Source Guessing: Are Older Adults More Likely to Show Fear-Relevant Illusory Correlations?

PubMed

Meyer, Miriam Magdalena; Buchner, Axel; Bell, Raoul

2016-09-01

The present study investigates age differences in the vulnerability to illusory correlations between fear-relevant stimuli and threatening information. Younger and older adults saw pictures of threatening snakes and nonthreatening fish, paired with threatening and nonthreatening context information ("poisonous" and "nonpoisonous") with a null contingency between animal type and poisonousness. In a source monitoring test, participants were required to remember whether an animal was associated with poisonousness or nonpoisonousness. Illusory correlations were implicitly measured via a multinomial model. One advantage of this approach is that memory and guessing processes can be assessed independently. An illusory correlation would be reflected in a higher probability of guessing that a snake rather than a fish was poisonous if the poisonousness of the animal was not remembered. Older adults showed evidence of illusory correlations in source guessing while younger adults did not; instead they showed evidence of probability matching. Moreover, snake fear was associated with increased vulnerability to illusory correlations in older adults. The findings confirm that older adults are more susceptible to fear-relevant illusory correlations than younger adults. © The Author 2015. Published by Oxford University Press on behalf of The Gerontological Society of America. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.

Memory and the Korsakoff syndrome: not remembering what is remembered.

PubMed

d'Ydewalle, Géry; Van Damme, Ilse

2007-03-14

Following the distinction between involuntary unconscious memory, involuntary conscious memory, and intentional retrieval, the focus of the present paper is whether there is an impairment of involuntary conscious memory among Korsakoff patients. At study, participants generated associations versus counted the number of letters with enclosed spaces or the number of vowels in the target words (semantic versus perceptual processing). In the Direct tests, stems were to be used to retrieve the targets with either guessing or no guessing allowed; in the Opposition tests, the stems were to be completed with the first word that came to mind but using another word if that first word was a target word; and in the Indirect tests, no reference was made to the target words from the study phase. In the Direct tests, the performance of Korsakoff patients was not necessarily worse than the one of healthy controls, provided guessing was allowed. More critical for the Korsakoff patients was the deficient involuntary conscious memory. The deficiency explained the suppression failures in the Opposition tests, the absence of performance differences between the Indirect and Opposition tests, the absence of a beneficial effect in providing information about the status of the stem, the performance boost when allowed to guess, and the very low rate of "Know"/"Remember" responses.

Automated Tests for Telephone Telepathy Using Mobile Phones.

PubMed

Sheldrake, Rupert; Smart, Pamela; Avraamides, Leonidas

2015-01-01

To carry out automated experiments on mobile phones to test for telepathy in connection with telephone calls. Subjects, aged from 10 to 83, registered online with the names and mobile telephone numbers of three or two senders. A computer selected a sender at random, and asked him to call the subject via the computer. The computer then asked the subject to guess the caller׳s name, and connected the caller and the subject after receiving the guess. A test consisted of six trials. The effects of subjects׳ sex and age and the effects of time delays on guesses. The proportion of correct guesses of the caller׳s name, compared with the 33.3% or 50% mean chance expectations. In 2080 trials with three callers there were 869 hits (41.8%), above the 33.3% chance level (P < 1 × 10(-15)). The hit rate in incomplete tests was 43.8% (P = .00003) showing that optional stopping could not explain the positive results. In 745 trials with two callers, there were 411 hits (55.2%), above the 50% chance level (P = .003). An analysis of the data made it very unlikely that cheating could explain the positive results. These experiments showed that automated tests for telephone telepathy can be carried out using mobile phones. Copyright © 2015 Elsevier Inc. All rights reserved.

A rigorous and simpler method of image charges

NASA Astrophysics Data System (ADS)

Ladera, C. L.; Donoso, G.

2016-07-01

The method of image charges relies on the proven uniqueness of the solution of the Laplace differential equation for an electrostatic potential which satisfies some specified boundary conditions. Granted by that uniqueness, the method of images is rightly described as nothing but shrewdly guessing which and where image charges are to be placed to solve the given electrostatics problem. Here we present an alternative image charges method that is based not on guessing but on rigorous and simpler theoretical grounds, namely the constant potential inside any conductor and the application of powerful geometric symmetries. The aforementioned required uniqueness and, more importantly, guessing are therefore both altogether dispensed with. Our two new theoretical fundaments also allow the image charges method to be introduced in earlier physics courses for engineering and sciences students, instead of its present and usual introduction in electromagnetic theory courses that demand familiarity with the Laplace differential equation and its boundary conditions.

Taboo: Working memory and mental control in an interactive task

PubMed Central

Hansen, Whitney A.; Goldinger, Stephen D.

2014-01-01

Individual differences in working memory (WM) predict principled variation in tasks of reasoning, response time, memory, and other abilities. Theoretically, a central function of WM is keeping task-relevant information easily accessible while suppressing irrelevant information. The present experiment was a novel study of mental control, using performance in the game Taboo as a measure. We tested effects of WM capacity on several indices, including perseveration errors (repeating previous guesses or clues) and taboo errors (saying at least part of a taboo or target word). By most measures, high-span participants were superior to low-span participants: High-spans were better at guessing answers, better at encouraging correct guesses from teammates, and less likely to either repeat themselves or produce taboo clues. Differences in taboo errors occurred only in an easy control condition. The results suggest that WM capacity predicts behavior in tasks requiring mental control, extending this finding to an interactive group setting. PMID:19827699

The effect of guessing on the speech reception thresholds of children.

PubMed

Moodley, A

1990-01-01

Speech audiometry is an essential part of the assessment of hearing impaired children and it is now widely used throughout the United Kingdom. Although instructions are universally agreed upon as an important aspect in the administration of any form of audiometric testing, there has been little, if any, research towards evaluating the influence which instructions that are given to a listener have on the Speech Reception Threshold obtained. This study attempts to evaluate what effect guessing has on the Speech Reception Threshold of children. A sample of 30 secondary school pupils between 16 and 18 years of age with normal hearing was used in the study. It is argued that the type of instruction normally used for Speech Reception Threshold in audiometric testing may not provide a sufficient amount of control for guessing and the implications of this, using data obtained in the study, are examined.

Quantifying the effects of social influence

PubMed Central

Mavrodiev, Pavlin; Tessone, Claudio J.; Schweitzer, Frank

2013-01-01

How do humans respond to indirect social influence when making decisions? We analysed an experiment where subjects had to guess the answer to factual questions, having only aggregated information about the answers of others. While the response of humans to aggregated information is a widely observed phenomenon, it has not been investigated quantitatively, in a controlled setting. We found that the adjustment of individual guesses depends linearly on the distance to the mean of all guesses. This is a remarkable, and yet surprisingly simple regularity. It holds across all questions analysed, even though the correct answers differ by several orders of magnitude. Our finding supports the assumption that individual diversity does not affect the response to indirect social influence. We argue that the nature of the response crucially changes with the level of information aggregation. This insight contributes to the empirical foundation of models for collective decisions under social influence. PMID:23449043

Cleared Hot: A Forward Air Control (Airborne) Concepts Trainer

DTIC Science & Technology

2006-09-01

list of high-level objectives imitating a detailed requirements document. In those cases, software developers are forced to make best guesses about...software developers are forced to make best guesses about how to meet those objectives. Is there a better method? We embarked on a project to create a...with participants at the end of an 18-month development cycle, we did the next best thing: Cleared Hot was taken to the mission subject matter

Refinements of Stout’s Procedure for Assessing Latent Trait Unidimensionality

DTIC Science & Technology

1992-08-01

in the presence of guessing when coupled with many high-discriminating items. A revision of DIMTEST is proposed to overcome this limitation. Also, an...used for factor analysis. When guessing is present in the responses to items, however, linear factor analysis of tetrachoric correlations can produce...significance when d=1 and maintaining good power when d=2, even when the correlation between the abilities is as high as .7. The present study provides a

Non-penetrating sham needle, is it an adequate sham control in acupuncture research?

PubMed

Lee, Hyangsook; Bang, Heejung; Kim, Youngjin; Park, Jongbae; Lee, Sangjae; Lee, Hyejung; Park, Hi-Joon

2011-01-01

This study aimed to determine whether a non-penetrating sham needle can serve as an adequate sham control. We conducted a randomised, subject-blind, sham-controlled trial in both acupuncture-naïve and experienced healthy volunteers. Participants were randomly allocated to receive either real acupuncture (n=39) or non-penetrating sham acupuncture (n=40) on the hand (LI4), abdomen (CV12) and leg (ST36). The procedures were standardised and identical for both groups. Participants rated acupuncture sensations on a 10-point scale. A blinding index was calculated based on the participants' guesses on the type of acupuncture they had received (real, sham or do not know) for each acupuncture point. The association of knowledge about and experience in acupuncture with correct guessing was also examined. The subjects in both groups were similar with respect to age, gender, experience or knowledge about acupuncture. The sham needle tended to produce less penetration, pain and soreness only at LI4. Blinding appeared to be successfully achieved for ST36. Although 41% of participants in the real acupuncture group made correct guesses for LI4, 31% guessed incorrectly for CV12, beyond chance level. People with more experience and knowledge about acupuncture were more likely to correctly guess the type of needle they received at ST36 only, compared to that at the other points. A non-penetrating sham needle may successfully blind participants and thus, may be a credible sham control. However, the small sample size, the different needle sensations, and the degree and direction of unblinding across acupuncture points warrant further studies in Korea as well as other countries to confirm our finding. Our results also justify the incorporation of formal testing of the use of sham controls in clinical trials of acupuncture. Copyright © 2010 Elsevier Ltd. All rights reserved.

Concentrations of Volatiles in the Lunar Regolith

NASA Technical Reports Server (NTRS)

Taylor, Jeff; Taylor, Larry; Duke, Mike

2007-01-01

To set lower and upper limits on the overall amounts and types of volatiles released during heating of polar regolith, we examined the data for equatorial lunar regolith and for the compositions of comets. The purpose, specifically, was to answer these questions: 1. Upper/Lower limits and 'best guess' for total amount of volatiles (by weight %) released from lunar regolith up to 150C 2. Upper/Lower limit and 'best guess' for composition of the volatiles released from the lunar regolith by weight %

Statistical Image Recovery From Laser Speckle Patterns With Polarization Diversity

DTIC Science & Technology

2010-09-01

Fourier Transform is taken mapping the data to the pupil plane . The computed phase from this operation is multiplied to the amplitude of the pupil...guess generated by a uniform ran- dom number generator (−π to π). The guessed phase is multiplied to the measured amplitude in the image plane and the... plane data. Again, a Fourier transform is performed mapping the manipulated data set back to the image plane . The computed phase in this op- eration is

HEP Computing

Science.gov Websites

Argonne National Laboratory HEP Laptop Computing Problem Report Service Request Password Help New on ANL Exchange: See section for your OS Printing Available Software for Download VPN: Virtual

Parallel, Distributed Scripting with Python

DOE Office of Scientific and Technical Information (OSTI.GOV)

Miller, P J

2002-05-24

Parallel computers used to be, for the most part, one-of-a-kind systems which were extremely difficult to program portably. With SMP architectures, the advent of the POSIX thread API and OpenMP gave developers ways to portably exploit on-the-box shared memory parallelism. Since these architectures didn't scale cost-effectively, distributed memory clusters were developed. The associated MPI message passing libraries gave these systems a portable paradigm too. Having programmers effectively use this paradigm is a somewhat different question. Distributed data has to be explicitly transported via the messaging system in order for it to be useful. In high level languages, the MPI librarymore » gives access to data distribution routines in C, C++, and FORTRAN. But we need more than that. Many reasonable and common tasks are best done in (or as extensions to) scripting languages. Consider sysadm tools such as password crackers, file purgers, etc ... These are simple to write in a scripting language such as Python (an open source, portable, and freely available interpreter). But these tasks beg to be done in parallel. Consider the a password checker that checks an encrypted password against a 25,000 word dictionary. This can take around 10 seconds in Python (6 seconds in C). It is trivial to parallelize if you can distribute the information and co-ordinate the work.« less

Computer assisted audit techniques for UNIX (UNIX-CAATS)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Polk, W.T.

1991-12-31

Federal and DOE regulations impose specific requirements for internal controls of computer systems. These controls include adequate separation of duties and sufficient controls for access of system and data. The DOE Inspector General`s Office has the responsibility to examine internal controls, as well as efficient use of computer system resources. As a result, DOE supported NIST development of computer assisted audit techniques to examine BSD UNIX computers (UNIX-CAATS). These systems were selected due to the increasing number of UNIX workstations in use within DOE. This paper describes the design and development of these techniques, as well as the results ofmore » testing at NIST and the first audit at a DOE site. UNIX-CAATS consists of tools which examine security of passwords, file systems, and network access. In addition, a tool was developed to examine efficiency of disk utilization. Test results at NIST indicated inadequate password management, as well as weak network resource controls. File system security was considered adequate. Audit results at a DOE site indicated weak password management and inefficient disk utilization. During the audit, we also found improvements to UNIX-CAATS were needed when applied to large systems. NIST plans to enhance the techniques developed for DOE/IG in future work. This future work would leverage currently available tools, along with needed enhancements. These enhancements would enable DOE/IG to audit large systems, such as supercomputers.« less

Computer assisted audit techniques for UNIX (UNIX-CAATS)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Polk, W.T.

1991-01-01

Federal and DOE regulations impose specific requirements for internal controls of computer systems. These controls include adequate separation of duties and sufficient controls for access of system and data. The DOE Inspector General's Office has the responsibility to examine internal controls, as well as efficient use of computer system resources. As a result, DOE supported NIST development of computer assisted audit techniques to examine BSD UNIX computers (UNIX-CAATS). These systems were selected due to the increasing number of UNIX workstations in use within DOE. This paper describes the design and development of these techniques, as well as the results ofmore » testing at NIST and the first audit at a DOE site. UNIX-CAATS consists of tools which examine security of passwords, file systems, and network access. In addition, a tool was developed to examine efficiency of disk utilization. Test results at NIST indicated inadequate password management, as well as weak network resource controls. File system security was considered adequate. Audit results at a DOE site indicated weak password management and inefficient disk utilization. During the audit, we also found improvements to UNIX-CAATS were needed when applied to large systems. NIST plans to enhance the techniques developed for DOE/IG in future work. This future work would leverage currently available tools, along with needed enhancements. These enhancements would enable DOE/IG to audit large systems, such as supercomputers.« less

Retrospective Attention Gates Discrete Conscious Access to Past Sensory Stimuli.

PubMed

Thibault, Louis; van den Berg, Ronald; Cavanagh, Patrick; Sergent, Claire

2016-01-01

Cueing attention after the disappearance of visual stimuli biases which items will be remembered best. This observation has historically been attributed to the influence of attention on memory as opposed to subjective visual experience. We recently challenged this view by showing that cueing attention after the stimulus can improve the perception of a single Gabor patch at threshold levels of contrast. Here, we test whether this retro-perception actually increases the frequency of consciously perceiving the stimulus, or simply allows for a more precise recall of its features. We used retro-cues in an orientation-matching task and performed mixture-model analysis to independently estimate the proportion of guesses and the precision of non-guess responses. We find that the improvements in performance conferred by retrospective attention are overwhelmingly determined by a reduction in the proportion of guesses, providing strong evidence that attracting attention to the target's location after its disappearance increases the likelihood of perceiving it consciously.

Elementary School Children’s Cheating Behavior and its Cognitive Correlates

PubMed Central

Ding, Xiao Pan; Omrin, Danielle S.; Evans, Angela D.; Fu, Genyue; Chen, Guopeng; Lee, Kang

2014-01-01

Elementary school children’s cheating behavior and its cognitive correlates were investigated using a guessing game. Children (N = 95) between 8 and 12 years of age were asked to guess which side of the screen a coin would appear on and received rewards based on their self-reported accuracy. Children’s cheating behavior was measured by examining whether children failed to adhere to the game rules by falsely reporting their accuracy. Children’s theory-of-mind understanding and executive functioning skills were also assessed. The majority of children cheated during the guessing game, and cheating behavior decreased with age. Children with better working memory and inhibitory control were less likely to cheat. However, among the cheaters, those with greater cognitive flexibility use more tactics while cheating. Results revealed the unique role that executive functioning plays in children’s cheating behavior: Like a double-edged sword, executive functioning can inhibit children’s cheating behavior on the one side, while it can promote the sophistication of children’s cheating tactics on the other. PMID:24464240

Production and discrimination of facial expressions by preschool children.

PubMed

Field, T M; Walden, T A

1982-10-01

Production and discrimination of the 8 basic facial expressions were investigated among 34 3-5-year-old preschool children. The children's productions were elicited and videotaped under 4 different prompt conditions (imitation of photographs of children's facial expressions, imitation of those in front of a mirror, imitation of those when given labels for the expressions, and when given only labels). Adults' "guesses" of the children's productions as well as the children's guesses of their own expressions on videotape were more accurate for the happy than afraid or angry expressions and for those expressions elicited during the imitation conditions. Greater accuracy of guessing by the adult than the child suggests that the children's productions were superior to their discriminations, although these skills appeared to be related. Children's production skills were also related to sociometric ratings by their peers and expressivity ratings by their teachers. These were not related to the child's age and only weakly related to the child's expressivity during classroom free-play observations.

Effects of prospective-user factors and sign design features on guessability of pharmaceutical pictograms.

PubMed

Chan, Alan H S; Chan, Ken W L

2013-02-01

To examine the associations between the guessing performance of 25 pharmaceutical pictograms and five sign features for naïve participants. The effect of prospective-user factors on guessing performance was also investigated. A total of 160 Hong Kong Chinese people, drawn largely from a young student population, guessed the meanings of 25 pharmaceutical pictograms that were generally not familiar to them. Participants then completed a questionnaire about their drug buying and drug label reading habits, and their demographics and medication history. Finally they rated five features (familiarity, concreteness, complexity, meaningfulness, and semantic distance) of the pharmaceutical pictograms using 0-100 scales. For all pharmaceutical pictograms, mean and standard deviation of guessability score were 64.8 and 17.1, respectively. Prospective-user factors of 'occupation', 'age' and 'education level' significantly affected guessing performance. For sign features, semantic closeness was the best predictor of guessability score, followed by simplicity, concreteness, meaningfulness and familiarity. User characteristics and sign features are critical for pharmaceutical pictograms. To be effective, pharmaceutical pictograms should have obvious and direct connections with familiar things and it is recommended that pharmaceutical pictograms should be designed with consideration of the five sign features investigated here. This study provides useful information and recommendations to assist interface designers to create and evaluate icons for pharmaceutical products and to design more user-friendly pharmaceutical pictograms. However, further work is needed to see how older people respond to such pharmaceutical pictograms. Copyright © 2012 Elsevier Ireland Ltd. All rights reserved.

Performance evaluation of algebraic reconstruction technique (ART) for prototype chest digital tomosynthesis (CDT) system

NASA Astrophysics Data System (ADS)

Lee, Haenghwa; Choi, Sunghoon; Jo, Byungdu; Kim, Hyemi; Lee, Donghoon; Kim, Dohyeon; Choi, Seungyeon; Lee, Youngjin; Kim, Hee-Joung

2017-03-01

Chest digital tomosynthesis (CDT) is a new 3D imaging technique that can be expected to improve the detection of subtle lung disease over conventional chest radiography. Algorithm development for CDT system is challenging in that a limited number of low-dose projections are acquired over a limited angular range. To confirm the feasibility of algebraic reconstruction technique (ART) method under variations in key imaging parameters, quality metrics were conducted using LUNGMAN phantom included grand-glass opacity (GGO) tumor. Reconstructed images were acquired from the total 41 projection images over a total angular range of +/-20°. We evaluated contrast-to-noise ratio (CNR) and artifacts spread function (ASF) to investigate the effect of reconstruction parameters such as number of iterations, relaxation parameter and initial guess on image quality. We found that proper value of ART relaxation parameter could improve image quality from the same projection. In this study, proper value of relaxation parameters for zero-image (ZI) and back-projection (BP) initial guesses were 0.4 and 0.6, respectively. Also, the maximum CNR values and the minimum full width at half maximum (FWHM) of ASF were acquired in the reconstructed images after 20 iterations and 3 iterations, respectively. According to the results, BP initial guess for ART method could provide better image quality than ZI initial guess. In conclusion, ART method with proper reconstruction parameters could improve image quality due to the limited angular range in CDT system.

Identification of Arbitrary Zonation in Groundwater Parameters using the Level Set Method and a Parallel Genetic Algorithm

NASA Astrophysics Data System (ADS)

Lei, H.; Lu, Z.; Vesselinov, V. V.; Ye, M.

2017-12-01

Simultaneous identification of both the zonation structure of aquifer heterogeneity and the hydrogeological parameters associated with these zones is challenging, especially for complex subsurface heterogeneity fields. In this study, a new approach, based on the combination of the level set method and a parallel genetic algorithm is proposed. Starting with an initial guess for the zonation field (including both zonation structure and the hydraulic properties of each zone), the level set method ensures that material interfaces are evolved through the inverse process such that the total residual between the simulated and observed state variables (hydraulic head) always decreases, which means that the inversion result depends on the initial guess field and the minimization process might fail if it encounters a local minimum. To find the global minimum, the genetic algorithm (GA) is utilized to explore the parameters that define initial guess fields, and the minimal total residual corresponding to each initial guess field is considered as the fitness function value in the GA. Due to the expensive evaluation of the fitness function, a parallel GA is adapted in combination with a simulated annealing algorithm. The new approach has been applied to several synthetic cases in both steady-state and transient flow fields, including a case with real flow conditions at the chromium contaminant site at the Los Alamos National Laboratory. The results show that this approach is capable of identifying the arbitrary zonation structures of aquifer heterogeneity and the hydrogeological parameters associated with these zones effectively.

Personal Verification/Identification via Analysis of the Peripheral ECG Leads: Influence of the Personal Health Status on the Accuracy

PubMed Central

Bortolan, Giovanni

2015-01-01

Traditional means for identity validation (PIN codes, passwords), and physiological and behavioral biometric characteristics (fingerprint, iris, and speech) are susceptible to hacker attacks and/or falsification. This paper presents a method for person verification/identification based on correlation of present-to-previous limb ECG leads: I (r I), II (r II), calculated from them first principal ECG component (r PCA), linear and nonlinear combinations between r I, r II, and r PCA. For the verification task, the one-to-one scenario is applied and threshold values for r I, r II, and r PCA and their combinations are derived. The identification task supposes one-to-many scenario and the tested subject is identified according to the maximal correlation with a previously recorded ECG in a database. The population based ECG-ILSA database of 540 patients (147 healthy subjects, 175 patients with cardiac diseases, and 218 with hypertension) has been considered. In addition a common reference PTB dataset (14 healthy individuals) with short time interval between the two acquisitions has been taken into account. The results on ECG-ILSA database were satisfactory with healthy people, and there was not a significant decrease in nonhealthy patients, demonstrating the robustness of the proposed method. With PTB database, the method provides an identification accuracy of 92.9% and a verification sensitivity and specificity of 100% and 89.9%. PMID:26568954

Mitigating Inadvertent Insider Threats with Incentives

NASA Astrophysics Data System (ADS)

Liu, Debin; Wang, Xiaofeng; Camp, L. Jean

Inadvertent insiders are trusted insiders who do not have malicious intent (as with malicious insiders) but do not responsibly managing security. The result is often enabling a malicious outsider to use the privileges of the inattentive insider to implement an insider attack. This risk is as old as conversion of a weak user password into root access, but the term inadvertent insider is recently coined to identify the link between the behavior and the vulnerability. In this paper, we propose to mitigate this threat using a novel risk budget mechanism that offers incentives to an insider to behave according to the risk posture set by the organization. We propose assigning an insider a risk budget, which is a specific allocation of risk points, allowing employees to take a finite number of risk-seeking choice. In this way, the employee can complete her tasks without subverting the security system, as with absolute prohibitions. In the end, the organization penalizes the insider if she fails to accomplish her task within the budget while rewards her in the presence of a surplus. Most importantly. the risk budget requires that the user make conscious visible choices to take electronic risks. We describe the theory behind the system, including specific work on the insider threats. We evaluated this approach using human-subject experiments, which demonstrate the effectiveness of our risk budget mechanism. We also present a game theoretic analysis of the mechanism.

Personal Verification/Identification via Analysis of the Peripheral ECG Leads: Influence of the Personal Health Status on the Accuracy.

PubMed

Jekova, Irena; Bortolan, Giovanni

2015-01-01

Traditional means for identity validation (PIN codes, passwords), and physiological and behavioral biometric characteristics (fingerprint, iris, and speech) are susceptible to hacker attacks and/or falsification. This paper presents a method for person verification/identification based on correlation of present-to-previous limb ECG leads: I (r I), II (r II), calculated from them first principal ECG component (r PCA), linear and nonlinear combinations between r I, r II, and r PCA. For the verification task, the one-to-one scenario is applied and threshold values for r I, r II, and r PCA and their combinations are derived. The identification task supposes one-to-many scenario and the tested subject is identified according to the maximal correlation with a previously recorded ECG in a database. The population based ECG-ILSA database of 540 patients (147 healthy subjects, 175 patients with cardiac diseases, and 218 with hypertension) has been considered. In addition a common reference PTB dataset (14 healthy individuals) with short time interval between the two acquisitions has been taken into account. The results on ECG-ILSA database were satisfactory with healthy people, and there was not a significant decrease in nonhealthy patients, demonstrating the robustness of the proposed method. With PTB database, the method provides an identification accuracy of 92.9% and a verification sensitivity and specificity of 100% and 89.9%.

Password Protection Act of 2013

THOMAS, 113th Congress

Rep. Perlmutter, Ed [D-CO-7

2013-05-21

House - 06/14/2013 Referred to the Subcommittee on Crime, Terrorism, Homeland Security, and Investigations. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

Technology Insertion (TI)/Industrial Process Improvement (IP) Task Order Number 18. Contract Summary Report/Quick Fix Plan for OO-ALC (Optical Repair).

DTIC Science & Technology

1991-01-30

states that continual education and training at all levels of the company is the most important element in enabling companies to gain competitive...staked on information known to be inaccurate and educated guesses from the same people who provided much of the original inaccurate information. The second... educated guesses. 7.1.2.6 Implementation Cost/Schedule Refer to Paragraph 7.1.1.6. 7.1-8 TASK ORDER NO. 18 PROCESS CHARACTERIZATION SCHEDULER RECEIVES ITEM

A comparison of methods for estimating the weight of preterm infants.

PubMed

Elser, A S; Vessey, J A

1995-09-01

Four methods of predicting a preterm infant's weight (upper mid-arm circumference, gestational age, tape measure nomogram, and guessing) were investigated to see which was the most accurate. The weights of 37 preterm neonates were initially guessed by an experienced clinician, then estimated by the other three approaches applied in a random order, and then confirmed through actual weighing. The correlations between the four estimated weights and the actual weights were .96, .84, .97, and .98, respectively. The tape measure nomogram method was the best overall approach for clinical use.

Autonomous Adaptation and Collaboration of Unmanned Vehicles for Tracking Submerged Contacts

DTIC Science & Technology

2012-06-01

filter: CRS RANGE REPORT =”name=archie,range=23.4,target= jackal ,time=2342551.213” • Line 8: ping wait is the time delay between range pulses. • Line 13: rn...uFldContactRangeSensor Settings 1: ProcessConfig = uFldContactRangeSensor 2: { 3: AppTick = 4 4: CommsTick = 4 5: 6: reply distance = jackal = 50 7: reach distance...REPORT = CRS RANGE REPORT 8: MY SHIP = archie 9: MY FRIEND = betty 10: MY CONTACT = jackal 11: MY BEST GUESS = besttarget 12: MY AVG GUESS = avgtarget 13

Exercise and Pulmonary Hypertension (PH)

MedlinePlus

... with PAH Consensus Statement Issued by the Scientific Leadership Council DISCLAIMER: This information is for general information ... on our new PHPN/PHCR or Support Group Leadership Institute portal? Reset your password here . Login Username ...

HEP Computing

Science.gov Websites

Domain (One password used for computer logins, e-mail logins, VPN, and many other internal Argonne web see this page.). NEW!! Click here for instructions on how to setup publickey (passwordless) logins to

75 FR 52394 - Privacy Act of 1974, as Amended

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-25

... Responsibilities for Maintaining Records About Individuals, dated February 8, 1996. The system notice is published..., DC and Fort Worth, Texas facilities. Desktop PCs are password controlled by users. Retention and...

Password Protection Act of 2012

THOMAS, 112th Congress

Sen. Blumenthal, Richard [D-CT

2012-05-09

Senate - 05/09/2012 Read twice and referred to the Committee on Health, Education, Labor, and Pensions. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

Password Protection Act of 2013

THOMAS, 113th Congress

Sen. Blumenthal, Richard [D-CT

2013-08-01

Senate - 08/01/2013 Read twice and referred to the Committee on Health, Education, Labor, and Pensions. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

LPJ-GUESS Simulated North America Vegetation for 21-0 ka Using the TraCE-21ka Climate Simulation

NASA Astrophysics Data System (ADS)

Shafer, S. L.; Bartlein, P. J.

2016-12-01

Transient climate simulations that span multiple millennia (e.g., TraCE-21ka) have become more common as computing power has increased, allowing climate models to complete long simulations in relatively short periods of time (i.e., months). These climate simulations provide information on the potential rate, variability, and spatial expression of past climate changes. They also can be used as input data for other environmental models to simulate transient changes for different components of paleoenvironmental systems, such as vegetation. Long, transient paleovegetation simulations can provide information on a range of ecological processes, describe the spatial and temporal patterns of changes in species distributions, and identify the potential locations of past species refugia. Paleovegetation simulations also can be used to fill in spatial and temporal gaps in observed paleovegetation data (e.g., pollen records from lake sediments) and to test hypotheses of past vegetation change. We used the TraCE-21ka transient climate simulation for 21-0 ka from CCSM3, a coupled atmosphere-ocean general circulation model. The TraCE-21ka simulated temperature, precipitation, and cloud data were regridded onto a 10-minute grid of North America. These regridded climate data, along with soil data and atmospheric carbon dioxide concentrations, were used as input to LPJ-GUESS, a general ecosystem model, to simulate North America vegetation from 21-0 ka. LPJ-GUESS simulates many of the processes controlling the distribution of vegetation (e.g., competition), although some important processes (e.g., dispersal) are not simulated. We evaluate the LPJ-GUESS-simulated vegetation (in the form of plant functional types and biomes) for key time periods and compare the simulated vegetation with observed paleovegetation data, such as data archived in the Neotoma Paleoecology Database. In general, vegetation simulated by LPJ-GUESS reproduces the major North America vegetation patterns (e.g., forest, grassland) with regional areas of disagreement between simulated and observed vegetation. We describe the regions and time periods with the greatest data-model agreement and disagreement, and discuss some of the strengths and weaknesses of both the simulated climate and simulated vegetation data.

Tardive Dyskinesia

MedlinePlus

... Search form Sorry, we didn't find an account with that username and password. Please try again. Close Sign In to myNAMI signin form Forgot Sign In Create an Account Logging in... Learn More Find Support Get Involved ...

Lung Transplantation in Patients with Pulmonary Hypertension

MedlinePlus

... Pulmonary Hypertension Consensus Statements Issued by the Scientific Leadership Council Download & Print PDF DISCLAIMER: This information is ... on our new PHPN/PHCR or Support Group Leadership Institute portal? Reset your password here . Login Username ...

Cerebral and Sinus Vein Thrombosis

MedlinePlus

... Disclosures Footnotes References Figures & Tables Info & Metrics eLetters Article Tools Print Citation Tools Cerebral and Sinus Vein ... Remember my user name & password. Submit Share this Article Email Thank you for your interest in spreading ...

Screening for Peripheral Artery Disease

MedlinePlus

... Disclosures Acknowledgments Footnotes Figures & Tables Info & Metrics eLetters Article Tools Print Citation Tools Screening for Peripheral Artery ... Remember my user name & password. Submit Share this Article Email Thank you for your interest in spreading ...

HEP Computing

Science.gov Websites

Service Request Password Help New Users Back to HEP Computing Mail-Migration Procedure on Linux Mail -Migration Procedure on Windows How to Migrate a Folder to GMail using Pine U.S. Department of Energy The

Find a Physical Medicine & Rehabilitation Physician

MedlinePlus

... password Create a new account American Academy of Physical Medicine and Rehabilitation 9700 W. Bryn Mawr Ave ... Physiatry About Physiatry History of the Specialty About Physical Medicine and Rehabilitation Find a PM&R Physician ...

American Association on Intellectual and Developmental Disabilities

MedlinePlus

... Password Education Webinars Annual Conference 2018 Call for Papers SECP Opportunities Exhibits and Sponsorship Hotel & Travel Registration ... Material Transition Planning SIS-A SIS-C White Papers International SIS Use Order SIS-A Contact Us ...

Society of NeuroInterventional Surgery

MedlinePlus

... Find A Doctor / In the News / SNIS Foundation / Login Membership Login Join Today SNIS Connect Getting Started on SNIS ... SNIS Members Area Remember Me > Forget your password? > Login > Not a Member? SNIS Foundation > SNIS Foundation Publications ...

Survey of methods for secure connection to the internet

NASA Astrophysics Data System (ADS)

Matsui, Shouichi

1994-04-01

This paper describes a study of a security method of protecting inside network computers against outside miscreants and unwelcome visitors and a control method when these computers are connected with the Internet. In the present Internet, a method to encipher all data cannot be used, so that it is necessary to utilize PEM (Privacy Enhanced Mail) capable of the encipherment and conversion of secret information. For preventing miscreant access by eavesdropping password, one-time password is effective. The most cost-effective method is a firewall system. This system lies between the outside and inside network. By limiting computers that directly communicate with the Internet, control is centralized and inside network security is protected. If the security of firewall systems is strictly controlled under correct setting, security within the network can be secured even in open networks such as the Internet.

Loss of information in quantum guessing game

NASA Astrophysics Data System (ADS)

Plesch, Martin; Pivoluska, Matej

2018-02-01

Incompatibility of certain measurements—impossibility of obtaining deterministic outcomes simultaneously—is a well known property of quantum mechanics. This feature can be utilized in many contexts, ranging from Bell inequalities to device dependent QKD protocols. Typically, in these applications the measurements are chosen from a predetermined set based on a classical random variable. One can naturally ask, whether the non-determinism of the outcomes is due to intrinsic hiding property of quantum mechanics, or rather by the fact that classical, incoherent information entered the system via the choice of the measurement. Authors Rozpedek et al (2017 New J. Phys. 19 023038) examined this question for a specific case of two mutually unbiased measurements on systems of different dimensions. They have somewhat surprisingly shown that in case of qubits, if the measurements are chosen coherently with the use of a controlled unitary, outcomes of both measurements can be guessed deterministically. Here we extend their analysis and show that specifically for qubits, measurement result for any set of measurements with any a priori probability distribution can be faithfully guessed by a suitable state preparation and measurement. We also show that up to a small set of specific cases, this is not possible for higher dimensions. This result manifests a deep difference in properties of qubits and higher dimensional systems and suggests that these systems might offer higher security in specific cryptographic protocols. More fundamentally, the results show that the impossibility of predicting a result of a measurement is not caused solely by a loss of coherence between the choice of the measurement and the guessing procedure.

Run-length encoding graphic rules, biochemically editable designs and steganographical numeric data embedment for DNA-based cryptographical coding system.

PubMed

Kawano, Tomonori

2013-03-01

There have been a wide variety of approaches for handling the pieces of DNA as the "unplugged" tools for digital information storage and processing, including a series of studies applied to the security-related area, such as DNA-based digital barcodes, water marks and cryptography. In the present article, novel designs of artificial genes as the media for storing the digitally compressed data for images are proposed for bio-computing purpose while natural genes principally encode for proteins. Furthermore, the proposed system allows cryptographical application of DNA through biochemically editable designs with capacity for steganographical numeric data embedment. As a model case of image-coding DNA technique application, numerically and biochemically combined protocols are employed for ciphering the given "passwords" and/or secret numbers using DNA sequences. The "passwords" of interest were decomposed into single letters and translated into the font image coded on the separate DNA chains with both the coding regions in which the images are encoded based on the novel run-length encoding rule, and the non-coding regions designed for biochemical editing and the remodeling processes revealing the hidden orientation of letters composing the original "passwords." The latter processes require the molecular biological tools for digestion and ligation of the fragmented DNA molecules targeting at the polymerase chain reaction-engineered termini of the chains. Lastly, additional protocols for steganographical overwriting of the numeric data of interests over the image-coding DNA are also discussed.

US Astronomers Access to SIMBAD in Strasbourg

NASA Technical Reports Server (NTRS)

Oliversen, Ronald (Technical Monitor); Eichhorn, Guenther

2004-01-01

During the last year the US SIMBAD Gateway Project continued to provide services like user registration to the US users of the SIMBAD database in France. Currently there are over 4500 US users registered. We also provided user support by answering questions from users and handling requests for lost passwords when still necessary. Even though almost all users now access SIMBAD without a password, based on hostnames/IP addresses, there are still some users that need individual passwords. We continued to maintain the mirror copy of the SIMBAD database on a server at SAO. This allows much faster access for the US users. During the past year we again moved this mirror to a faster server to improve access for the US users. We again supported a demonstration of the SIMBAD database at the meeting of the American Astronomical Society in January. We provided support for the demonstration activities at the SIMBAD booth. We paid part of the fee for the SIMBAD demonstration. We continued to improve the cross-linking between the SIMBAD project and the Astrophysics Data System. This cross-linking between these systems is very much appreciated by the users of both the SIMBAD database and the ADS Abstract Service. The mirror of the SIMBAD database at SA0 makes this connection faster for the US astronomers. We exchange information between the ADS and SIMBAD on a daily basis. During the last year we also installed a mirror copy of the Vizier system from the CDS, in addition to the SIMBAD mirror.

Elementary school children's cheating behavior and its cognitive correlates.

PubMed

Ding, Xiao Pan; Omrin, Danielle S; Evans, Angela D; Fu, Genyue; Chen, Guopeng; Lee, Kang

2014-05-01

Elementary school children's cheating behavior and its cognitive correlates were investigated using a guessing game. Children (n=95) between 8 and 12 years of age were asked to guess which side of the screen a coin would appear on and received rewards based on their self-reported accuracy. Children's cheating behavior was measured by examining whether children failed to adhere to the game rules by falsely reporting their accuracy. Children's theory-of-mind understanding and executive functioning skills were also assessed. The majority of children cheated during the guessing game, and cheating behavior decreased with age. Children with better working memory and inhibitory control were less likely to cheat. However, among the cheaters, those with greater cognitive flexibility use more tactics while cheating. Results revealed the unique role that executive functioning plays in children's cheating behavior: Like a double-edged sword, executive functioning can inhibit children's cheating behavior, on the one hand, while it can promote the sophistication of children's cheating tactics, on the other. Crown Copyright © 2013. Published by Elsevier Inc. All rights reserved.

Logical synchronization: how evidence and hypotheses steer atomic clocks

NASA Astrophysics Data System (ADS)

Myers, John M.; Madjid, F. Hadi

2014-05-01

A clock steps a computer through a cycle of phases. For the propagation of logical symbols from one computer to another, each computer must mesh its phases with arrivals of symbols from other computers. Even the best atomic clocks drift unforeseeably in frequency and phase; feedback steers them toward aiming points that depend on a chosen wave function and on hypotheses about signal propagation. A wave function, always under-determined by evidence, requires a guess. Guessed wave functions are coded into computers that steer atomic clocks in frequency and position—clocks that step computers through their phases of computations, as well as clocks, some on space vehicles, that supply evidence of the propagation of signals. Recognizing the dependence of the phasing of symbol arrivals on guesses about signal propagation elevates `logical synchronization.' from its practice in computer engineering to a dicipline essential to physics. Within this discipline we begin to explore questions invisible under any concept of time that fails to acknowledge the unforeseeable. In particular, variation of spacetime curvature is shown to limit the bit rate of logical communication.

On the asymptotic standard error of a class of robust estimators of ability in dichotomous item response models.

PubMed

Magis, David

2014-11-01

In item response theory, the classical estimators of ability are highly sensitive to response disturbances and can return strongly biased estimates of the true underlying ability level. Robust methods were introduced to lessen the impact of such aberrant responses on the estimation process. The computation of asymptotic (i.e., large-sample) standard errors (ASE) for these robust estimators, however, has not yet been fully considered. This paper focuses on a broad class of robust ability estimators, defined by an appropriate selection of the weight function and the residual measure, for which the ASE is derived from the theory of estimating equations. The maximum likelihood (ML) and the robust estimators, together with their estimated ASEs, are then compared in a simulation study by generating random guessing disturbances. It is concluded that both the estimators and their ASE perform similarly in the absence of random guessing, while the robust estimator and its estimated ASE are less biased and outperform their ML counterparts in the presence of random guessing with large impact on the item response process. © 2013 The British Psychological Society.

National Association of Pediatric Nurse Practitioners

MedlinePlus

... Your Source for Pediatric CE Check out PedsCE today! P resident's Message PedsCE SM NAPNAP Partners for ... Log in Forgot Username/Password | Join JOIN NAPNAP TODAY! Become a Member Corporate Circle Members See All ...

Sleeping Pills for Insomnia: Which Ones Work Best?

MedlinePlus

... Student Debt Special Report All Money More on Money Best & Worst Banks According to Consumer Reports Members ... 333-0663 Join Consumer Reports Basic Membership is FREE. Show Password By clicking "Become a Member" you ...

Advanced Password Tips and Tricks

MedlinePlus

... email Looking for business guidance on privacy and security? Get Email Updates Blog Feed Facebook YouTube Twitter The Federal Trade Commission (FTC) is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive ...