首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到20条相似文献,搜索用时 0 毫秒
1.
    
The concept of multi‐server authentication includes multiple numbers of application servers. The registration/control server is the central point in such environment to provide smooth services to a limited number of legitimate users. However, this type of environment is inappropriate to handle unlimited users since the number of users may grow, and thus, the response time may be very high. To eliminate these shortcomings, we have modified the existing multi‐server authentication architecture and then designed a new scheme by including multiregistration server technique that can provide a smooth environment to support unlimited number of users. The main aspect of our design is to provide a secure authentication environment for multi‐server application using password and smartcard so that the participants can securely communicate with each other. The simulation results are obtained by executing our protocol using AVISPA tool. The results provide concrete evidence about the security safety against active and passive attacks. Furthermore, the justification of correctness of the freshness of the session key negotiation and the mutual authentication between the participants has done been evaluated with the BAN logic model. The comprehensive comparative analysis justifies our argument that our protocol has better applicability in multi‐server environments compared to other protocols with similar nature.  相似文献   

2.
    
A telecare medicine information system (TMIS) helps in providing an efficient communication platform to patients from home to consult doctors at a clinical center. In TMIS, the patient's confidentiality, security, and mutual authentication are very crucial; so remote authentication plays a vital role for verifying the legitimacy of patients. Recently, Amin and Biswas have devised a remote authentication protocol for TMIS, claiming it to be secured from various malicious vulnerabilities. We examine this protocol and find that it is not able to withstand many attacks that include off‐line and online password‐guessing, identity‐guessing, user impersonation, privileged insider, and known session key temporary information attacks. We propose a 3‐factor–based authentication protocol for TMIS by overcoming these security shortcomings. We present its security verification in formal and informal ways, which assert its resistivity against various security threats. We use the Burrows‐Abadi‐Needham logic for validating it, and with the Automated Validation of Internet Security Protocols and Applications tool, it is simulated. Further, the performance evaluation and the security functionalities justify high degree of security with efficient complexity.  相似文献   

3.
    
Recently, Li et al have developed a smartcard‐based remote user authentication scheme in multiserver environment. They have claimed that their scheme is secured against some possible cryptographic attacks. However, we have analyzed that the scheme of Li et al cannot preserve all the proclaimed security goals, which are given as follows: (1) It is not withstanding password‐guessing, user impersonation, insider, and smartcard theft attacks, and (2) it fails to facilitate user anonymity property. To remedy these above‐mentioned security flaws, we have proposed an efficient three factor–based authentication scheme in a multiserver environment using elliptic curve cryptography. The Burrows‐Abadi‐Needham logic is used to confirm the security validation of our scheme, which ensures that it provides mutual‐authentication and session‐key agreement securely. Then, the random oracle model is also considered to analyze the proposed scheme, and it shows that the backbone parameters, ie, identity, password, biometrics, and the session key, are secure from an adversary. Further, the informal security analysis confirms that the suggested scheme can withstand against some possible mentioned attacks. Later, the Automated Validation of Internet Security Protocols and Applications tool is incorporated to ensure its security against passive and active attacks. Finally, the performance comparison of the scheme is furnished to confirm its enhanced security with other relevant schemes.  相似文献   

4.
    
To attain ubiquitous connectivity of everything, Internet of Things (IoT) systems must include “multimedia things.” Internet of Multimedia Things (IoMT) is a heterogeneous network of smart multimedia things connected together and with other physical devices to the Internet so as to achieve globally available multimedia services and applications. Due to the ever increasing amount of multimedia data in IoT environments, securing these systems becomes crucial. This is because these systems are easily susceptible to attacks when information or any service is accessed by the users. In this paper, we propose a secure three‐factor remote user authentication scheme for IoMT systems using ECC. The formal security proof performed using ROR model and BAN logic confirms that an attacker will not be able to extract sensitive user information. Through informal security analysis, we justify the resistance of the scheme against several security attacks. The performance comparison shows that the scheme is efficient in terms of computational cost, security features, and attack resistance. Furthermore, simulation of the scheme using AVISPA and Proverif proves that the scheme is secure against all active and passive attacks.  相似文献   

5.
    
In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3‐factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource‐constrained sensor nodes, as it uses efficient 1‐way cryptographic hash function and bitwise exclusive‐OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows‐Abadi‐Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well‐known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme.  相似文献   

6.
    
The Global Mobility Network (GLOMONET) is rapidly becoming important as well as a popular feature in today's high‐performance network. The legal mobile users enjoy life using the ubiquitous services via GLOMONET. However, because of the broadcast nature of the wireless channel, providing user authentication along with the privacy and anonymity of the users in GLOMONET is indeed a challenging task. In this article, we come up with a secure and expeditious mobile communication environment using symmetric key cryptosystem to ensure mobile users' anonymity and privacy against eavesdroppers and backward/forward secrecy of the session key. Our scheme can also protect numerous security threats, like man‐in‐the‐middle attack, known session key attack, lost smartcard attack, and forgery attack. Furthermore, we put forward a new technique named as “friendly foreign agent policy,” where many foreign agents can make different groups among themselves and perform important responsibilities to authenticate a legitimate mobile user without interfering his or her home agent even though the mobile user moves to a new location, covered by a new foreign agent (belongs to the same group). Security and performance analyses show that the proposed scheme is secure and more efficient as compared with other competitive schemes for GLOMONET environments.  相似文献   

7.
    
A new efficient identity-based message authentication scheme for VANET was proposed. The proposed scheme decreased the complexity of cryptographic operations on signature by using elliptic curve cryptosystem (ECC) to construct authentication protocol without bilinear pairing and provided the function of conditional privacy-preserving. Security analysis demonstrated that the proposed scheme satisfies all security and privacy requirements for VANET. Per-formance analysis show that compared with the most recent proposed schemes the proposed scheme decreases the com-putation cost and communication cost.  相似文献   

8.
    
Payment methods using mobile devices instead of using traditional methods (cash, credit card, etc) has been gaining popularity all over the world. The ubiquitous nature of smartphones and tablets has widened the ambit for using these devices for payments and other daily life activities. Recent advancements in mobile technology along with the convenience of mobile devices made these applications possible. Despite the worldwide user adoption of mobile applications, security is the key challenge in mobile banking and payments system. Mobile payments systems need to be very efficient and provide utmost security endlessly. State‐of‐the‐art mobile payment systems need the physical presence of a merchant agent to make a payment. In this article, we had described in detail about the design and implementation of a mobile payments application, used to make in‐store purchases and make secure payments without any physical presence of a cashier or a merchant agent. We proposed a novel privacy‐preserving and secure authentication algorithm to make mobile payments using biometrics. The analysis and experimental results show the reliability and efficiency of our proposed solution.  相似文献   

9.
    
Initially, Internet has evolved as a resource sharing model where resources are identified by IP addresses. However, with rapid technological advancement, resources/hardware has become cheap and thus, the need of sharing hardware over Internet is reduced. Moreover, people are using Internet mainly for information exchange and hence, Internet has gradually shifted from resource sharing to information sharing model. To meet the recent growing demand of information exchange, Content Centric Network (CCN) is envisaged as a clean‐slate future network architecture which is specially destined for smooth content distribution over Internet. In CCN, content is easily made available using network caching mechanism which is misaligned with the existing business policy of content providers/publishers in IP‐based Internet. Hence, the transition from contemporary IP‐based Internet to CCN demands attention for redesigning the business policy of the content publishers/providers. In this paper, we have proposed efficient and secure communication protocols for flexible CCN business model to protect the existing business policies of the content publisher while maintaining the salient CCN features like in‐network content caching and Interest packet aggregation. To enhance the efficiency and security, the Elliptic Curve Cryptography (ECC) is used. The proposed ECC‐based scheme is analyzed to show that it is resilient to relevant existing cryptographic attacks. The performance analysis in terms of less computation and communication overheads and increased efficiency is given. Moreover, a formal security verification of the proposed scheme is done using widely used AVISPA simulator and BAN logic that shows our scheme is well secured.  相似文献   

10.
    
Application of authentication protocol and key exchange scheme are major research issues in current internet, and entity identification (users or servers) accuracy and security are thereby safeguarded by various types of verification programs. Therefore, in the last 10 years, it was accompanied with productive discussions, but those discussions mainly focus on single issues, and because of the lack of security, there still existed improvements. The concept of zero‐knowledge proofs is well suited for the identification and signing within network system, which has been widely used since proposed in 1985. However, common identification methods are only fit for individual user. In an increasingly complex network environment of today, information is usually conveyed through many unidentified servers, as a result, we have to encrypt messages by adopting different kinds of session keys. As for the chaotic maps technology, it also serves as a new encryption technology, widely adopted in communication protocols and key agreements over the years. As a consequence, in this study, we are going to propose an authentication protocol with key exchange function by taking advantage of characters of zero‐knowledge proofs and chaotic maps, as well as adopt the BAN‐logic to prove the security of this protocol. This study also compares the results of the security analysis of our protocol and related works. As a result, our proposed protocol has more security than others. Copyright © 2015 John Wiley & Sons, Ltd.  相似文献   

11.
    
In this paper, we propose a novel multidimensional privacy‐preserving data aggregation scheme for improving security and saving energy consumption in wireless sensor networks (WSNs). The proposed scheme integrates the super‐increasing sequence and perturbation techniques into compressed data aggregation, and has the ability to combine more than one aggregated data into one. Compared with the traditional data aggregation schemes, the proposed scheme not only enhances the privacy preservation in data aggregation, but also is more efficient in terms of energy costs due to its unique multidimensional aggregation. Extensive analyses and experiments are given to demonstrate its energy efficiency and practicability. Copyright © 2009 John Wiley & Sons, Ltd.  相似文献   

12.
  相似文献   

13.
    
Advanced resource management schemes are required for broadband multimedia satellite networks to provide efficient and fair resource allocation while delivering guaranteed quality of service (QoS) to a potentially very large number of users. Such resource management schemes must provide well‐defined service segregation to the different traffic flows of the satellite network, and they must be integrated with some connection admission control (CAC) process at least for the flows requiring QoS guarantees. Weighted fair bandwidth‐on‐demand (WFBoD) is a resource management process for broadband multimedia geostationary (GEO) satellite systems that provides fair and efficient resource allocation coupled with a well‐defined MAC‐level QoS framework (compatible with ATM and IP QoS frameworks) and a multi‐level service segregation to a large number of users with diverse characteristics. WFBoD is also integrated with the CAC process. In this paper, we analyse via extensive simulations the WFBoD process in a bent‐pipe satellite network. Our results show that WFBoD can be used to provide guaranteed QoS for both non‐real‐time and real‐time variable bit rate (VBR) flows. Our results also show how to choose the main parameters of the WFBoD process depending on the system parameters and on the traffic characteristics of the flows. Copyright © 2005 John Wiley & Sons, Ltd.  相似文献   

14.
    
Searchable encryption scheme‐based ciphertext‐policy attribute‐based encryption (CP‐ABE) is a effective scheme for providing multiuser to search over the encrypted data on cloud storage environment. However, most of the existing search schemes lack the privacy protection of the data owner and have higher computation time cost. In this paper, we propose a multiuser access control searchable privacy‐preserving scheme in cloud storage. First, the data owner only encrypts the data file and sets the access control list of multiuser and multiattribute for search data file. And the computing operation, which generates the attribute keys of the users' access control and the keyword index, is given trusted third party to perform for reducing the computation time of the data owner. Second, using CP‐ABE scheme, trusted third party embeds the users' access control attributes into their attribute keys. Only when those embedded attributes satisfy the access control list, the ciphertext can be decrypted accordingly. Finally, when the user searches data file, the keyword trap door is no longer generated by the user, and it is handed to the proxy server to finish. Also, the ciphertext is predecrypted by the proxy sever before the user performs decryption. In this way, the flaw of the client's limited computation resource can be solved. Security analysis results show that this scheme has the data privacy, the privacy of the search process, and the collusion‐resistance attack, and experimental results demonstrate that the proposed scheme can effectively reduce the computation time of the data owner and the users.  相似文献   

15.
The multi‐layer advanced high‐performance bus (ML‐AHB) BusMatrix proposed by ARM is an excellent architecture for applying embedded systems with low power. However, there is one clock cycle delay for each master in the ML‐AHB BusMatrix of the advanced microcontroller bus architecture (AMBA) design kit (ADK) whenever a master starts new transactions or changes the slave layers. In this letter, we propose an improved design method to remove the one clock cycle delay in the ML‐AHB BusMatrix of an ADK. We also remarkably reduce the total area and power consumption of the ML‐AHB BusMatrix of an ADK with the elimination of the heavy input stages.  相似文献   

16.
The Digital Audio‐Visual Council has adopted the Request/Reply (RQRP) protocol, proposed by one of the authors, for the delivery mechanism of MPEG video streams. In this paper, we investigate the network characteristics of the RQRP protocol and analyse the protocol's performance via both simulation as well as actual experimental results. In this simulation, the RQRP protocol was mathematically an ideal model first and later, a feedback control system. Simulation results showed that, for both models, the network traffic is able to follow the playout rate at the receiver. In the case of the latter, which involves a simpler implementation, oscillation in network traffic is observed. A video‐on‐demand (VoD) system using the RQRP protocol was developed and experiments were performed. The results obtained are consistent with the simulation results. Copyright © 2001 John Wiley & Sons, Ltd.  相似文献   

17.
新一代SDH关键技术和动态带宽分配的实现   总被引:2,自引:0,他引:2  
首先介绍了为解决传说SDH传输技术存在的多业务(主要是宽带数据业务)承载能力不足和带宽分配缺乏灵活性等问题而出现的一系列新技术(如虚级联、链路容量调整方案,通用成帧规程等)的基本原理和特点,并在此基础上进一步讨论了如何实现SDH带宽动态分配的问题。  相似文献   

18.
    
Geographically distributed data centers are interconnected through provisioned dedicated WAN links, realized by circuit/wavelength–switching that support large‐scale data transfer between data centers. These dedicated WAN links are typically shared by multiple services through on‐demand and in‐advance resource reservations, resulting in varying bandwidth availability in future time periods. Such an inter‐data center network provides a dynamic and virtualized environment when augmented with cloud infrastructure supporting end‐host migration. In such an environment, dynamically provisioned network resources are recognized as extremely useful capabilities for many types of network services. However, the existing approaches to in‐advance reservation services provide limited reservation capabilities, eg, limited connections over links returned by the traceroute over traditional IP‐based networks. Moreover, most existing approaches do not address fault tolerance in the event of node or link failures and do not handle end‐host migrations; thus, they do not provide a reliability guarantee for in‐advance reservation frameworks. In this paper, we propose using multiple paths to increase bandwidth usage in the WAN links between data centers when a single path does not provide the requested bandwidth. Emulation‐based evaluations of the proposed path computation show a higher reservation acceptance rate compared to state‐of‐art reservation frameworks, and such computed paths can be configured with a limited number of static forwarding rules on switches. Our prototype provides the RESTful Web service interface for link‐fail and end‐host migration event management and reroutes paths for all the affected reservations.  相似文献   

19.
Most demand assignment time division multiple access (TDMA) satellite access protocols use centralized-control access schemes, rather than distributed ones, because their simplicity and robustness usually compensates for the longer allocation delay. Starting from the fifo ordered demand assignment/information bit energy adapter (FODA/IBEA) centralized-control protocol, we studied two distributed-control protocols, named distributed allocation with request in fixed slots (DRIFS) and faded environments effective distributed engineering redundant signalling (FEEDERS) respectively, for accessing a geostationary satellite channel. Multimedia traffic and faded environments were considered in the study of both access schemes. This paper presents the DRIFS proposal, together with the recovery procedures from critical events, the handling of which is central to the discussion of a distributed satellite access protocol. Probabilities of such events are also estimated. © 1997 John Wiley & Sons, Ltd.  相似文献   

20.
Effective integration of molecular self‐assembly and additive manufacturing would provide a technological leap in bioprinting. This article reports on a biofabrication system based on the hydrodynamically guided co‐assembly of peptide amphiphiles (PAs) with naturally occurring biomolecules and proteins to generate hierarchical constructs with tuneable molecular composition and structural control. The system takes advantage of droplet‐on‐demand inkjet printing to exploit interfacial fluid forces and guide molecular self‐assembly into aligned or disordered nanofibers, hydrogel structures of different geometries and sizes, surface topographies, and higher‐ordered constructs bound by molecular diffusion. PAs are designed to co‐assemble during printing in cell diluent conditions with a range of extracellular matrix (ECM) proteins and biomolecules including fibronectin, collagen, keratin, elastin‐like proteins, and hyaluronic acid. Using combinations of these molecules, NIH‐3T3 and adipose derived stem cells are bioprinted within complex structures while exhibiting high cell viability (>88%). By integrating self‐assembly with 3D‐bioprinting, the study introduces a novel biofabrication platform capable of encapsulating and spatially distributing multiple cell types within tuneable pericellular environments. In this way, the work demonstrates the potential of the approach to generate complex bioactive scaffolds for applications such as tissue engineering, in vitro models, and drug screening.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号