共查询到20条相似文献,搜索用时 109 毫秒
1.
2.
3.
研究了软件锁常用的实现方法,提出了利用计算机硬件设备内部指纹信息作为软件钥匙进行身份认证的设计思想.软件开发时,将需要随软件分发给用户的硬件设备分别采集其指纹信息并嵌入到程序内部;软件应用时,自动检测指定硬件设备的指纹信息,通过与软件内部嵌入的已知指纹信息进行比对,实现软件锁的钥匙功能.实践表明,该方法设计简单,使用方便,可以代替某些专用硬件加密设备,达到较高强度的身份认证效果. 相似文献
4.
本文针对民航信息系统安全提出了基于指纹身份认证的管理解决方案,可提供匿名认证又可进行真实身份的审核校验,临时用户角色动态绑定和访问管理机制,避免了传统AIS管理中暴露固定用户登录和身份偷换替代的可能,降低了用户身份篡改和暴力破解导致的信息泄露等风险,为AIS安全领域提供较高级别的解决思路和方案. 相似文献
5.
6.
针对视频完整性和版权保护的安全需求,为了保障视频的真实性和合法性,提出了一种基于空时特征的指纹算法。算法借鉴了视觉哈希的思想,利用视频内运动和变化的信息来生成内容特征,并通过MD5哈希算法将特征和用户私钥生成指纹信息。算法利用改进的H.264扩频水印方案,将指纹信息嵌入视频帧中,实现了H.264视频内容完整性的认证,并能在存在篡改的情况下有效识别视频中被篡改帧在序列中的位置。 相似文献
7.
8.
引 言随着信息的频繁交换,对信息使用者和信息提供者身份的认证,以及他们对信息接入的控制已经成为现在信息应用领域不可缺少的部分。公钥基础设施PKI向信息使用者和提供者提供了认证功能。但是由于PKI在实际应用中暴露出来的种种弊端,产生了特权管理基础设施PMI(PrivilegeManagement Infrastructure)机制,它提供了对信息的接入控制。信息访问模型对于传统的信息访问模型(如图1所示),认证和授权功能都嵌在应用(应用是提供特定功能的程序集合)的内部,这样不但增加了应用的复杂性,而且,对于用户来说,需要设定多个用户名和口令,并且还需… 相似文献
9.
10.
11.
12.
One-pass GPRS and IMS authentication procedure for UMTS 总被引:6,自引:0,他引:6
Yi-Bing Lin Ming-Feng Chang Meng-Ta Hsu Lin-Yi Wu 《Selected Areas in Communications, IEEE Journal on》2005,23(6):1233-1239
Universal Mobile Telecommunications System (UMTS) supports Internet protocol (IP) multimedia services through IP multimedia core network subsystem (IMS). Since the IMS information is delivered through the general packet radio service (GPRS) transport network, a UMTS mobile station (MS) must activate GPRS packet data protocol (PDP) context before it can register to the IMS network. In the Third-Generation Partnership Project (3GPP) specifications, authentication is performed at both the GPRS and the IMS networks before an MS can access the IMS services. We observe that many steps in this 3GPP "two-pass" authentication procedure are identical. Based on our observation, this paper proposes an one-pass authentication procedure that only needs to perform GPRS authentication. At the IMS level, authentication is implicitly performed in IMS registration. Our approach may save up to 50% of the IMS registration/authentication traffic, as compared with the 3GPP two-pass procedure. We formally prove that the one-pass procedure correctly authenticate the IMS users. 相似文献
13.
Mohammad Javad Sadri Maryam Rajabzadeh Asaar 《International Journal of Communication Systems》2020,33(14)
Internet of Vehicles (IoV), as the next generation of transportation systems, tries to make highway and public transportation more secure than used to be. In this system, users use public channels for their communication so they can be the victims of passive or active attacks. Therefore, a secure authentication protocol is essential for IoV; consequently, many protocols are presented to provide secure authentication for IoV. In 2018, Yu et al proposed a secure authentication protocol for WSNs in vehicular communications and claimed that their protocol could satisfy all crucial security features of a secure authentication protocol. Unfortunately, we found that their protocol is susceptible to sensor capture attack, user traceability attack, user impersonation attack, and offline sink node's secret key guessing attack. In this paper, we propose a new authentication protocol for IoV which can solve the weaknesses of Yu et al's protocol. Our protocol not only provides anonymous user registration phase and revocation smart card phase but also uses the biometric template in place of the password. We use both Burrow‐Abadi‐Needham (BAN) logic and real‐or‐random (ROR) model to present the formal analysis of our protocol. Finally, we compare our protocol with other existing related protocols in terms of security features and computation overhead. The results prove that our protocol can provide more security features and it is usable for IoV system. 相似文献
14.
As the industry standard for open source cloud platforms,openstack uses the single-factor authentication method based on username and password that provides by keystone components to identity authentication mechanism,while it is not suitable for application scenarios with high security level requirements.A digital certificate-based identity authentication protocol which had cloud user identification protocol and authentication protocol was designed to meet the requirements.With expending the keystone component to achieve a digital certificate-based identity authentication system,a combination of authentication server,UKey technology,encryption technology and well-established key management and so on was used.According to the research,the system can effectively resist multiple cyber-attacks and improve the security of cloud users when they log in to the cloud platform. 相似文献
15.
在经典的基于零知识证明的Fiat-Shamir认证协议的基础上,提出了一种基于模运算的新的零知识证明算法,并给出相应的协议.该协议可以完成两项功能,一是用户可以使用此算法进行双向验证,二是用户可以利用此系统中的一对公私钥,对双方要传输的数据进行加密.这样使用一套加密系统就可以完成认证和加密两项工作. 相似文献
16.
Arezou Ostad‐Sharif Morteza Nikooghadam Dariush Abbasinezhad‐Mood 《International Journal of Communication Systems》2019,32(12)
Wireless body area networks (WBANs) are a network designed to gather critical information about the physical conditions of patients and to exchange this information. WBANs are prone to attacks, more than other networks, because of their mobility and the public channel they use. Therefore, mutual authentication and privacy protection are critical for WBANs to prevent attackers from accessing confidential information of patients and executing undetectable physical attacks. In addition, in the authentication and key agreement process, messages should be transferred anonymously such that they are not linkable. In this paper, we first indicate that one of the most recently introduced authentication protocol is vulnerable to the wrong session key agreement attack and desynchronization attack. Second, we propose a lightweight authentication and key agreement protocol, which can withstand the well‐known attacks and provide the anonymity feature. Eventually, we analyze the security of our proposed protocol using both Automated Validation of Internet Security Protocols and Applications (AVISPA) and random oracle model and compare its performance with the related works. The results demonstrate the superiority of our proposed protocol in comparison with the other protocols. 相似文献
17.
物联网的发展对射频识别(RFID)系统的安全性能提出了越来越高的要求。虽然基于密钥阵列的RFID认证协议解决了传统RFID认证协议在多实体环境中存在的内部攻击问题,但基于交换实体身份信息的认证方式存在信息泄露的安全隐患。针对这一问题,设计了基于零知识证明的多实体RFID认证协议(MERAP)。该协议采用分布式密钥阵列抵御内部攻击,利用零知识证明方案实现双向认证时敏感身份信息零泄露。性能分析结果显示,MERAP协议在维持一定复杂度和标签成本的基础上,可抵抗包括重传、跟踪、拒绝服务和篡改等多种外部攻击和内部攻击。 相似文献
18.
Tian-Fu Lee Shu-Hui Chang Tzonelih Hwang Song-Kong Chong 《Wireless Communications, IEEE Transactions on》2009,8(5):2166-2171
Lee and Yeh recently presented a delegation-based authentication protocol for portable communication systems (PCSs), which is claimed to provide non-repudiation in on-line authentication. This investigation indicates that their protocol has a weakness in that a malicious visited location register can forge the authentication messages in off-line authentication processes, preventing mobile users from obtaining non-repudiation in such processes. This study also presents an enhanced protocol, which not only has the same security properties as the original protocol but also avoids the weakness in the original scheme and reduces the computational cost. 相似文献
19.
Prosanta Gope Hemant Ghayvat Yongqiang Cheng Sohag Kabir 《International Journal of Communication Systems》2023,36(12):e4199
Rapid development of wireless networks brings about many security problems in portable communication systems (PCSs), which can provide mobile users with an opportunity to enjoy global roaming services. In this regard, designing a secure user authentication scheme, especially for recognizing legal roaming users, is indeed a challenging task. It is noticed that there is no delegation-based protocol for PCSs, which can guarantee anonymity, untraceability, perfect forward secrecy, and resistance of denial-of-service (DoS) attack. Therefore, in this article, we put forward a novel delegation-based anonymous and untraceable authentication protocol, which can guarantee to resolve all the abovementioned security issues and hence offer a solution for secure communications for PCSs. 相似文献
20.
Nowadays, authentication protocols are essential for secure communications specially for roaming networks, distributed computer networks, and remote wireless communication. The numerous users in these networks rise vulnerabilities. Thus, privacy‐preserving methods have to be run to provide more reliable services and sustain privacy. Anonymous authentication is a method to remotely authenticate users with no revelation about their identity. In this paper, we analyze 2 smart card–based protocols that the user's identity is anonymous. However, we represent that they are vulnerable to privileged insider attack. It means that the servers can compromise the users' identity for breaking their privacy. Also, we highlight that the Wen et al protocol has flaws in both stolen smart card and stolen server attacks and the Odelu et al protocol is traceable. Then, we propose 2 modified anonymous authentication protocols. Finally, we analyze our improved protocols with both heuristic and formal methods. 相似文献