共查询到20条相似文献,搜索用时 15 毫秒
1.
2.
随着移动通信网技术的演进,网络安全问题日益突出,如何在提供高质量通信服务的同时保护合法用户的隐私不被非法窃取、运营商网络不被入侵成为移动通信安全领域的一个重要问题。用户与网络的相互鉴权是用户和网络彼此判定对方合法性的重要手段,鉴权手段也随着网络演进而不断演进,从历代移动通信网络(GSM、CDMA、UMTS、LTE)鉴权认证技术入手,分析鉴权技术优缺点,并重点剖析了即将商用的第五代(5G)移动通信的鉴权技术、统一认证技术,最后对未来鉴权技术的发展进行了展望。 相似文献
3.
针对手机个人信息安全的保护,设计了一种基于传感器信息分析的用户认证方案。利用内置加速度传感器和触摸屏传感器采集用户数据,对电话接听、触屏滑动操作、待机状态等行为进行特征分析,运用动态时间规整算法分别进行分类识别。考虑单一特征局限于特定状态导致识别结果的稳定性较差,进一步引入多元线性回归方法构建融合判定模型,有效提高了个体区分度。该方案不需要特定的硬件设备配置,满足实际场景中用户使用舒适性要求,实验仿真结果验证了方案的有效性,能够准确辨别用户本人对手机的控制状况。 相似文献
4.
移动IP中无线链路的开放性和节点的移动性,给移动节点的注册带来潜在的安全威胁。针对移动节点的注册安全问题,提出了一种USBKey辅助的注册认证协议。该协议通过USBKey保护移动节点的私钥以加强移动注册的安全性,结合数字信封技术与数字签名技术,实现相关协议实体的身份认证和注册信息的安全保护。分析结果表明,该协议可保证注册信息的完整性和机密性,可以有效抵御常见的安全攻击,保证移动节点的注册安全,并且比多数相关协议的注册认证迟延更小。 相似文献
5.
面向移动终端的隐式身份认证机制通过监测移动终端环境以及用户行为等信息对用户进行透明且持续地认证,能够增强现有身份认证机制的可用性与安全性。该文对隐式身份认证技术的研究现状进行介绍。介绍了基于本地与基于网络的隐式身份认证框架;归纳总结出五类数据采集方式;对基于机器学习等多种用户分类算法进行了介绍,分析比较了各算法的正确率;归纳出两类访问控制机制,并对隐式身份认证所面临的模拟行为攻击以及用户隐私泄漏安全问题进行了讨论。 相似文献
6.
为了保证手机信息安全,设计实现了一种基于内置三轴加速度传感器的手机用户认证方案。通过内置三轴加速度传感器采集认证手势信号,提出差分自底向上线性分段方法进行有效手势动作端点的自动检测,利用小波包分解对有效手势信号进行去噪,进一步设计基于欧氏距离的动态时间规整算法计算测试手势和模板手势的相似度,从而得出认证结果。相比于现有常用手势端点检测方法,差分自底向上线性分段方法能更准确地截取有效手势信号。实验结果表明,当他人模仿手势错误接受率为0%时,本文认证手势错误拒绝率小于5%,有效实现了用户认证。 相似文献
7.
Design patterns for user interface for mobile applications 总被引:1,自引:0,他引:1
The topic of this paper is a collection of user interface (UI) design patterns for mobile applications. In the paper we present the structure of the patterns collection – the patterns are suggested solutions to problems that are grouped into a set of problem areas that are further grouped into three main problem areas – a structure which is valuable both as an index to identifying patterns to use, and it gives a fairly comprehensive overview of issues when designing user interfaces for mobile applications. To show the breadth of the patterns collection we present six individual problems with connected design patterns in some detail – each coming from different problem areas. They represent important and relevant problems, and are on different levels of abstraction, thus showing how patterns may be used to present problems and solutions on different levels of detail. To show the relevance and usefulness of the patterns collection for usability professionals with a mixed background, we present some relevant findings from a validation of the patterns collection. In addition to verifying the relevance and usefulness of the patterns collection, it also shows both expected and surprising correlations between background and perceived relevance and usefulness. One important finding from the validation is an indication that the patterns collection is best suited for experienced UI developers wanting to start developing mobile UIs. Using a patterns collection for documenting design knowledge and experience has been a mixed experience, so we discuss pros and cons of this. Finally, we present related work and future research. 相似文献
8.
User authentication such as password setting has become increasingly important for the secure management of the information stored in mobile devices. However, in the password authentication schemes used in mobile devices, enhancing security reduces their usability, and passwords become hard to memorize. In addition, enhancing their usability makes them vulnerable to shoulder-surfing or recording attacks involving stealing a glance at the authentication process through the system interface. In this paper, we propose a password authentication scheme that uses a virtual scroll wheel, called WheelLock, to ensure appropriate usability and prevent brute force, shoulder-surfing, and recording attacks. 相似文献
9.
10.
Wearable, handheld, and embedded or standalone intelligent devices are becoming quite common and can support a diverse range of applications. In order to simplify development of applications which can adapt to a variety of mobile devices, we propose an adaptation framework which includes three techniques: follow‐me, context‐aware adaptation, and remote control scheme. For the first, we construct a personal agent capable of carrying its owner's applications. Second, we design a personal agent capable of carrying applications with an adaptable hierarchical structure. Then, applications can be adapted approximately to the context of evices by using an attribute‐based component decision algorithm. Finally, to achieve a remote control scheme, we distribute the computational load of applications on the resource‐restricted mobile devices. An application is divided into two parts that can be executed on a user device and a server separately. In short, this framework facilitates the development of widespread applications for ubiquitous computing environments. Furthermore, it enables the applications to follow their owners and automatically adapt to different devices. Copyright © 2005 John Wiley & Sons, Ltd. 相似文献
11.
移动RFID的无线通信与移动应用给认证提出更高要求,针对当前移动RFID认证协议安全性不强及认证效率不高问题,提出移动RFID高效率认证协议。协议通过执行算术运算、按位运算及数据排列组合,保证了信息传输安全;通过后台数据库和移动阅读器对随机数的递进式验证,标签对随机数的捆绑式验证,有效防范敌手攻击。由于通信实体均执行轻量级运算,大幅提高系统计算性能;通信实体的递进式验证实现了对标签数据的初步筛选,缩短无效认证时间,提高认证效率。利用GNY形式化语言对协议正确性进行了证明。理论分析表明,该协议可抵御多种类型攻击。仿真结果显示,与同类移动RFID认证协议相比,该协议认证效率高,应用价值好。 相似文献
12.
Longbin Chen Li-Chiou Chen Nader Nassar 《Information Security Journal: A Global Perspective》2018,27(1):29-41
Authenticating users for mobile cloud apps has been a major security issue in recent years. Traditional passwords ensure the security of mobile applications, but it also requires extra effort from users to memorize complex passwords. Seed-based authentication can simplify the process of authentication for mobile users. In the seed-based authentication, images can be used as credentials for a mobile app. A seed is extracted from an image and used to generate one-time tokens for login. Compared to complex passwords, images are more friendly to mobile users. Previous work had been done in seed-based authentication which focused on providing authentication from a single device. It is common that a mobile user may have two or more mobile devices. Authenticating the same user on different devices is challenging due to several aspects, such as maintaining the same credential for multiple devices and distinguishing different users. In this article, we aimed at developing a solution to address these issues. We proposed multiple-device authentication algorithms to identify users. We adopted a one-time token paradigm to ensure the security of mobile applications. In addition, we tried to minimize the authentication latency for better performance. Our simulation showed that the proposed algorithms can improve the average latency of authentication for 40% at most, compared to single-device solutions. 相似文献
13.
14.
针对Doss协议的不足,提出了一种改进的轻量级移动RFID认证协议。首先使用二次剩余混合随机数加密的方法提高后台服务器识别速度;在阅读器端添加时间戳生成器,抵御阅读器冒充及重放攻击。新协议标签端只采用成本较低的伪随机数生成、模平方以及异或运算,遵循了EPC C1G2标准,且实现了移动RFID环境下的安全认证。理论分析及实验显示了新协议提高了Doss协议后台识别速度,并满足标签和阅读器的匿名性、阅读器隐私、标签前向隐私等安全需求,更有效抵抗已有的各种攻击:重放、冒充、去同步化攻击等。与同类RFID认证协议相比,实用性更佳。 相似文献
15.
Research on biometrics for high security applications has not attracted as much attention as civilian or forensic applications. Limited research and deficient analysis so far has led to a lack of general solutions and leaves this as a challenging issue. This work provides a systematic analysis and identification of the problems to be solved in order to meet the performance requirements for high security applications, a double low problem. A hybrid ensemble framework is proposed to solve this problem. Setting an adequately high threshold for each matcher can guarantee a zero false acceptance rate (FAR) and then use the hybrid ensemble framework makes the false reject rate (FRR) as low as possible. Three experiments are performed to verify the effectiveness and generalization of the framework. First, two fingerprint verification algorithms are fused. In this test only 10.55% of fingerprints are falsely rejected with zero false acceptance rate, this is significantly lower than other state of the art methods. Second, in face verification, the framework also results in a large reduction in incorrect classification. Finally, assessing the performance of the framework on a combination of face and gait verification using a heterogeneous database show this framework can achieve both 0% false rejection and 0% false acceptance simultaneously. 相似文献
16.
Information security has been a critical issue in the field of information systems. One of the key factors in the security of a computer system is how to identify the authorization of users. Password-based user authentication is widely used to authenticate a legitimate user in the current system. In conventional password-based user authentication schemes, a system has to maintain a password table or verification table which stores the information of users IDs and passwords. Although the one-way hash functions and encryption algorithms are applied to prevent the passwords from being disclosed, the password table or verification table is still vulnerable. In order to solve this problem, in this paper, we apply the technique of back-propagation network instead of the functions of the password table and verification table. Our proposed scheme is useful in solving the security problems that occurred in systems using the password table and verification table. Furthermore, our scheme also allows each user to select a username and password of his/her choice. 相似文献
17.
无线传感器网络(WSN)中的移动节点缺乏可信性验证,提出一种物联网(IoT)环境下移动节点可信接入认证协议。传感器网络中移动汇聚节点(Sink节点)同传感器节点在进行认证时,传感器节点和移动节点之间完成相互身份验证和密钥协商。传感器节点同时完成对移动节点的平台可信性验证。认证机制基于可信计算技术,给出了接入认证的具体步骤,整个过程中无需基站的参与。在认证时利用移动节点的预存的假名和对应公私钥实现移动节点的匿名性,并在CK(Canetti-Krawczyk)模型下给出了安全证明。在计算开销方面与同类移动节点认证接入方案相比,该协议快速认证的特点更适合物联网环境。 相似文献
18.
在击键动态身份认证系统中,样本采集和模板建立直接影响系统性能。目前单模板击键认证系统存在无法使错误接受率和错误拒绝率都降低到可接受范围内的不足。为此将多模板思想引入击键认证过程中,在提出最大认证概率算法和最小认证概率算法后,提出均衡概率多模板选择算法,将两种错误率都控制在合理范围内。通过实验同GMMS算法进行对比,并研究了模板数和模板样本数对认证结果的影响,最后与单模板认证系统进行了比较分析。 相似文献
19.
为确保通信双方的信息安全,很多认证与密钥协商(AKA)协议被提出并应用于实际场景中。然而现有三因子协议都存在安全漏洞,如易受智能卡丢失攻击、口令猜测攻击等,有的更是忽略了匿名性。针对上述问题提出了一种三因子匿名认证与密钥协商协议。该协议通过融合智能卡、口令和生物认证技术,并增加口令与生物特征更新阶段以及智能卡更新分配阶段,并利用椭圆曲线上的计算性Diffie-Hellman(CDH)假设进行信息交互,来实现安全通信。在随机预言机模型下证明了所提协议的安全性。与同类协议进行对比分析的结果表明,所提协议能有效防范智能卡丢失攻击、重放攻击等多种攻击,实现了匿名性、口令自由更新等更全面的功能,且具有较高的计算和通信效率。 相似文献
20.