Vehicular Adhoc Network (VANET) is based on the principles of Mobile Adhoc NETwork (MANET) where vehicles are considered as nodes and secure communication is established to provide a safe driving experience. Due to its unique characteristics, it has various issues and challenges. These issues can be resolved by ensuring security requirements like authentication, privacy preservation, message integrity, non-repudiation, linkability, availability etc. Authentication plays a vital role since it is the first step to establish secure communication in the vehicular network. It also distinguishes malicious vehicles from legitimate vehicles. Different authentication schemes have been proposed to establish secure vehicular communications. A survey of the existing authentication schemes is given in this paper. At first, the existing authentication schemes are broadly classified based on message signing and verification methods. Then, each category is clearly explained with its sub-categories. At last, the existing schemes in each category are compared based on security requirements, security attacks and performance parameters.
相似文献Electronic health record (EHR) systems provide the platform that enables digital documentation of patients health information. Practically, EHR systems aid in delivering quality medical healthcare and limiting medical errors. However, EHR systems are associated with known technical and security challenges such as interoperability, confidentiality, authentication, auditability, and access control. To overcome these challenges, we first propose a new heterogeneous signcryption with proxy re-encryption (HSC-PRE) scheme. Secondly, via an example design, we demonstrate how our scheme can be utilized to achieve a secure, interoperable, auditable and accessible EHR system using blockchain technology. The blockchain technology is required to assure interoperability and auditability while the HSC-PRE assures confidentiality, authentication and access control. Via comprehensive security analysis (in random oracle model (ROM)), we affirm that the HSC-PRE scheme is secure. Besides, it shows up efficient against other recent related schemes.
相似文献Authentication has strong impact on the overall security model of every information system. Various authentication techniques are available for restricting the access of unauthorized users to the enterprise scale networks. IEEE 802.1X defines a secure and reliable authentication framework for 802.11 WLANs, where Extensible Authentication Protocol (EAP) provides the base to this architecture. EAP is a generic architectural framework which supports extensibility by incorporating the new and improved authentication schemes, which are based on different types of credentials. Currently there exist a number of EAP and Non-EAP methods with varying level of security and complexity. In this work, we have designed a new n-secret based authentication scheme referred here as Personal Dialogue Based Authentication, for the client authentication to the network. It is a Transport Layer Security (TLS) protected authentication protocol, which will be executed inside the secure TLS tunnel for providing the privacy and credential security to the wireless client. The developed authentication protocol has a reasonable set of features like; strong security, user privacy, simplicity and extensibility. For the formal analysis of the protocol we have used SPAN–AVISAP model checker on Ubuntu platform for validating the realization of the specified security goals. The experimental results obtained by simulation performed with the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool shows that our protocol is efficient and secured.
相似文献Vehicular ad-hoc network (VANET) has been considered as one of the most promising wireless sensor technologies, which could enhance driving convenience and traffic efficiency through real-time information interaction. Nevertheless, emerging security issues (e.g., confidentiality, integrity, identity privacy, message authentication) will hinder the widespread deployment of VANETs. To address these issues, in this paper, we propose an efficient privacy-preserving anonymous authentication protocol for VANETs. We first design an identity-based signature algorithm, and exploit it with an account information of a vehicle to propose our anonymous authentication protocol. The protocol enables each vehicle to anonymously send an authenticated message to nearby roadside units (RSUs) in a confidential way, and efficiently check the feedback information from nearby RSUs. Simultaneously, the protocol achieves key-exchange functionality, which could produce a session key for later secure communication between vehicles and RSUs. Finally, we give the security analysis of the proposed protocol and conduct a comprehensive performance evaluation, the results demonstrate its feasibility in the secure deployment of VANETs.
相似文献Over the years, the performance of devices used to gather sensitive medical information about individuals has increased substantially. These include implanted devices in the body, placed on or around the body, creating a Wireless body area network. Security and privacy have been a greater concern over a period of time due to the sensitive nature of the data collected and transmitted by the network. It has been noticed that various techniques have been applied to secure the data and provide privacy in WBANs but with a tradeoff of execution overhead. Although the latest available anonymous authentication schemes provide privacy and security but due to the limited computation capacity of WBAN devices, these schemes show greater time cost for authentication and consume more processing time. We review two latest anonymous authentication schemes for the WBAN environment in terms of computation cost. These two schemes provide anonymous authentication and use encryption to secure the data and ensure privacy. Then we analyze a recent lightweight authentication scheme proposed for wearable devices which provides anonymity and privacy along with security with very low computation cost. This scheme uses hash functions in order to obtain authentication and anonymity and doesn’t use encryption in the authentication process. This scheme is not proposed for the WBAN environment, but it can be applied on the WBAN environment with necessary variations. The comparison of these available schemes shows clearly that the computation cost is considerably decreased by applying the latest authentication scheme in the WBAN environment. We propose a new authentication scheme for the WBAN environment based on the light-weight scheme proposed for wearable devices. The detailed analysis shows that our proposed scheme minimizes the computation cost and maintains the privacy and security along with anonymous authentication.
相似文献Radio Frequency Identification (RFID) technology is expected to play a key role in the Internet of Things (IoT) and has applications in a wide variety of domains ranging from automation to healthcare systems. Therefore, the security and privacy of RFID communication is critical. In this paper, we analyze two recent RFID protocols proposed by researchers. Specifically we show that the ownership transfer protocol proposed by Wang et al., is vulnerable to tracing attacks while the mutual authentication protocol proposed by Cho et al. is vulnerable to key disclosure and backward traceable attacks. We propose secure improvements to these protocols to address the vulnerabilities, and improve the scalability of these schemes making them suitable for large-scale deployments.
相似文献Cloud computing has proven to be applicable in smart grid systems with the help of the cloud-based Internet of things (IoT) technology. In this concept, IoT is deployed as a front-end enabling the acquisition of smart grid-related data and its outsourcing to the cloud for data storage purposes. It is obvious that data storage is a pertinent service in cloud computing. However, its wide adoption is hindered by the concern of having a secure access to data without a breach on confidentiality and authentication. To address this problem, we propose a novel data access control scheme that simultaneously accomplishes confidentiality and authentication for cloud-based smart grid systems. Our scheme can enable the storing of encrypted smart grid-related data in the cloud. When a user prefers to access the data, the data owner issues a delegation command to the cloud for data re-encryption. The cloud is unable to acquire any plaintext information on the data. Only authorized users are capable of decrypting the data. Moreover, the integrity and authentication of data can only be verified by the authorized user. We obtain the data access control scheme by proposing a pairing free certificateless signcryption with proxy re-encryption (CLS-PRE) scheme. We prove that our CLS-PRE scheme has indistinguishability against adaptive chosen ciphertext attack under the gap Diffie–Hellman problem and existential unforgeability against adaptive chosen message attack under elliptic curve discrete logarithm problem in the random oracle model.
相似文献With the expansion of smart device users, the security mechanism of these devices in terms of user authentication has been advanced a lot. These mechanisms consist of a pattern based authentication, biometric based authentication, etc. For security purpose whenever a user fails to authenticate themselves, these devices get locked. But as these devices consist of numerous applications (document creator, pdf viewer, e-banking, Social networking app, etc.), locking of the whole devices prevents the user from using any of the applications. Since the variety of applications provided by the devices have different security needs, we feel it is better to have application level security rather than device level. Here, in this paper, we have proposed a behavioral biometric based user authentication mechanism for application level security. First, we have performed a risk assessment of different applications. Then for complete protection, static multi-modal (keystroke and mouse dynamics) authentication at the start of an interactive session, and a continuous keystroke authentication during this session is performed. An analysis of the proposed authentication mechanism has been conducted on the basis of false acceptance rate (FAR), false rejection rate (FRR) and equal error rate (EER). The static multi-modal authentication achieved a FAR of 0.89%, FRR of 1.2% and EER of 1.04% using J48 classification algorithm. Whereas the continuous keystroke authentication has been analyzed by the time (no. of keystrokes pressed) taken to capture an intruder.
相似文献The emergence of fog computing has witnessed a big role in initiating secure communication amongst users. Fog computing poses the ability to perform analysis, processing, and storage for a set of Internet of Things (IoT) devices. Several IoT solutions are devised by utilizing the fog nodes to alleviate IoT devices from complex computation and heavy processing. This paper proposes an authentication scheme using fog nodes to manage IoT devices by providing security without considering a trusted third party. The proposed authentication scheme employed the benefits of fog node deployment. The authentication scheme using fog node offers reliable verification between the data owners and the requester without depending on the third party users. The proposed authentication scheme using fog nodes effectively solved the problems of a single point of failure in the storage system and offers many benefits by increasing the throughput and reducing the cost. The proposed scheme considers several entities, like end-users, IoT devices, fog nodes, and smart contracts, which help to administrate the authentication using access policies. The proposed authentication scheme using fog node provided superior results than other methods with minimal memory value of 4009.083 KB, minimal time of 76.915 s, and maximal Packet delivery ratio (PDR) of 76.
相似文献A great advancement has been made in intelligent transportation system and communication technologies in order to exchange secure information between automobiles, facilities provider have led an frame over road network. The intelligent transportation system provides an efficient traffic system for drivers, so that there must be less risk to users. In order to design a secure communication protocol among V & V and V & I is a challenging problem. In order to reduce the chance of attacks and increase privacy level, crypto graphic tools provides the feasible solution. In this paper, we proposed pseudonym changing strategy with mix zones (1) Anonymous authentication: the message should be authenticated by issuer due to mix zone and cryptographic tools secure message without any attack. (2) Privacy: Communication contents are confidential due to encrypted messages during communications also improving the scalability through address configuration scheme to reduce computational cost. (3) Efficiency: low storage requirements, The velocity and distance factors may also consider secure measurement, message delivery, overhead and coverage,packet delivery rate, reduce latency and overhead not only by computation cost and time but also compared our scheme, fast delivery rate, low latency and maximum coverage in order to enhance privacy against malicious attacks.
相似文献Several password and smart-card based two-factor security remote user authentication protocols for multi-server environment have been proposed for the last two decades. Due to tamper-resistant nature of smart cards, the security parameters are stored in it and it is also a secure place to perform authentication process. However, if the smart card is lost or stolen, it is possible to extract the information stored in smart card using power analysis attack. Hence, the two factor security protocols are at risk to various attacks such as password guessing attack, impersonation attack, replay attack and so on. Therefore, to enhance the level of security, researchers have focused on three-factor (Password, Smart Card, and Biometric) security authentication scheme for multi-server environment. In existing biometric based authentication protocols, keys are generated using fuzzy extractor in which keys cannot be renewed. This property of fuzzy extractor is undesirable for revocation of smart card and re-registration process when the smart card is lost or stolen. In addition, existing biometric based schemes involve public key cryptosystem for authentication process which leads to increased computation cost and communication cost. In this paper, we propose a new multi-server authentication protocol using smart card, hash function and fuzzy embedder based biometric. We use Burrows–Abadi–Needham logic to prove the correctness of the new scheme. The security features and efficiency of the proposed scheme is compared with recent schemes and comparison results show that this scheme provides strong security with a significant efficiency.
相似文献Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes.
相似文献Constraint Application Protocol (CoAP), an application layer based protocol, is a compressed version of HTTP protocol that is used for communication between lightweight resource constraint devices in Internet of Things (IoT) network. The CoAP protocol is generally associated with connectionless User Datagram Protocol (UDP) and works based on Representational State Transfer architecture. The CoAP is associated with Datagram Transport Layer Security (DTLS) protocol for establishing a secure session using the existing algorithms like Lightweight Establishment of Secure Session for communication between various IoT devices and remote server. However, several limitations regarding the key management, session establishment and multi-cast message communication within the DTLS layer are present in CoAP. Hence, development of an efficient protocol for secure session establishment of CoAP is required for IoT communication. Thus, to overcome the existing limitations related to key management and multicast security in CoAP, we have proposed an efficient and secure communication scheme to establish secure session key between IoT devices and remote server using lightweight elliptic curve cryptography (ECC). The proposed ECC-based CoAP is referred to as ECC-CoAP that provides a CoAP implementation for authentication in IoT network. A number of well-known cryptographic attacks are analyzed for validating the security strength of the ECC-CoAP and found that all these attacks are well defended. The performance analysis of the ECC-CoAP shows that our scheme is lightweight and secure.
相似文献The fast growing usage of mobile devices to access services over telecommunication networks urges researchers to look for an efficient way to secure users’ online credentials. Rooted in online users’ fear appeals, this study measures the impact of an emerging use of technology, QR codes, on authentication protection. We contribute to the extant literature by integrating two theories—protection motivation theory and the theory of planned behavior, as well as investigating how the collaboration of computers and mobile devices enhances the protection of users’ online credentials. The results of the study additionally provide insights for IT developers for future directions in the development of authentication protection.
相似文献In hierarchical wireless sensor networks (H-WSNs), adaptive user authentication scheme has attracted significantly for the purposes of mutual authentication, session key establishment and resiliency to the attacks, like impersonation, parallel-session and password guessing. Several user authentication schemes have been proposed recently; though the schemes have had many potential vulnerabilities, such as key-impersonation, user anonymity, eavesdropping and masquerade. Thus, this paper proposes secure-cum-efficient mutual adaptive user authentication (S-Cum-EMAUA) scheme for practical use in H-WSNs. The scheme of S-Cum-EMAUA) is not only resilient to the most of the potential attacks, but also provides mutual authentication, user anonymity and session-key establishment. In addition, the proposed scheme is well secured, since it has the usage of the hash-function and X-OR operation.
相似文献