A numerically stable fragile watermarking scheme for authenticating 3D models

This paper analyzes the numerically instable problem in the current 3D fragile watermarking schemes. Some existing fragile watermarking schemes apply the floating-point arithmetic to embed the watermarks. However, these schemes fail to work properly due to the numerically instable problem, which is common in the floating-point arithmetic. This paper proposes a numerically stable fragile watermarking scheme. The scheme views the mantissa part of the floating-point number as an unsigned integer and operates on it by the bit XOR operator. Since there is no numerical problem in the bit operation, this scheme is numerically stable. The scheme can control the watermark strength through changing the embedding parameters. This paper further discusses selecting appropriate embedding parameters to achieve good performance in terms of the perceptual invisibility and the ability to detect unauthorized attacks on the 3D models. The experimental results show that the proposed public scheme could detect attacks such as adding noise, adding/deleting faces, inserting/removing vertices, etc. The comparisons with the existing fragile schemes show that this scheme is easier to implement and use.     

Biometrics:Standing Throughout Emerging Technologies

Biometrics technologies have been around for quite some time and many have been deployed for different applications all around the world, ranging from small companies' time and attendance systems to access control systems for nuclear facilities. Biometrics offer a reliable solution for the establishment of the distinctiveness of identity based on who an individual is, rather than what he or she knows or carries. Biometric Systems automatically verify a person's identity based on his/her anatomical and behav...     

基于椭圆曲线的盲数字签名及其身份识别

椭圆曲线密码体制以其特有的优越性被广泛用于进行数据加密和构建数字签名方案。同样,它也可以用来构建盲数字签名方案。介绍了椭圆曲线密码体制的相关知识,基于求解椭圆曲线离散对数问题的困难性,设计了一种基于椭圆曲线离散对数问题的盲数字签名方案,并在此基础上设计了一种身份识别协议,该方案可以同时满足盲数字签名的正确性、匿名性、不可伪造性和不可追踪性等特性要求。从理论上分析该方案是安全的,并具有一定的实用价值。     

基于ACE的集群呼叫鉴权系统的实现

介绍基于ACE的集群呼叫鉴权系统的设计和实现方法。通过ACE_Even_Handler、ACE_Task、ACE_Reac-tor的派生类的相互配合,程序员可以快速开发UDP网络应用程序。     

Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme

Internet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen-verifier attack. We then propose a lightweight authentication protocol for secure communication of IoT embedded devices and cloud servers. The proposed scheme is proved to provide essential security requirements such as mutual authentication, device anonymity, and perfect forward secrecy and is robust against security attacks. We also formally verify the security of the proposed protocol using BAN logic and also the Scyther tool. We also evaluate the computation and communication costs of the proposed scheme and demonstrate that the proposed scheme incurs minimum computation and communication overhead, compared to related schemes, making it suitable for IoT environments with low processing and storage capacity.     

A Multi-Stage Secure IoT Authentication Protocol

The Internet of Things (IoT) is a network of heterogeneous and smart devices that can make decisions without human intervention. It can connect millions of devices across the universe. Their ability to collect information, perform analysis, and even come to meaningful conclusions without human capital intervention matters. Such circumstances require stringent security measures and, in particular, the extent of authentication. Systems applied in the IoT paradigm point out high-interest levels since enormous damage will occur if a malicious, wrongly authenticated device finds its way into the IoT system. This research provides a clear and updated view of the trends in the IoT authentication area. Among the issues covered include a series of authentication protocols that have remained research gaps in various studies. This study applies a comparative evaluation of authentication protocols, including their strengths and weaknesses. Thus, it forms the foundation in the IoT authentication field of study. In that direction, a multi authentication architecture that involves secured means is proposed for protocol authentication. Informal analysis can affect the security of the protocols. Burrows-Abadi-Needham (BAN) logic provides proof of the attainment of mutual authentication. NS3 simulator tool is used to compare the performance of the proposed protocol to verify the formal security offered by the BAN logic.     

A post quantum secure construction of an authentication protocol for satellite communication

Satellite's communication system is used to communicate under significant distance and circumstances where the other communication systems are not comfortable. Since all the data are exchanged over a public channel, so the security of the data is an essential component for the communicating parties. Both key exchange and authentication are two cryptographic tools to establish a secure communication between two parties. Currently, various kinds of authentication protocols are available to establish a secure network, but all of them depend on number–theoretical (discrete logarithm problem/factorization assumption) hard assumptions. Due to Shor's and Grover's computing algorithm number theoretic assumptions are breakable by quantum computers. Although Kumar and Garg have proposed a quantum attack-resistant protocol for satellite communication, it cannot resist stolen smart card attack. We have analyzed that how Kumar and Garg is vulnerable to the stolen smart card attack using differential power analysis attack described in He et al and Chen and Chen. We have also analyzed the modified version of signal leakage attack and sometimes called improved signal leakage attack on Kumar and Garg's protocol. We have tried to construct a secure and efficient authentication protocol for satellites communication that is secure against quantum computing. This is more efficient as it requires only three messages of exchange. This paper includes security proof and performance of the proposed authentication and key agreement protocol.     

A Proposed Biometric Authentication Model to Improve Cloud Systems Security

Most user authentication mechanisms of cloud systems depend on the credentials approach in which a user submits his/her identity through a username and password. Unfortunately, this approach has many security problems because personal data can be stolen or recognized by hackers. This paper aims to present a cloud-based biometric authentication model (CBioAM) for improving and securing cloud services. The research study presents the verification and identification processes of the proposed cloud-based biometric authentication system (CBioAS), where the biometric samples of users are saved in database servers and the authentication process is implemented without loss of the users’ information. The paper presents the performance evaluation of the proposed model in terms of three main characteristics including accuracy, sensitivity, and specificity. The research study introduces a novel algorithm called “Bio_Authen_as_a_Service” for implementing and evaluating the proposed model. The proposed system performs the biometric authentication process securely and preserves the privacy of user information. The experimental result was highly promising for securing cloud services using the proposed model. The experiments showed encouraging results with a performance average of 93.94%, an accuracy average of 96.15%, a sensitivity average of 87.69%, and a specificity average of 97.99%.     

Advanced Authentication Mechanisms for Identity and Access Management in Cloud Computing

Identity management is based on the creation and management of user identities for granting access to the cloud resources based on the user attributes. The cloud identity and access management (IAM) grants the authorization to the end-users to perform different actions on the specified cloud resources. The authorizations in the IAM are grouped into roles instead of granting them directly to the end-users. Due to the multiplicity of cloud locations where data resides and due to the lack of a centralized user authority for granting or denying cloud user requests, there must be several security strategies and models to overcome these issues. Another major concern in IAM services is the excessive or the lack of access level to different users with previously granted authorizations. This paper proposes a comprehensive review of security services and threats. Based on the presented services and threats, advanced frameworks for IAM that provide authentication mechanisms in public and private cloud platforms. A threat model has been applied to validate the proposed authentication frameworks with different security threats. The proposed models proved high efficiency in protecting cloud platforms from insider attacks, single sign-on failure, brute force attacks, denial of service, user privacy threats, and data privacy threats.     

电子身份认证的法律性质探究

电子身份认证在技术和制度层面上保证了电子商务和电子政务活动的安全,这种身份认证主要是通过电子签名及其认证而实现的,涉及到电子认证机构与电子签名人、电子签名信赖方之间的法律关系,所以明确三者之间的权利义务关系尤为重要。本文通过介绍电子签名、电子认证二者关系并分析了关于电子身份认证性质的各种学说,明确了电子身份认证是一种专业信用服务。