排序方式: 共有32条查询结果,搜索用时 15 毫秒
11.
Dipanwita Sadhukhan;Sangram Ray;Mou Dasgupta;Joel J. P. C. Rodrigues; 《Software》2024,54(10):1972-2006
In recent era, the unmanned aerial vehicles (UAVs) commonly known as drones has emerged as a one of the most significant and promising tools which has demonstrated its wide range of implementations variating from commercial domain to the field of defense due to its distinct capabilities such as inspection, surveillance, precision and so forth. Internet connected drones provides a propitious trend that boosts the flying safety, and service qualities of the UAVs where numerous low-altitude drones winged in different flying regions for executing a precise task such as gathering the real-time information from the unuttered environment to be interpretated by users. Nevertheless, the open-access insecure communications in hostile environment, the issues like safety and confidentiality threats, various security concerns such as the leakage of flying courses, identities, position, and gathered data by the drones are upstretched. To address these security concerns, access control mechanism provides a potential service in terms of authentication and key agreement for securing the communication between the individual drones within their respective flying regions. This article introduces a robust, efficient, lightweight, and privacy preserving ECC integrated access control approach by employing digital certificate with considering the high dynamicity and mobility of the drones. The designing of this proposed approach, that is, CLAASC-IoD is influenced by the aim of inter-drone and drone-to-ground station communication in the IoD paradigm. The detailed analysis of security using probabilistic random oracle model as well as simulation using well-accepted security verification tool AVISPA and comparative performance evaluation supports the claim of robustness, effectiveness, and proficiency. 相似文献
12.
The concept of multi‐server authentication includes multiple numbers of application servers. The registration/control server is the central point in such environment to provide smooth services to a limited number of legitimate users. However, this type of environment is inappropriate to handle unlimited users since the number of users may grow, and thus, the response time may be very high. To eliminate these shortcomings, we have modified the existing multi‐server authentication architecture and then designed a new scheme by including multiregistration server technique that can provide a smooth environment to support unlimited number of users. The main aspect of our design is to provide a secure authentication environment for multi‐server application using password and smartcard so that the participants can securely communicate with each other. The simulation results are obtained by executing our protocol using AVISPA tool. The results provide concrete evidence about the security safety against active and passive attacks. Furthermore, the justification of correctness of the freshness of the session key negotiation and the mutual authentication between the participants has done been evaluated with the BAN logic model. The comprehensive comparative analysis justifies our argument that our protocol has better applicability in multi‐server environments compared to other protocols with similar nature. 相似文献
13.
针对医药系统中药品和说明书同时认证的应用需求,提出一种快速双标签身份认证方案。该方案引入云服务器和物理不可克隆函数,确保了射频识别系统的可扩展性和标签的不可克隆性。针对传统射频识别系统逐一认证双标签效率较低的问题,提出一种双标签响应合并流程;针对物理不可克隆函数引发的系统错误认证问题,计算了物理不可克隆函数响应的最佳认证阈值,以降低系统的认证错误率;针对云服务器的不可信问题,提出3种超轻量级位流函数以实现两种加密机制,从而保护前向信道免受云服务器隐私泄露的威胁。安全分析表明,快速双标签身份认证协议可满足标签匿名性和不可追踪性,并能有效地抵抗克隆攻击、去同步化攻击、重放攻击等恶意攻击。此外,使用BAN逻辑分析和AVISPA工具,进一步验证了协议的安全性。与近期的认证协议相比,快速双标签身份认证协议的服务器搜索耗时最短,在满足各项安全属性的同时,以近似单标签的资源开销实现了对双标签的快速认证,适用于资源受限的大规模双标签认证场景。 相似文献
14.
Thankaraja Raja Sree;R. Harish;T. Veni; 《Concurrency and Computation》2024,36(12):e8054
As opposed to cloud servers, fog servers, and fog users may be malicious, so developing a mutual identity-preserving authentication mechanism between them is a crucial and difficult problem in fog computing. Such a technique must conceal the user's true identity from the adversary; otherwise, the adversary will be able to determine which fog user and fog server are in communication. This article suggests a secure and reliable anonymous mutual authentication system for use at the network's edge between fog users and fog servers. With the aid of the registration authority (RA) in our system, they can verify one another and decide on a new session key that will be used to encrypt messages throughout the session. Fog users don't need to re-register with RA to wander freely over the network and authenticate to any fog server that is within their range. The proposed technique only needs a small number of symmetric encryption/decryption and one-way hash functions, making it easy to implement for fog-user devices with limited resources. The new scheme's performance is evaluated in comparison to the existing one, showing that it is more resilient to various types of assaults (such as known plaintext attacks, man-in-the-middle attacks, session hijacking, etc.). The widely used Automated Validation of Internet Security Protocols and Applications tool is used to verify the proposed system. The outcomes demonstrate that our approach can safely withstand different attacks and accomplish the desired outcomes. Additionally, the proposed method is tested in real-world scenarios with the NS3 simulator. 相似文献
15.
User authentication is a promising security solution in which an external user having his/her mobile device can securely access the real-time information directly from the deployed smart devices in an Internet of Things-enabled intelligent precision agricultural environment. To achieve this goal, we present a new signature-based three factor user authentication scheme. The established session key between a user and the accessed smart device is then used to make secure communication among them to fetch the real-time data of the device. A detailed security analysis including the random-oracle based formal security, formal security verification using the broadly recognized automated validation of internet security protocols and applications tool and nonmathematical informal security analysis show the robustness of the proposed scheme against a number of potential attacks. In addition, testbed experiments are performed for measuring computational time of various cryptographic primitives that are used for comparative study among the proposed scheme and other related existing competing schemes. The detailed comparative analysis shows that the proposed scheme has a better trade-off among its offered security and functionality features, and communication and computational overheads as compared with those for other competing schemes. 相似文献
16.
User authentication is a prominent security requirement in wireless sensor networks (WSNs) for accessing the real‐time data from the sensors directly by a legitimate user (external party). Several user authentication schemes are proposed in the literature. However, most of them are either vulnerable to different known attacks or they are inefficient. Recently, Althobaiti et al. presented a biometric‐based user authentication scheme for WSNs. Although their scheme is efficient in computation, in this paper, we first show that their scheme has several security pitfalls such as (i) it is not resilient against node capture attack; (ii) it is insecure against impersonation attack; and (iii) it is insecure against man‐in‐the‐middle attack. We then aim to propose a novel biometric‐based user authentication scheme suitable for WSNs in order to withstand the security pitfalls found in Althobaiti et al. scheme. We show through the rigorous security analysis that our scheme is secure and satisfies the desirable security requirements. Furthermore, the simulation results for the formal security verification using the most widely used and accepted Automated Validation of Internet Security Protocols and Applications tool indicate that our scheme is secure. Our scheme is also efficient compared with existing related schemes. Copyright © 2015 John Wiley & Sons, Ltd. 相似文献
17.
Short message service (SMS) provides a wide channel of communication for banking in mobile commerce and mobile payment. The transmission of SMS is not secure in the network using global system for mobile communications or general packet radio service. Security threats in SMS restricted the use of SMS in mobile banking within certain limits. This paper proposed a model to address the security of SMS using elliptic curve cryptography. The proposed model provides end‐to‐end SMS communication between the customer and the bank through the mobile application. The main objective of the proposed model is to design and develop a security framework for SMS banking. Further, the protocol is verified for its correctness and security properties because most of the protocols are not having the facility to be verified by using the formal methods. Our proposed framework is experimentally validated by formal methods using model checking tool called automated validation of internet security protocols and Scyther tools. Security analysis shows that the proposed mechanism works better compared to existing SMS payment protocols for real‐world applications. 相似文献
18.
Recently, Li et al have developed a smartcard‐based remote user authentication scheme in multiserver environment. They have claimed that their scheme is secured against some possible cryptographic attacks. However, we have analyzed that the scheme of Li et al cannot preserve all the proclaimed security goals, which are given as follows: (1) It is not withstanding password‐guessing, user impersonation, insider, and smartcard theft attacks, and (2) it fails to facilitate user anonymity property. To remedy these above‐mentioned security flaws, we have proposed an efficient three factor–based authentication scheme in a multiserver environment using elliptic curve cryptography. The Burrows‐Abadi‐Needham logic is used to confirm the security validation of our scheme, which ensures that it provides mutual‐authentication and session‐key agreement securely. Then, the random oracle model is also considered to analyze the proposed scheme, and it shows that the backbone parameters, ie, identity, password, biometrics, and the session key, are secure from an adversary. Further, the informal security analysis confirms that the suggested scheme can withstand against some possible mentioned attacks. Later, the Automated Validation of Internet Security Protocols and Applications tool is incorporated to ensure its security against passive and active attacks. Finally, the performance comparison of the scheme is furnished to confirm its enhanced security with other relevant schemes. 相似文献
19.
Sharmistha Adhikari Sangram Ray Gosta P. Biswas Mohammad S. Obaidat 《International Journal of Communication Systems》2019,32(1)
Initially, Internet has evolved as a resource sharing model where resources are identified by IP addresses. However, with rapid technological advancement, resources/hardware has become cheap and thus, the need of sharing hardware over Internet is reduced. Moreover, people are using Internet mainly for information exchange and hence, Internet has gradually shifted from resource sharing to information sharing model. To meet the recent growing demand of information exchange, Content Centric Network (CCN) is envisaged as a clean‐slate future network architecture which is specially destined for smooth content distribution over Internet. In CCN, content is easily made available using network caching mechanism which is misaligned with the existing business policy of content providers/publishers in IP‐based Internet. Hence, the transition from contemporary IP‐based Internet to CCN demands attention for redesigning the business policy of the content publishers/providers. In this paper, we have proposed efficient and secure communication protocols for flexible CCN business model to protect the existing business policies of the content publisher while maintaining the salient CCN features like in‐network content caching and Interest packet aggregation. To enhance the efficiency and security, the Elliptic Curve Cryptography (ECC) is used. The proposed ECC‐based scheme is analyzed to show that it is resilient to relevant existing cryptographic attacks. The performance analysis in terms of less computation and communication overheads and increased efficiency is given. Moreover, a formal security verification of the proposed scheme is done using widely used AVISPA simulator and BAN logic that shows our scheme is well secured. 相似文献
20.
Integration of biometric data with cryptography is gaining importance to develop a secure distributed communication system. The main issue with this strategy is updating a biometric template and other credentials (like a cryptographic key) and sharing the same in a secure manner. This paper proposes a novel approach to protect a credential under the security of biometric data using fuzzy commitment so that it can be securely stored on a remote server. Furthermore, a protocol has been proposed to update the cryptographic key and biometric data online and share the same among communicating parties through a network channel. A rigorous security analysis of the scheme establishes the robustness of the scheme against many known attacks. In addition to this, to substantiate that the protocol is provably secure, it has been critically verified with two protocol verification tools, namely, the RO (Random Oracle) Model and the AVISPA (automated validation of Internet Security Protocols and Applications) tool. The proposed protocol is useful to design a multiparty system having a multi-user and multi-server environment. 相似文献