This paper is demonstrating to create a system of multifactor authentication based on biometric verification. Our system use iris for the first factor and fingerprint for the second factor. nce an attacker attempts to attack the system, there must have two factors. If one of them is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target. Furthermore, this system will be implemented to enhance security for accessing control login government system.
In most networks and distributed systems, security
has always been of a major concern and authentication is the core
issue as it provides protection from unauthorized use and ensures
proper functioning of the system. This paper investigates and
proposes DS-NIZKP, an approach for authenticating users by
three factors, (namely password, smart-card and biometrics)
based on the concept of Zero Knowledge Proof (ZKP), so that no
sensitive information can be revealed during a communication.
The proposal employs the concept of digital signature (DS) to
authenticate the identity of the sender or the signer within a
single communication. Given that DS employs asymmetric
encryption, a one-way hash of the user’s identity is created then
signed using the private key. Hashing prevents from revealing
information about the user while signing provides authentication,
non-repudiation and integrity. This approach not only saves time
since just a single message between the prover and the verifier is
necessary but also defends privacy of the user in distributed
systems.
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
Current password authentication system was proven not secure enough to protect the information from intruders. However, various research has been done and the results show the value of FRR still low and the value of FAR still high. Thus, one of the methods suggests, is enhancing the current system using keystroke dynamics. Keystroke dynamics is a type of biometric authentication that does not require any special hardware, easy to use as the same routine as normal password authentication. Therefore, this research proposed an authentication system using keystroke dynamics to prevent the system from intruders. A system is developed that consist of two parts which are enrolment and verification. Then, a prototype is developed for testing process that consists of 3 main modules, namely Enrolment, Client/Server Connection
and, Verification and Retraining. Based on the testing, the system proved that the keystroke dynamic authentication system was able to implement in client/server environment and shows the value of EER is low that indicates it provide a better system authentication. In future, the system can be improved by enhancing the security, performance, and user interface.
Secure Code Generation for Multi-level Mutual AuthenticationTELKOMNIKA JOURNAL
Any secured system requires one or more logging policies to make that system safe. Static
passwords alone cannot be furthermore enough for securing systems, even with strong passwords illegal
intrusions occur or it suffers the risk of forgotten. Authentication using many levels (factors) might
complicate the steps when intruders try to reach system resources. Any person to be authorized for
logging-in a secured system must provide some predefined data or present some entities that identify
his/her authority. Predefined information between the client and the system help to get more secure level
of logging-in. In this paper, the user that aims to log-in to a secured system must provide a recognized
RFID card with a mobile number, which is available in the secured systems database, then the secured
system with a simple algorithm generates a One-time Password that is sent via GSM Arduino compatible
shield to the user announcing him/her as an authorized person.
A secure communication in smart phones using two factor authenticationseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
This document summarizes a research paper about developing an authentication system for banking using implicit passwords. The proposed system uses randomly generated security questions to authenticate users, with answers provided as clickable points on an image instead of text. If the user correctly identifies the points associated with the security question, they are authenticated. The system aims to improve security over traditional username/password schemes while maintaining usability on mobile devices. Key modules described include user profile creation, generation of random authentication questions, comparing login profiles to verify identity, and allowing transactions and balance checks via SMS.
ipas implicit password authentication system ieee 2011prasanna9
This document summarizes a proposed authentication system called the Implicit Password Authentication System (IPAS). IPAS aims to address weaknesses in existing authentication schemes like passwords, tokens, biometrics and graphical passwords. It proposes using a set of questions and answers during registration that are then implicitly embedded into images by the server during authentication. The server randomly selects questions and images, requiring the user to demonstrate knowledge of their prior answers without directly reproducing them. The system is intended for mobile banking but could generalize to other client-server environments.
Two aspect authentication system using secure mobileUvaraj Shan
This document presents a two-factor authentication system that uses a user's mobile device. It combines one-time passwords as the first factor with encrypted user credentials stored on the mobile device as the second factor. The system is designed to provide strong authentication while reducing costs compared to hardware token-based systems. It analyzes the security of the approach and evaluates usability through a study. The study found participants were willing to accept lower usability for improved security when using untrusted computers.
This document discusses a proposed five-factor authentication scheme for secure banking transactions. The five factors are RFID card, PIN number, fingerprint, one-time password (OTP), and keypad ID. During registration, users provide fingerprints and other information that is stored. For login, the user submits their RFID card, PIN, and fingerprint. If the fingerprint exactly matches, the transaction is allowed. If not, an OTP is sent to the user's phone for verification along with keypad ID before allowing the transaction. The scheme aims to improve security over three-factor authentication while protecting user privacy.
In most networks and distributed systems, security
has always been of a major concern and authentication is the core
issue as it provides protection from unauthorized use and ensures
proper functioning of the system. This paper investigates and
proposes DS-NIZKP, an approach for authenticating users by
three factors, (namely password, smart-card and biometrics)
based on the concept of Zero Knowledge Proof (ZKP), so that no
sensitive information can be revealed during a communication.
The proposal employs the concept of digital signature (DS) to
authenticate the identity of the sender or the signer within a
single communication. Given that DS employs asymmetric
encryption, a one-way hash of the user’s identity is created then
signed using the private key. Hashing prevents from revealing
information about the user while signing provides authentication,
non-repudiation and integrity. This approach not only saves time
since just a single message between the prover and the verifier is
necessary but also defends privacy of the user in distributed
systems.
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
Current password authentication system was proven not secure enough to protect the information from intruders. However, various research has been done and the results show the value of FRR still low and the value of FAR still high. Thus, one of the methods suggests, is enhancing the current system using keystroke dynamics. Keystroke dynamics is a type of biometric authentication that does not require any special hardware, easy to use as the same routine as normal password authentication. Therefore, this research proposed an authentication system using keystroke dynamics to prevent the system from intruders. A system is developed that consist of two parts which are enrolment and verification. Then, a prototype is developed for testing process that consists of 3 main modules, namely Enrolment, Client/Server Connection
and, Verification and Retraining. Based on the testing, the system proved that the keystroke dynamic authentication system was able to implement in client/server environment and shows the value of EER is low that indicates it provide a better system authentication. In future, the system can be improved by enhancing the security, performance, and user interface.
Secure Code Generation for Multi-level Mutual AuthenticationTELKOMNIKA JOURNAL
Any secured system requires one or more logging policies to make that system safe. Static
passwords alone cannot be furthermore enough for securing systems, even with strong passwords illegal
intrusions occur or it suffers the risk of forgotten. Authentication using many levels (factors) might
complicate the steps when intruders try to reach system resources. Any person to be authorized for
logging-in a secured system must provide some predefined data or present some entities that identify
his/her authority. Predefined information between the client and the system help to get more secure level
of logging-in. In this paper, the user that aims to log-in to a secured system must provide a recognized
RFID card with a mobile number, which is available in the secured systems database, then the secured
system with a simple algorithm generates a One-time Password that is sent via GSM Arduino compatible
shield to the user announcing him/her as an authorized person.
A secure communication in smart phones using two factor authenticationseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
This document summarizes a research paper about developing an authentication system for banking using implicit passwords. The proposed system uses randomly generated security questions to authenticate users, with answers provided as clickable points on an image instead of text. If the user correctly identifies the points associated with the security question, they are authenticated. The system aims to improve security over traditional username/password schemes while maintaining usability on mobile devices. Key modules described include user profile creation, generation of random authentication questions, comparing login profiles to verify identity, and allowing transactions and balance checks via SMS.
ipas implicit password authentication system ieee 2011prasanna9
This document summarizes a proposed authentication system called the Implicit Password Authentication System (IPAS). IPAS aims to address weaknesses in existing authentication schemes like passwords, tokens, biometrics and graphical passwords. It proposes using a set of questions and answers during registration that are then implicitly embedded into images by the server during authentication. The server randomly selects questions and images, requiring the user to demonstrate knowledge of their prior answers without directly reproducing them. The system is intended for mobile banking but could generalize to other client-server environments.
Two aspect authentication system using secure mobileUvaraj Shan
This document presents a two-factor authentication system that uses a user's mobile device. It combines one-time passwords as the first factor with encrypted user credentials stored on the mobile device as the second factor. The system is designed to provide strong authentication while reducing costs compared to hardware token-based systems. It analyzes the security of the approach and evaluates usability through a study. The study found participants were willing to accept lower usability for improved security when using untrusted computers.
This document discusses a proposed five-factor authentication scheme for secure banking transactions. The five factors are RFID card, PIN number, fingerprint, one-time password (OTP), and keypad ID. During registration, users provide fingerprints and other information that is stored. For login, the user submits their RFID card, PIN, and fingerprint. If the fingerprint exactly matches, the transaction is allowed. If not, an OTP is sent to the user's phone for verification along with keypad ID before allowing the transaction. The scheme aims to improve security over three-factor authentication while protecting user privacy.
A novel multifactor authentication system ensuring usability and securityijsptm
User authentication is one of the most important part of information security. Computer security most
commonly depends on passwords to authenticate human users. Password authentication systems will be
either been usable but not secure, or secure but not usable. While there are different types of authentication
systems available alphanumeric password is the most commonly used authentication mechanism. But this
method has significant drawbacks. An alternative solution to the text based authentication is Graphical
User Authentication based on the fact that humans tends to remember images better than text. Graphical
password authentication systems provide passwords which are easy to be created and remembered by the
user. However, the main issues of simple graphical password techniques are shoulder surfing attack and
image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable
or usable but not secure. . In this paper, a new technique that uses cued click point graphical password
method along with the use of one-time session key is proposed. The goal is to propose a new authentication
mechanism using graphical password to achieve higher security and better usability levels. The result of
the system testing is evaluated and it reveals that the proposed system ensures security and usability to a
great extent.
This document proposes a location-based authentication system for enhancing e-banking security on smartphones. It reviews how location can be used as an additional authentication factor beyond traditional methods like passwords. The system would authenticate users by checking their GPS location on a timely basis in addition to their credentials. Using location tracking and self-destructing encryption keys that expire makes the system more secure by preventing unauthorized access to banking data and funds from outside approved locations. The goal is to offer banks more secure ways to provide mobile banking services via smartphone applications.
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
Contactless payments devised for NFC technology are gaining popularity. Howbeit, with NFC technology permeating concerns about arising security threats and risks to lessen mobile payments is vital. The security analysis of NFC-enabled mobile payment system is precariously imperative due to its widespread ratification. In mobile payments security is a prevalent concern by virtue of the financial value at stave. This paper assays the security of NFC based mobile payment system. It discusses the security requirements, threats and attacks that could occur in mobile payment system and the countermeasures to be taken to secure pursuance suitability.
Two aspect authentication system using secureUvaraj Shan
This document proposes a two-factor authentication system using mobile devices. It uses a combination of one-time passwords (OTP) as the first factor and encrypted user credentials stored on the mobile device as the second factor. An OTP algorithm is developed that uses aspects like the IMEI, IMSI, username, PIN, hour and minute to generate unique and hard to guess passwords. The system can operate in two modes - a connectionless mode where OTP is generated locally on the device, or an SMS-based mode where the device requests the OTP from the server via SMS. A security and usability analysis is presented, showing the system is secure against various attacks and users are willing to accept lower usability for higher security.
Effectiveness of various user authentication techniquesIAEME Publication
This document discusses and compares various user authentication techniques. It analyzes one-time password authentication using smart phones (oPass), 3D password authentication using a virtual environment, and smart card-based authentication. oPass requires the user to remember only a long-term password for their phone, while the website generates one-time passwords via SMS. 3D passwords combine multiple authentication methods by having users navigate and interact with virtual objects. Smart card authentication does not store passwords in verification tables and allows password changes for mutual authentication. The document examines the advantages and disadvantages of these approaches.
IRJET - Graphical Password Authentication for Banking SystemIRJET Journal
This document describes a proposed system for enhancing authentication security for banking transactions through the use of graphical passwords. The system uses a two-step verification process, with pass-point authentication to validate the user during login by requiring them to click on a sequence of points on an image. For transactions, a color palette technique is used where the user must enter a pin number by selecting the corresponding color pairs. The system aims to improve security over traditional text passwords and prevent fraud by automatically filing a complaint if unauthorized access is detected and notifying the user via mobile if a transaction is halted.
This document provides an overview of biometric encryption, which is a technique that securely links a digital cryptographic key to a biometric template (such as a fingerprint image) during enrollment. It allows the key to be retrieved later during verification by matching a new biometric sample to the stored template. The key is independent of the biometric data, so compromising the key does not invalidate the use of that biometric, and the key can be easily updated. The document describes how biometric encryption uses correlation filtering of fingerprint images to generate a "bioscrypt" during enrollment that securely embeds the key, and then retrieves the key during verification by correlating a new fingerprint with the bioscrypt. It outlines the requirements for distortion tolerance
Online applications using strong authentication with OTP grid cardsBayalagmaa Davaanyam
This document discusses using grid cards with one-time passwords for strong authentication in online applications in Mongolia. It proposes a system where users are prompted with random grid card cell coordinates and must enter the corresponding password to authenticate. Passwords are created from the grid card contents using a one-time password algorithm. This provides two-factor authentication by combining something the user possesses (the grid card) with dynamically generated passwords. The document analyzes security aspects and compares this approach to other authentication methods used in Mongolian banking, concluding that grid cards can help improve online security in a cost-effective manner.
MULTIMODAL BIOMETRIC AUTHENTICATION: SECURED ENCRYPTION OF IRIS USING FINGERP...ijcisjournal
Securing data storage using biometrics is the current trend. Different physiological as well as behavioral biometrics like face, fingerprint, iris, Gait, voice etc.. is used in providing security to the data. The proposed work explains about the biometric encryption technology which will securely generate a digital key using two biometric modalities. Iris is encrypted using Fingerprint ID of 32-bit as the key in this work.
For encryption Blowfish algorithm is used and the encrypted template is stored in the database and one is given to the user. During the authentication time user input the template and the fingerprint. This template is then decrypted and verified with the original template taken from the database to check whether the user is genuine or an imposter. Hamming distance is used to measure the matching of the templates. CASIA Iris
database is used for experimentation and fingerprint images read through the R303 - fingerprint reader.
This document summarizes a research paper that proposes a method for implementing two-factor authentication using mobile devices. The method uses time synchronous authentication based on hashing the current epoch time, a personal identification number, and a secret initialization value. This generates a one-time password on the mobile device that is valid for 60 seconds. The proposed method was implemented on J2ME-based mobile phones and could be extended to Android phones. It aims to provide stronger authentication than passwords alone in a manner that is portable and compatible with mobile devices.
This document proposes a system for strengthening security for online banking transactions. It involves multi-level authentication including face recognition, graphical OTP authentication using a 4x4 grid of random numbers, and security questions. Users first register security images, a security pattern by selecting indexes on a 4x4 grid, answers to security questions, and their face is recorded. For login, the security images and username/password are verified. Transactions require face recognition if a webcam is available, otherwise graphical OTP authentication is used where the user selects numbers from the indexes of their security pattern on a randomly generated 4x4 grid. Additionally, two random security questions are asked before completing a transaction. The system aims to provide secure electronic transactions through this multi-factor
This paper analyzes the various authentication systems implemented for enhanced security and private reposition
of an individual’s login credentials. The first part of the paper describes the multi-factor authentication (MFA) systems, which, though not applicable to the field of Internet of Things, provides great security to a user’s credentials. MFA is followed by a brief description of the working mechanism of interaction of third party clients with private resources over the OAuth protocol framework and a study of the delegation based authentication system in IP-based IoT.
This document discusses using one-time password (OTP) grid cards for strong authentication in online applications in Mongolia. It proposes a system where OTPs are generated from grid cards containing numbers and letters. When logging in, a user must provide their password and the contents of a randomly selected cell from their unique grid card. Adding salt passwords and generating challenges from least-used cells increases security by preventing prediction of responses. The system aims to improve online banking security in Mongolia by providing multi-factor authentication without specialized hardware tokens.
An Overview on Authentication Approaches and Their Usability in Conjunction w...IJERA Editor
The usage of sensitive online services and applications such as online banking, e-commerce etc is increasing day by day. These technologies have tremendously improved making our daily life easier. However, these developments have been accompanied by E-piracy where attackers try to get access to services illegally. As sensitive information flow through Internet, they need support for security properties such as authentication, authorization, data confidentiality. Perhaps static password (User ID & password) is the most common and widely accepted authentication method. Online applications need strong password such as a combination of alphanumeric with special characters. In general, having one password for a single service may be easy to remember, but controlling many passwords for different services poses a tedious task on users online applications . Usually users try to use same password for different services or make slight changes in the password which can be easy for attacker to guess adding increased security threat. In order to overcome this, stronger authentication solutions need to be suggested and adapted for services based network.
IRJET- Technical Review of different Methods for Multi Factor AuthenticationIRJET Journal
This document discusses various multi-factor authentication methods including smart cards, graphical passwords, risk assessment, mobile phone tokens, GPS location and timestamp, hand vein recognition, DNA recognition, and biometric authentication. It provides details on how each method works and evaluates factors like universality, uniqueness, collectability, performance and acceptability for multi-factor authentication. The document aims to review different technical approaches to implement multi-factor authentication for secure user identification.
IRJET- Data Security with Multifactor AuthenticationIRJET Journal
This document discusses a multi-factor authentication system for improving data security. It proposes using passwords, one-time passwords via QR codes, and encryption/decryption of stored data. The system uses three stages of verification: login with username and password, verification with a randomly generated OTP QR code, and encrypting uploaded data and decrypting downloaded data with keys. By adding multiple layers of authentication and encrypting data, the system aims to minimize unauthorized access to secure systems and stored information.
The document proposes an e-voting system for people on duty using RSA encryption and Kerberos authentication. It describes the methodology, algorithms, and modules used in the system, including voter account maintenance and encryption/decryption with RSA. The system aims to provide a secure and efficient way for people unable to vote in-person to cast their ballot remotely.
El documento habla sobre la importancia de la tecnología y la innovación para mejorar la vida de las personas. Explica que la inteligencia artificial y la automatización están transformando la sociedad y la economía de maneras que mejoran la productividad y crean nuevas oportunidades laborales. Sin embargo, también advierte sobre los desafíos de asegurar que el progreso tecnológico beneficie a todos, no solo a unos pocos.
This document provides background information on Richard Nixon's life and political career. It discusses Nixon growing up in a Quaker family in California, his early political successes, role in the House Un-American Activities Committee, campaigns for vice president and president. It outlines key events of Nixon's presidency, including the Watergate scandal, his involvement in covering it up, and eventual resignation in 1974. The document provides context for understanding Nixon beyond just the Watergate president.
A novel multifactor authentication system ensuring usability and securityijsptm
User authentication is one of the most important part of information security. Computer security most
commonly depends on passwords to authenticate human users. Password authentication systems will be
either been usable but not secure, or secure but not usable. While there are different types of authentication
systems available alphanumeric password is the most commonly used authentication mechanism. But this
method has significant drawbacks. An alternative solution to the text based authentication is Graphical
User Authentication based on the fact that humans tends to remember images better than text. Graphical
password authentication systems provide passwords which are easy to be created and remembered by the
user. However, the main issues of simple graphical password techniques are shoulder surfing attack and
image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable
or usable but not secure. . In this paper, a new technique that uses cued click point graphical password
method along with the use of one-time session key is proposed. The goal is to propose a new authentication
mechanism using graphical password to achieve higher security and better usability levels. The result of
the system testing is evaluated and it reveals that the proposed system ensures security and usability to a
great extent.
This document proposes a location-based authentication system for enhancing e-banking security on smartphones. It reviews how location can be used as an additional authentication factor beyond traditional methods like passwords. The system would authenticate users by checking their GPS location on a timely basis in addition to their credentials. Using location tracking and self-destructing encryption keys that expire makes the system more secure by preventing unauthorized access to banking data and funds from outside approved locations. The goal is to offer banks more secure ways to provide mobile banking services via smartphone applications.
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
Contactless payments devised for NFC technology are gaining popularity. Howbeit, with NFC technology permeating concerns about arising security threats and risks to lessen mobile payments is vital. The security analysis of NFC-enabled mobile payment system is precariously imperative due to its widespread ratification. In mobile payments security is a prevalent concern by virtue of the financial value at stave. This paper assays the security of NFC based mobile payment system. It discusses the security requirements, threats and attacks that could occur in mobile payment system and the countermeasures to be taken to secure pursuance suitability.
Two aspect authentication system using secureUvaraj Shan
This document proposes a two-factor authentication system using mobile devices. It uses a combination of one-time passwords (OTP) as the first factor and encrypted user credentials stored on the mobile device as the second factor. An OTP algorithm is developed that uses aspects like the IMEI, IMSI, username, PIN, hour and minute to generate unique and hard to guess passwords. The system can operate in two modes - a connectionless mode where OTP is generated locally on the device, or an SMS-based mode where the device requests the OTP from the server via SMS. A security and usability analysis is presented, showing the system is secure against various attacks and users are willing to accept lower usability for higher security.
Effectiveness of various user authentication techniquesIAEME Publication
This document discusses and compares various user authentication techniques. It analyzes one-time password authentication using smart phones (oPass), 3D password authentication using a virtual environment, and smart card-based authentication. oPass requires the user to remember only a long-term password for their phone, while the website generates one-time passwords via SMS. 3D passwords combine multiple authentication methods by having users navigate and interact with virtual objects. Smart card authentication does not store passwords in verification tables and allows password changes for mutual authentication. The document examines the advantages and disadvantages of these approaches.
IRJET - Graphical Password Authentication for Banking SystemIRJET Journal
This document describes a proposed system for enhancing authentication security for banking transactions through the use of graphical passwords. The system uses a two-step verification process, with pass-point authentication to validate the user during login by requiring them to click on a sequence of points on an image. For transactions, a color palette technique is used where the user must enter a pin number by selecting the corresponding color pairs. The system aims to improve security over traditional text passwords and prevent fraud by automatically filing a complaint if unauthorized access is detected and notifying the user via mobile if a transaction is halted.
This document provides an overview of biometric encryption, which is a technique that securely links a digital cryptographic key to a biometric template (such as a fingerprint image) during enrollment. It allows the key to be retrieved later during verification by matching a new biometric sample to the stored template. The key is independent of the biometric data, so compromising the key does not invalidate the use of that biometric, and the key can be easily updated. The document describes how biometric encryption uses correlation filtering of fingerprint images to generate a "bioscrypt" during enrollment that securely embeds the key, and then retrieves the key during verification by correlating a new fingerprint with the bioscrypt. It outlines the requirements for distortion tolerance
Online applications using strong authentication with OTP grid cardsBayalagmaa Davaanyam
This document discusses using grid cards with one-time passwords for strong authentication in online applications in Mongolia. It proposes a system where users are prompted with random grid card cell coordinates and must enter the corresponding password to authenticate. Passwords are created from the grid card contents using a one-time password algorithm. This provides two-factor authentication by combining something the user possesses (the grid card) with dynamically generated passwords. The document analyzes security aspects and compares this approach to other authentication methods used in Mongolian banking, concluding that grid cards can help improve online security in a cost-effective manner.
MULTIMODAL BIOMETRIC AUTHENTICATION: SECURED ENCRYPTION OF IRIS USING FINGERP...ijcisjournal
Securing data storage using biometrics is the current trend. Different physiological as well as behavioral biometrics like face, fingerprint, iris, Gait, voice etc.. is used in providing security to the data. The proposed work explains about the biometric encryption technology which will securely generate a digital key using two biometric modalities. Iris is encrypted using Fingerprint ID of 32-bit as the key in this work.
For encryption Blowfish algorithm is used and the encrypted template is stored in the database and one is given to the user. During the authentication time user input the template and the fingerprint. This template is then decrypted and verified with the original template taken from the database to check whether the user is genuine or an imposter. Hamming distance is used to measure the matching of the templates. CASIA Iris
database is used for experimentation and fingerprint images read through the R303 - fingerprint reader.
This document summarizes a research paper that proposes a method for implementing two-factor authentication using mobile devices. The method uses time synchronous authentication based on hashing the current epoch time, a personal identification number, and a secret initialization value. This generates a one-time password on the mobile device that is valid for 60 seconds. The proposed method was implemented on J2ME-based mobile phones and could be extended to Android phones. It aims to provide stronger authentication than passwords alone in a manner that is portable and compatible with mobile devices.
This document proposes a system for strengthening security for online banking transactions. It involves multi-level authentication including face recognition, graphical OTP authentication using a 4x4 grid of random numbers, and security questions. Users first register security images, a security pattern by selecting indexes on a 4x4 grid, answers to security questions, and their face is recorded. For login, the security images and username/password are verified. Transactions require face recognition if a webcam is available, otherwise graphical OTP authentication is used where the user selects numbers from the indexes of their security pattern on a randomly generated 4x4 grid. Additionally, two random security questions are asked before completing a transaction. The system aims to provide secure electronic transactions through this multi-factor
This paper analyzes the various authentication systems implemented for enhanced security and private reposition
of an individual’s login credentials. The first part of the paper describes the multi-factor authentication (MFA) systems, which, though not applicable to the field of Internet of Things, provides great security to a user’s credentials. MFA is followed by a brief description of the working mechanism of interaction of third party clients with private resources over the OAuth protocol framework and a study of the delegation based authentication system in IP-based IoT.
This document discusses using one-time password (OTP) grid cards for strong authentication in online applications in Mongolia. It proposes a system where OTPs are generated from grid cards containing numbers and letters. When logging in, a user must provide their password and the contents of a randomly selected cell from their unique grid card. Adding salt passwords and generating challenges from least-used cells increases security by preventing prediction of responses. The system aims to improve online banking security in Mongolia by providing multi-factor authentication without specialized hardware tokens.
An Overview on Authentication Approaches and Their Usability in Conjunction w...IJERA Editor
The usage of sensitive online services and applications such as online banking, e-commerce etc is increasing day by day. These technologies have tremendously improved making our daily life easier. However, these developments have been accompanied by E-piracy where attackers try to get access to services illegally. As sensitive information flow through Internet, they need support for security properties such as authentication, authorization, data confidentiality. Perhaps static password (User ID & password) is the most common and widely accepted authentication method. Online applications need strong password such as a combination of alphanumeric with special characters. In general, having one password for a single service may be easy to remember, but controlling many passwords for different services poses a tedious task on users online applications . Usually users try to use same password for different services or make slight changes in the password which can be easy for attacker to guess adding increased security threat. In order to overcome this, stronger authentication solutions need to be suggested and adapted for services based network.
IRJET- Technical Review of different Methods for Multi Factor AuthenticationIRJET Journal
This document discusses various multi-factor authentication methods including smart cards, graphical passwords, risk assessment, mobile phone tokens, GPS location and timestamp, hand vein recognition, DNA recognition, and biometric authentication. It provides details on how each method works and evaluates factors like universality, uniqueness, collectability, performance and acceptability for multi-factor authentication. The document aims to review different technical approaches to implement multi-factor authentication for secure user identification.
IRJET- Data Security with Multifactor AuthenticationIRJET Journal
This document discusses a multi-factor authentication system for improving data security. It proposes using passwords, one-time passwords via QR codes, and encryption/decryption of stored data. The system uses three stages of verification: login with username and password, verification with a randomly generated OTP QR code, and encrypting uploaded data and decrypting downloaded data with keys. By adding multiple layers of authentication and encrypting data, the system aims to minimize unauthorized access to secure systems and stored information.
The document proposes an e-voting system for people on duty using RSA encryption and Kerberos authentication. It describes the methodology, algorithms, and modules used in the system, including voter account maintenance and encryption/decryption with RSA. The system aims to provide a secure and efficient way for people unable to vote in-person to cast their ballot remotely.
El documento habla sobre la importancia de la tecnología y la innovación para mejorar la vida de las personas. Explica que la inteligencia artificial y la automatización están transformando la sociedad y la economía de maneras que mejoran la productividad y crean nuevas oportunidades laborales. Sin embargo, también advierte sobre los desafíos de asegurar que el progreso tecnológico beneficie a todos, no solo a unos pocos.
This document provides background information on Richard Nixon's life and political career. It discusses Nixon growing up in a Quaker family in California, his early political successes, role in the House Un-American Activities Committee, campaigns for vice president and president. It outlines key events of Nixon's presidency, including the Watergate scandal, his involvement in covering it up, and eventual resignation in 1974. The document provides context for understanding Nixon beyond just the Watergate president.
Este documento presenta una guía de 5 pasos para resolver problemas de forma efectiva: 1) Identificar claramente el problema, 2) Escoger un problema para enfocarse, 3) Generar múltiples soluciones posibles, 4) Crear un plan de acción específico y alcanzable, 5) Evaluar el resultado del plan y determinar los próximos pasos. El objetivo es enseñar estrategias sistemáticas para que las personas puedan resolver sus propios problemas de una manera constructiva.
Este documento presenta las funciones principales de Dropbox, incluyendo preservar la seguridad de archivos al guardarlos en la nube, disponer de archivos desde cualquier dispositivo, y colaborar en archivos con otros a través de carpetas compartidas. Explica cómo instalar las aplicaciones, agregar archivos, compartir vínculos, y crear carpetas compartidas para editar documentos en equipo de manera sincronizada.
The document is a letter from President Dietz of Illinois State University welcoming a new student to the university and inviting them to document their first memories of being a Redbird by flipping over the letter. It congratulates the student on becoming the newest member of the Redbird family and looks forward to them starting in the fall semester.
Estudio La Población Andaluza y las Drogas XIIsaludand
Este documento presenta los resultados de la duodécima edición del estudio "La población andaluza ante las drogas", realizado en 2011. El objetivo principal del estudio es conocer la prevalencia del consumo de diferentes sustancias psicoactivas entre la población andaluza, así como la evolución de estos consumos a lo largo del tiempo. El estudio también explora la percepción del riesgo y disponibilidad de las sustancias, y las actitudes hacia el consumo y la prevención. El estudio mantiene la estructura y contenido de
El documento describe la evolución del sistema de dirección en los vehículos. Inicialmente, la dirección se controlaba mediante una palanca o manubrio, pero luego se adoptó el volante redondo. También se desarrollaron sistemas de desmultiplicación para hacer la dirección más suave. Hoy en día, los sistemas de dirección son más precisos, sensibles y suaves para el conductor.
This document contains summaries of key concepts in political science:
- It describes the original design of the US presidency and differences between the House and Senate. The House represents proportional population, sits for 2 years. The Senate gives 2 seats to each state, terms are staggered.
- It defines types of campaign funding: direct "hard money" donations and less regulated "soft money".
- It explains swing states that can support either party, and microtargeting of specific demographic ads.
- It outlines valence, position, and wedge issues that candidates emphasize.
- It lists key factors that influence elections: the economy, presidential popularity, time in office of the incumbent party.
- It defines party identification and the coat
Este documento presenta varias técnicas para aprender a controlar la irritabilidad. Explica que la irritabilidad se produce por pensamientos distorsionados en respuesta a acontecimientos externos, y no por los acontecimientos en sí mismos. Identifica distintos tipos de distorsiones cognitivas como el catastrofismo y las atribuciones erróneas que conducen a la irritabilidad. Recomienda reemplazar estos pensamientos distorsionados por pensamientos más realistas para sentirse menos irritable y tener mayor autocontrol.
El documento resume los antecedentes históricos de Inglaterra, dividiéndolos en tres períodos: anglosajón, de Guillermo el Conquistador a los Tudor, y del siglo XV a la actualidad. Explica el origen del common law en la edad media y su influencia actual. Describe los sistemas político, legislativo, ejecutivo y judicial de Gran Bretaña, incluyendo el papel de la reina, el Parlamento bicameral, el primer ministro y gabinete, y la estructura del poder judicial.
This document summarizes several political sex scandals involving US politicians from 1987 to 2016. It provides brief descriptions of scandals involving Congressman Mark Foley, Senator Larry Craig, Governor Mark Sanford, Congressman Chris Lee, Herman Cain, General David Petraeus, Congressman Vance McAllister, and Congressman Anthony Weiner. The scandals ranged from inappropriate messages to underage pages to sexting and affairs, and had consequences from resignations to election losses for those involved.
Chatan Swaroop Agrawal is seeking a position in food quality control with his B.Tech in Food Technology. He has over 2 years of experience testing raw materials and finished products for quality at bread and pasta manufacturers. His responsibilities included ensuring compliance with food safety standards like ISO 22000 and HACCP. He is looking to grow his skills and help organizations achieve their goals.
The document discusses issues with the state of the UK's National Health Service (NHS). It notes that while the Conservative party claims to have protected the NHS, hospitals actually face fines of £120 for each patient not treated within 4 hours in A&E. This puts pressure on staff and hospital budgets. The policy was introduced in 2004 by Labour and lowered further in 2010, showing problems predate the current government. However, the Conservatives have failed to return the NHS to public control, with deficits growing as parts are privatized, prioritizing profits over patients. The future of the NHS looks bleak despite increased public discourse on the issue.
Diario de sesiones del Pleno del Parlamentosaludand
Este documento contiene el orden del día de la sesión plenaria número 8 celebrada el 27 de septiembre de 2012 en el Parlamento de Andalucía. Incluye mociones, interpelaciones y preguntas orales sobre temas como política de empleo, planificación administrativa, presupuestos, educación y sanidad.
This curriculum vitae provides details about Md. Tanjil Islam, a Diploma Engineer in Construction. It outlines his personal details including name, date of birth, address, education qualifications including a Diploma in Engineering Technology: Civil and secondary school certificate. It also describes his computer skills, language competency, hobbies and personal strengths such as ability to maintain schedules and communicate effectively. The objective is to work in a creative and challenging environment where his skills and talents can be utilized.
This document discusses interest groups and their role in influencing policy. It defines interest groups as groups of citizens who share common interests and try to influence policy. It describes different types of interest groups, such as proactive, reactive, homogeneous, and heterogeneous groups. It also outlines some of the functions of interest groups, including representation, participation, education, agenda building, and program monitoring. Finally, it discusses factors that motivate individuals to join interest groups, such as common problems or threats, leadership, and different types of benefits members may receive.
The blue book provides guidelines for the control of infectious diseases in Victoria, including information on disease identification and notification requirements, and is intended to assist public health practitioners in disease prevention and control. It contains profiles for numerous infectious diseases covering their infectious agent, symptoms, transmission, treatment and control. The guidelines were developed by the Communicable Diseases Section of the Victorian Department of Human Services based on national and international sources.
A secure communication in smart phones using two factor authenticationeSAT Journals
Abstract Most secure systems face security attacks mainly at the client side. Two Factor Authentication (TFA) provides improved protection to the system at the client side by prompting to provide something they know and something they have. This system uses a one time password(OTP) generation method which doesn’t require client-server communication, which frees the system from cost of sending a dynamic password each time the client wants to login. The OTP generation uses the factors that are unique to the user and is installed on a smart phone in Android platform owned by the user. An OTP is valid for a minutes time, after which, is useless. The system thus provides better client level security – a simple low cost method which protects system from hacking techniques like key logging, phishing, shoulder surfing, etc. Keywords—Authentication, OTP, key logging, phishing
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
This document summarizes authentication techniques for mobile systems. It discusses single-factor and multi-factor authentication using passwords, tokens, and biometrics. It also reviews RFID authentication protocols like SRAC and ASRAC for secure and low-cost RFID systems. Public key cryptography models using elliptic curve cryptography are proposed for mobile security. Secure authentication provides benefits like protection, scalability, speed, and availability for mobile enterprises. Both encryption and authentication are needed but encryption requires more processing resources so should only be used for critical information.
Two aspect authentication system using secure mobile devicesUvaraj Shan
This document summarizes a research paper that proposes a two-factor authentication system using mobile devices. The system uses one-time passwords as the first authentication factor and encrypted user credentials stored on a mobile phone as the second factor. The system is designed to provide strong authentication while reducing costs compared to token-based systems. It analyzes the security of the approach and evaluates usability through a study where participants accepted lower usability for improved security of their credentials.
This document provides an overview of a proposed mobile-based software token system for two-factor authentication. The system aims to replace existing hardware and computer-based software tokens by using mobile phones. It consists of software installed on client mobile phones, a server, and a GSM modem. The system can generate one-time passwords locally on the phone or via SMS from the server. Algorithms and factors like IMEI, IMSI, username, and PIN are used to securely generate unique passwords. Functional requirements include modules for password generation, client design, and server design. Non-functional requirements address availability, efficiency, flexibility, portability, integrity, and scalability.
Two aspect authentication system using secureUvaraj Shan
This document proposes a two-factor authentication system using mobile devices. It uses a combination of one-time passwords (OTP) as the first factor and encrypted user credentials stored on a mobile device as the second factor. An OTP algorithm is developed that uses aspects like the IMEI, IMSI, username, PIN, hour and minute to generate unique passwords. The system can operate in a standalone mode where OTPs are generated locally on devices, or an SMS-based mode where OTPs are requested from the server. Security and usability evaluations show the system protects against attacks while being usable.
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
This document discusses an approach for continuous and transparent user identification for secure web services using biometrics. It proposes a framework called CASHMA (Context-Aware Security by Hierarchical Multilevel Architecture) that uses multi-modal biometrics for continuous authentication. CASHMA authenticates users using biometric traits instead of usernames and passwords, and periodically re-authenticates users during a session to ensure security. The document describes how CASHMA works, including how it issues authentication certificates to validate user identity on an ongoing basis and adaptively sets session timeouts. It concludes that CASHMA enhances security and usability for user sessions through continuous multi-modal biometric authentication and verification.
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
The document discusses multifactor authentication solutions from ARX to provide secure access in a work from home environment due to COVID-19. It summarizes the business challenges of passwords being vulnerable to theft and the need for authentication beyond passwords. It then describes ARX's multifactor authentication solution which provides various authentication factors like one-time passwords, soft/hardware tokens, biometrics, and risk-based authentication. It offers centralized policy management and integration with third-party multifactor solutions. ARX provides an advanced multifactor authentication solution for both security and usability for users and administrators.
Three Step Multifactor Authentication Systems for Modern Securityijtsrd
Three factor authentication includes all major features in password authentication such as one factor authentication. Using passwords and two factor authentication is not enough to provide the best protection in the digital age significantly. Advances in the field of information technology. Even when one or two feature authentication was used to protect the remote control system, hacking tools, it was a simple computer program to collect private keys, and private generators made it difficult to provide protection. Security threats based on malware, such as key trackers installed, continue to be available to improve security risks. This requires the use of safe and easy to use materials. As a result, Three Level Security is an easy to use software. Soumyashree RK | Goutham S "Three Step Multifactor Authentication Systems for Modern Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49785.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/49785/three-step-multifactor-authentication-systems-for-modern-security/soumyashree-rk
PingID provides cloud-based, adaptive multi-factor authentication for Office 365, VPN, and all of your apps with mobile push and biometric authentication, one-time passcodes and more. Learn how Ping Identity enhances your security with MFA, without sacrificing the user experience.
Two Factor Authentication Using Smartphone Generated One Time PasswordIOSR Journals
This document proposes a two-factor authentication system that uses smartphones to generate one-time passwords (OTPs). It aims to improve security over traditional password-based systems while reducing costs compared to hardware token-based OTP systems. The proposed system would have client software on PCs and Android apps to generate OTPs using cryptographic algorithms and unique device identifiers. OTPs would be validated by the server to authenticate transactions. Future work could explore using images instead of OTPs for two-factor authentication via mobile apps.
1) This research paper proposes a User Authentication Level System (UALS) model for assessing the risk of multi-factor authentication methods.
2) The UALS model defines 5 levels of authentication based on technical requirements from NIST SP800-63, with higher levels incorporating additional authentication factors such as biometric information and hardware tokens.
3) A selection process is described to evaluate transaction risks and vulnerabilities and select the appropriate authentication level, followed by testing to ensure risks are eliminated.
Eds user authenticationuser authentication methodslapao2014
User authentication is the process of verifying a user's identity and granting access to resources. It commonly involves a username and password but is vulnerable. Strong authentication uses two or more factors, such as something you have (e.g. card) and something you know (e.g. PIN), making impersonation and repudiation more difficult. Common strong authentication methods include smart cards, digital certificates, and biometrics. Organizations select authentication based on required security level, complexity of techniques, user impact, and cost.
The document discusses new authentication technologies including biometric identification using fingerprints, iris patterns, etc. It describes various hardware and software token options for two-factor authentication such as smart cards, magnetic stripe cards, mobile phones, and smartphones. It also discusses ensuring the security of passwords and authentication systems.
An efficient implementation for key management technique using smart card and...ijctcm
The document describes a proposed key management technique using smart cards and Elliptic Curve Integrated Encryption Scheme (ECIES) cryptography. The technique involves 4 phases: registration, login, verification, and password change. ECIES encryption and decryption are used to securely transmit keys during the process. The proposed approach aims to provide a more secure smart card-based key management solution compared to existing techniques.
The document summarizes the evolution of multi-factor authentication (MFA). It discusses how MFA began with concepts like using multiple keys and has evolved to incorporate digital methods like passwords and authentication apps on smartphones. Breaches and hacks in the 2000s and 2010s increased calls for stronger authentication, leading to MFA becoming more widely adopted. MFA provides increased security by requiring users to present two or more unique forms of authentication, such as something they know, have, or are, to verify their identity.
Biometric System and Recognition Authentication and Security Issuesijtsrd
This document summarizes a research paper on biometric systems for authentication and security issues. The paper provides an overview of biometric systems and how they are used for authentication. It discusses some of the main types of biometrics like fingerprints, facial recognition, voice recognition, and others. It also covers authentication processes, including enrollment and verification. The paper analyzes security issues like spoofing attacks and discusses liveness detection techniques to help prevent spoofing. It evaluates biometric systems based on authentication accuracy and security. In conclusion, the paper argues that biometrics can provide secure authentication but that future research should focus on improving accuracy under non-ideal conditions and enhancing security against spoofing attacks.
This document discusses three-factor authentication schemes for automated teller machines (ATMs) and banking operations using universal subscriber identification modules (USIM). It proposes a systematic approach for authenticating clients using three factors: password, smart card, and biometrics. The system would involve clients registering with a server using an initial password and biometrics to receive a smart card. Clients could then log in using their password, smart card, and biometrics. The document outlines several authentication protocols for registration, login, password changing, and biometrics changing. It also discusses technologies involved like smart cards, principal component analysis for face recognition, and security aspects.
This document summarizes a research paper on M-Pass, a proposed user authentication protocol that aims to prevent password stealing and reuse attacks. M-Pass leverages cell phones and SMS to authenticate users on untrusted devices without requiring them to enter passwords. It involves a registration phase where users register with a website and encrypt a password with their phone number. For login, users provide their username and long-term phone password, and the website generates a one-time password using a secret credential. The protocol aims to eliminate the need to remember multiple passwords by using the phone for authentication across websites. Evaluation shows registration and login times average around 4 and 3.5 minutes respectively. The researchers conclude M-Pass can prevent password stealing and reuse
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...inventionjournals
The document proposes augmenting the security of ATM systems by integrating multimodal biometrics like fingerprint and palm print that are linked to individual profiles on the UIDAI server. This enhanced authentication solution would improve security and customer confidence in banking services by providing stronger verification of an individual's identity compared to existing card-based systems. The proposed system models an ATM emulator using a microcontroller that authenticates users through their biometrics and UID card linked to their bank account profile for secure transactions.
This document provides an introduction to identity verification and authentication in computer systems. It discusses how identity was traditionally based on things one has like keys or knows like passwords, but these can be stolen, lost, or forgotten. Biometrics offer a more reliable method of verification based on measurable physiological characteristics like fingerprints. The document outlines three main methods of authentication: something you know (like a password), something you have (like a smart card), and something you are (a biometric). Using two factors together provides greater security than a single factor alone.
Similar to AN ENHANCED SECURITY FOR GOVERNMENT BASE ON MULTIFACTOR BIOMETRIC AUTHENTICATION (20)
Rendezvous Sequence Generation Algorithm for Cognitive Radio Networks in Post...IJCNCJournal
Recent natural disasters have inflicted tremendous damage on humanity, with their scale progressively increasing and leading to numerous casualties. Events such as earthquakes can trigger secondary disasters, such as tsunamis, further complicating the situation by destroying communication infrastructures. This destruction impedes the dissemination of information about secondary disasters and complicates post-disaster rescue efforts. Consequently, there is an urgent demand for technologies capable of substituting for these destroyed communication infrastructures. This paper proposes a technique for generating rendezvous sequences to swiftly reconnect communication infrastructures in post-disaster scenarios. We compare the time required for rendezvous using the proposed technique against existing methods and analyze the average time taken to establish links with the rendezvous technique, discussing its significance. This research presents a novel approach enabling rapid recovery of destroyed communication infrastructures in disaster environments through Cognitive Radio Network (CRN) technology, showcasing the potential to significantly improve disaster response and recovery efforts. The proposed method reduces the time for the rendezvous compared to existing methods, suggesting that it can enhance the efficiency of rescue operations in post-disaster scenarios and contribute to life-saving efforts.
Blockchain Enforced Attribute based Access Control with ZKP for Healthcare Se...IJCNCJournal
The relationship between doctors and patients is reinforced through the expanded communication channels provided by remote healthcare services, resulting in heightened patient satisfaction and loyalty. Nonetheless, the growth of these services is hampered by security and privacy challenges they confront. Additionally, patient electronic health records (EHR) information is dispersed across multiple hospitals in different formats, undermining data sovereignty. It allows any service to assert authority over their EHR, effectively controlling its usage. This paper proposes a blockchain enforced attribute-based access control in healthcare service. To enhance the privacy and data-sovereignty, the proposed system employs attribute-based access control, zero-knowledge proof (ZKP) and blockchain. The role of data within our system is pivotal in defining attributes. These attributes, in turn, form the fundamental basis for access control criteria. Blockchain is used to keep hospital information in public chain but EHR related data in private chain. Furthermore, EHR provides access control by using the attributed based cryptosystem before they are stored in the blockchain. Analysis shows that the proposed system provides data sovereignty with privacy provision based on the attributed based access control.
EECRPSID: Energy-Efficient Cluster-Based Routing Protocol with a Secure Intru...IJCNCJournal
A revolutionary idea that has gained significance in technology for Internet of Things (IoT) networks backed by WSNs is the " Energy-Efficient Cluster-Based Routing Protocol with a Secure Intrusion Detection" (EECRPSID). A WSN-powered IoT infrastructure's hardware foundation is hardware with autonomous sensing capabilities. The significant features of the proposed technology are intelligent environment sensing, independent data collection, and information transfer to connected devices. However, hardware flaws and issues with energy consumption may be to blame for device failures in WSN-assisted IoT networks. This can potentially obstruct the transfer of data. A reliable route significantly reduces data retransmissions, which reduces traffic and conserves energy. The sensor hardware is often widely dispersed by IoT networks that enable WSNs. Data duplication could occur if numerous sensor devices are used to monitor a location. Finding a solution to this issue by using clustering. Clustering lessens network traffic while retaining path dependability compared to the multipath technique. To relieve duplicate data in EECRPSID, we applied the clustering technique. The multipath strategy might make the provided protocol more dependable. Using the EECRPSID algorithm, will reduce the overall energy consumption, minimize the End-to-end delay to 0.14s, achieve a 99.8% Packet Delivery Ratio, and the network's lifespan will be increased. The NS2 simulator is used to run the whole set of simulations. The EECRPSID method has been implemented in NS2, and simulated results indicate that comparing the other three technologies improves the performance measures.
Analysis and Evolution of SHA-1 Algorithm - Analytical TechniqueIJCNCJournal
A 160-bit (20-byte) hash value, sometimes called a message digest, is generated using the SHA-1 (Secure Hash Algorithm 1) hash function in cryptography. This value is commonly represented as 40 hexadecimal digits. It is a Federal Information Processing Standard in the United States and was developed by the National Security Agency. Although it has been cryptographically cracked, the technique is still in widespread usage. In this work, we conduct a detailed and practical analysis of the SHA-1 algorithm's theoretical elements and show how they have been implemented through the use of several different hash configurations.
Optimizing CNN-BiGRU Performance: Mish Activation and Comparative AnalysisIJCNCJournal
Deep learning is currently extensively employed across a range of research domains. The continuous advancements in deep learning techniques contribute to solving intricate challenges. Activation functions (AF) are fundamental components within neural networks, enabling them to capture complex patterns and relationships in the data. By introducing non-linearities, AF empowers neural networks to model and adapt to the diverse and nuanced nature of real-world data, enhancing their ability to make accurate predictions across various tasks. In the context of intrusion detection, the Mish, a recent AF, was implemented in the CNN-BiGRU model, using three datasets: ASNM-TUN, ASNM-CDX, and HOGZILLA. The comparison with Rectified Linear Unit (ReLU), a widely used AF, revealed that Mish outperforms ReLU, showcasing superior performance across the evaluated datasets. This study illuminates the effectiveness of AF in elevating the performance of intrusion detection systems.
An Hybrid Framework OTFS-OFDM Based on Mobile Speed EstimationIJCNCJournal
The Future wireless communication systems face the challenging task of simultaneously providing high-quality service (QoS) and broadband data transmission, while also minimizing power consumption, latency, and system complexity. Although Orthogonal Frequency Division Multiplexing (OFDM) has been widely adopted in 4G and 5G systems, it struggles to cope with a significant delay and Doppler spread in high mobility scenarios. To address these challenges, a novel waveform named Orthogonal Time Frequency Space (OTFS). Designers aim to outperform OFDM by closely aligning signals with the channel behaviour. In this paper, we propose a switching strategy that empowers operators to select the most appropriate waveform based on an estimated speed of the mobile user. This strategy enables the base station to dynamically choose the waveform that best suits the mobile user’s speed. Additionally, we suggest retaining an Integrated Sensing and Communication (ISAC) radar approach for accurate Doppler estimation. This provides precise information to facilitate the waveform selection procedure. By leveraging the switching strategy and harnessing the Doppler estimation capabilities of an ISAC radar.Our proposed approach aims to enhance the performance of wireless communication systems in high mobility cases. Considering the complexity of waveform processing, we introduce an optimized hybrid system that combines OTFS and OFDM, resulting in reduced complexity while still retaining performance benefits.This hybrid system presents a promising solution for improving the performance of wireless communication systems in higher mobility.The simulation results validate the effectiveness of our approach, demonstrating its potential advantages for future wireless communication systems. The effectiveness of the proposed approach is validated by simulation results as it will be illustrated.
Enhanced Traffic Congestion Management with Fog Computing - A Simulation-Base...IJCNCJournal
Accurate latency computation is essential for the Internet of Things (IoT) since the connected devices generate a vast amount of data that is processed on cloud infrastructure. However, the cloud is not an optimal solution. To overcome this issue, fog computing is used to enable processing at the edge while still allowing communication with the cloud. Many applications rely on fog computing, including traffic management. In this paper, an Intelligent Traffic Congestion Mitigation System (ITCMS) is proposed to address traffic congestion in heavily populated smart cities. The proposed system is implemented using fog computing and tested in a crowdedCairo city. The results obtained indicate that the execution time of the simulation is 4,538 seconds, and the delay in the application loop is 49.67 seconds. The paper addresses various issues, including CPU usage, heap memory usage, throughput, and the total average delay, which are essential for evaluating the performance of the ITCMS. Our system model is also compared with other models to assess its performance. A comparison is made using two parameters, namely throughput and the total average delay, between the ITCMS, IOV (Internet of Vehicle), and STL (Seasonal-Trend Decomposition Procedure based on LOESS). Consequently, the results confirm that the proposed system outperforms the others in terms of higher accuracy, lower latency, and improved traffic efficiency.
Rendezvous Sequence Generation Algorithm for Cognitive Radio Networks in Post...IJCNCJournal
Recent natural disasters have inflicted tremendous damage on humanity, with their scale progressively increasing and leading to numerous casualties. Events such as earthquakes can trigger secondary disasters, such as tsunamis, further complicating the situation by destroying communication infrastructures. This destruction impedes the dissemination of information about secondary disasters and complicates post-disaster rescue efforts. Consequently, there is an urgent demand for technologies capable of substituting for these destroyed communication infrastructures. This paper proposes a technique for generating rendezvous sequences to swiftly reconnect communication infrastructures in post-disaster scenarios. We compare the time required for rendezvous using the proposed technique against existing methods and analyze the average time taken to establish links with the rendezvous technique, discussing its significance. This research presents a novel approach enabling rapid recovery of destroyed communication infrastructures in disaster environments through Cognitive Radio Network (CRN) technology, showcasing the potential to significantly improve disaster response and recovery efforts. The proposed method reduces the time for the rendezvous compared to existing methods, suggesting that it can enhance the efficiency of rescue operations in post-disaster scenarios and contribute to life-saving efforts.
Vehicle Ad Hoc Networks (VANETs) have become a viable technology to improve traffic flow and safety on the roads. Due to its effectiveness and scalability, the Wingsuit Search-based Optimised Link State Routing Protocol (WS-OLSR) is frequently used for data distribution in VANETs. However, the selection of MultiPoint Relays (MPRs) plays a pivotal role in WS-OLSR's performance. This paper presents an improved MPR selection algorithm tailored to WS-OLSR, designed to enhance the overall routing efficiency and reduce overhead. The analysis found that the current OLSR protocol has problems such as redundancy of HELLO and TC message packets or failure to update routing information in time, so a WS-OLSR routing protocol based on improved-MPR selection algorithm was proposed. Firstly, factors such as node mobility and link changes are comprehensively considered to reflect network topology changes, and the broadcast cycle of node HELLO messages is controlled through topology changes. Secondly, a new MPR selection algorithm is proposed, considering link stability issues and nodes. Finally, evaluate its effectiveness in terms of packet delivery ratio, end-to-end delay, and control message overhead. Simulation results demonstrate the superior performance of our improved MR selection algorithm when compared to traditional approaches.
May 2024, Volume 16, Number 3 - The International Journal of Computer Network...IJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
Vehicle Ad Hoc Networks (VANETs) have become a viable technology to improve traffic flow and safety on the roads. Due to its effectiveness and scalability, the Wingsuit Search-based Optimised Link State Routing Protocol (WS-OLSR) is frequently used for data distribution in VANETs. However, the selection of MultiPoint Relays (MPRs) plays a pivotal role in WS-OLSR's performance. This paper presents an improved MPR selection algorithm tailored to WS-OLSR, designed to enhance the overall routing efficiency and reduce overhead. The analysis found that the current OLSR protocol has problems such as redundancy of HELLO and TC message packets or failure to update routing information in time, so a WS-OLSR routing protocol based on improved-MPR selection algorithm was proposed. Firstly, factors such as node mobility and link changes are comprehensively considered to reflect network topology changes, and the broadcast cycle of node HELLO messages is controlled through topology changes. Secondly, a new MPR selection algorithm is proposed, considering link stability issues and nodes. Finally, evaluate its effectiveness in terms of packet delivery ratio, end-to-end delay, and control message overhead. Simulation results demonstrate the superior performance of our improved MR selection algorithm when compared to traditional approaches.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
May_2024 Top 10 Read Articles in Computer Networks & Communications.pdfIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
A Topology Control Algorithm Taking into Account Energy and Quality of Transm...IJCNCJournal
The efficient use of energy in wireless sensor networks is critical for extending node lifetime. The network topology is one of the factors that have a significant impact on the energy usage at the nodes and the quality of transmission (QoT) in the network. We propose a topology control algorithm for software-defined wireless sensor networks (SDWSNs) in this paper. Our method is to formulate topology control algorithm as a nonlinear programming (NP) problem with the objective to optimizing two metrics, maximum communication range, and desired degree. This NP problem is solved at the SDWSN controller by employing the genetic algorithm (GA) to determine the best topology. The simulation results show that the proposed algorithm outperforms the MaxPower algorithm in terms of average node degree and energy expansion ratio.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Advanced Privacy Scheme to Improve Road Safety in Smart Transportation SystemsIJCNCJournal
In -Vehicle Ad-Hoc Network (VANET), vehicles continuously transmit and receive spatiotemporal data with neighboring vehicles, thereby establishing a comprehensive 360-degree traffic awareness system. Vehicular Network safety applications facilitate the transmission of messages between vehicles that are near each other, at regular intervals, enhancing drivers' contextual understanding of the driving environment and significantly improving traffic safety. Privacy schemes in VANETs are vital to safeguard vehicles’ identities and their associated owners or drivers. Privacy schemes prevent unauthorized parties from linking the vehicle's communications to a specific real-world identity by employing techniques such as pseudonyms, randomization, or cryptographic protocols. Nevertheless, these communications frequently contain important vehicle information that malevolent groups could use to Monitor the vehicle over a long period. The acquisition of this shared data has the potential to facilitate the reconstruction of vehicle trajectories, thereby posing a potential risk to the privacy of the driver. Addressing the critical challenge of developing effective and scalable privacy-preserving protocols for communication in vehicle networks is of the highest priority. These protocols aim to reduce the transmission of confidential data while ensuring the required level of communication. This paper aims to propose an Advanced Privacy Vehicle Scheme (APV) that periodically changes pseudonyms to protect vehicle identities and improve privacy. The APV scheme utilizes a concept called the silent period, which involves changing the pseudonym of a vehicle periodically based on the tracking of neighboring vehicles. The pseudonym is a temporary identifier that vehicles use to communicate with each other in a VANET. By changing the pseudonym regularly, the APV scheme makes it difficult for unauthorized entities to link a vehicle's communications to its real-world identity. The proposed APV is compared to the SLOW, RSP, CAPS, and CPN techniques. The data indicates that the efficiency of APV is a better improvement in privacy metrics. It is evident that the AVP offers enhanced safety for vehicles during transportation in the smart city.
April 2024 - Top 10 Read Articles in Computer Networks & CommunicationsIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
DEF: Deep Ensemble Neural Network Classifier for Android Malware DetectionIJCNCJournal
Malware is one of the threats to security of computer networks and information systems. Since malware instances are available sufficiently, there is increased interest among researchers on usage of Artificial Intelligence (AI). Of late AI-enabled methods such as machine learning (ML) and deep learning paved way for solving many real-world problems. As it is a learning-based approach, accumulated training samples help in improving thequality of training and thus leveraging malware detection accuracy. Existing deep learning methods are focusing on learning-based malware detection systems. However, there is need for improving the state of the art through ensemble approach. Towards this end, in this paper we proposed a framework known as Deep Ensemble Framework (DEF) for automatic malware detection. The framework obtains features from training samples. From given malware instance a grayscale image is generated. There is another process to extract the opcode sequences. Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) techniques are used to obtain grayscale image and opcode sequence respectively. Afterwards, a stacking ensemble is employed in order to achieve efficient malware detection and classification. Malware samples collected fromthe Internet sources and Microsoft are used for theempirical study. An algorithm known as Ensemble Learning for Automatic Malware Detection (EL-AML) is proposed to realize our framework. Another algorithm named Pre-Process is proposed to assist the EL-AML algorithm for obtaining intermediate features required by CNN and LSTM.Empirical study reveals that our framework outperforms many existing methods in terms of speed-up and accuracy.
High Performance NMF Based Intrusion Detection System for Big Data IOT TrafficIJCNCJournal
With the emergence of smart devices and the Internet of Things (IoT), millions of users connected to the network produce massive network traffic datasets. These vast datasets of network traffic, Big Data are challenging to store, deal with and analyse using a single computer. In this paper we developed parallel implementation using a High Performance Computer (HPC) for the Non-Negative Matrix Factorization technique as an engine for an Intrusion Detection System (HPC-NMF-IDS). The large IoT traffic datasets of order of millions samples are distributed evenly on all the computing cores for both storage and speedup purpose. The distribution of computing tasks involved in the Matrix Factorization takes into account the reduction of the communication cost between the computing cores. The experiments we conducted on the proposed HPC-IDS-NMF give better results than the traditional ML-based intrusion detection systems. We could train the HPC model with datasets of one million samples in only 31 seconds instead of the 40 minutes using one processor), that is a speed up of 87 times. Moreover, we have got an excellent detection accuracy rate of 98% for KDD dataset.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
How to Setup Warehouse & Location in Odoo 17 InventoryCeline George
In this slide, we'll explore how to set up warehouses and locations in Odoo 17 Inventory. This will help us manage our stock effectively, track inventory levels, and streamline warehouse operations.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
Walmart Business+ and Spark Good for Nonprofits.pdfTechSoup
"Learn about all the ways Walmart supports nonprofit organizations.
You will hear from Liz Willett, the Head of Nonprofits, and hear about what Walmart is doing to help nonprofits, including Walmart Business and Spark Good. Walmart Business+ is a new offer for nonprofits that offers discounts and also streamlines nonprofits order and expense tracking, saving time and money.
The webinar may also give some examples on how nonprofits can best leverage Walmart Business+.
The event will cover the following::
Walmart Business + (https://business.walmart.com/plus) is a new shopping experience for nonprofits, schools, and local business customers that connects an exclusive online shopping experience to stores. Benefits include free delivery and shipping, a 'Spend Analytics” feature, special discounts, deals and tax-exempt shopping.
Special TechSoup offer for a free 180 days membership, and up to $150 in discounts on eligible orders.
Spark Good (walmart.com/sparkgood) is a charitable platform that enables nonprofits to receive donations directly from customers and associates.
Answers about how you can do more with Walmart!"
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPRAHUL
This Dissertation explores the particular circumstances of Mirzapur, a region located in the
core of India. Mirzapur, with its varied terrains and abundant biodiversity, offers an optimal
environment for investigating the changes in vegetation cover dynamics. Our study utilizes
advanced technologies such as GIS (Geographic Information Systems) and Remote sensing to
analyze the transformations that have taken place over the course of a decade.
The complex relationship between human activities and the environment has been the focus
of extensive research and worry. As the global community grapples with swift urbanization,
population expansion, and economic progress, the effects on natural ecosystems are becoming
more evident. A crucial element of this impact is the alteration of vegetation cover, which plays a
significant role in maintaining the ecological equilibrium of our planet.Land serves as the foundation for all human activities and provides the necessary materials for
these activities. As the most crucial natural resource, its utilization by humans results in different
'Land uses,' which are determined by both human activities and the physical characteristics of the
land.
The utilization of land is impacted by human needs and environmental factors. In countries
like India, rapid population growth and the emphasis on extensive resource exploitation can lead
to significant land degradation, adversely affecting the region's land cover.
Therefore, human intervention has significantly influenced land use patterns over many
centuries, evolving its structure over time and space. In the present era, these changes have
accelerated due to factors such as agriculture and urbanization. Information regarding land use and
cover is essential for various planning and management tasks related to the Earth's surface,
providing crucial environmental data for scientific, resource management, policy purposes, and
diverse human activities.
Accurate understanding of land use and cover is imperative for the development planning
of any area. Consequently, a wide range of professionals, including earth system scientists, land
and water managers, and urban planners, are interested in obtaining data on land use and cover
changes, conversion trends, and other related patterns. The spatial dimensions of land use and
cover support policymakers and scientists in making well-informed decisions, as alterations in
these patterns indicate shifts in economic and social conditions. Monitoring such changes with the
help of Advanced technologies like Remote Sensing and Geographic Information Systems is
crucial for coordinated efforts across different administrative levels. Advanced technologies like
Remote Sensing and Geographic Information Systems
9
Changes in vegetation cover refer to variations in the distribution, composition, and overall
structure of plant communities across different temporal and spatial scales. These changes can
occur natural.
AN ENHANCED SECURITY FOR GOVERNMENT BASE ON MULTIFACTOR BIOMETRIC AUTHENTICATION
1. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
DOI: 10.5121/ijcnc.2016.8605 55
AN ENHANCED SECURITY FOR GOVERNMENT
BASE ON MULTIFACTOR BIOMETRIC
AUTHENTICATION
Tran Cong Hung1
, Nguyen Thanh Tri1,2
and Ho Nhut Minh3
1
Post & Telecommunications Institute of Technology, Vietnam
2
Binh Duong Department of Information and Communications, Vietnam
3
Saigon University, Vietnam
ABSTRACT
This paper is demonstrating to create a system of multifactor authentication based on biometric
verification. Our system use iris for the first factor and fingerprint for the second factor. Once an attacker
attempts to attack the system, there must have two factors. If one of them is compromised or broken, the
attacker still has at least one more barrier to breach before successfully breaking into the target.
Furthermore, this system will be implemented to enhance security for accessing control login government
system.
KEYWORDS
Multifactor authentication (MFA), biometric, iris recognition, fingerprint recognition
1. INTRODUCTION
1.1. Authentication
Authentication is a method by which a system verifies and validates the identity of a user of the
system who wishes to access it. Authentication [1] ensures and confirms a user’s identity through
a code such as a password and verifies genuineness of a document or signature, to make it
effective or valid. It is the measure employed to ensure that the entity requesting access to a
system is what or who it claims to be, and to counter any inappropriate or unauthorized access.
Authorization is the method of giving individuals access to system objects like information,
application programs etc. based on their identity.
1.1.1. Password and PIN based authentication
Using password (a secret word or string of characters that is used for user authentication) or
Personal Identification Number (PIN which is a secret numeric password and is typically used in
ATMs) to login is the most common knowledge-based authentication method. It is mandatory for
the user to provide knowledge of a secret in order to authenticate the process [2] [3].
2. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
56
1.1.2. SMS based authentication
SMS is used as a delivery channel for a one-time password (OTP) generated by an information
system. There are two types of one-time passwords, a challenge-response password which
responds with a challenge value after receiving a user identifier and a password list which makes
use of lists of passwords which are sequentially used by the person wanting to access a system.
User receives a password through the message in the cell phone, and enters the password to
complete the authentication. This SMS-based authentication method is used in the login process
of Internet banking system to authenticate the process [2] [3].
1.1.3. Symmetric-key authentication
In symmetric key authentication, user shares a secret, unique key with an authentication server.
The user may be asked to send a randomly generated message (the challenge) encrypted by the
secret key to the authentication server. If the server can found the match for received encrypted
message (the response) using its shared secret key, the user is authenticated and server authorizes
user’s access to the system [2] [3].
1.1.4. Public-key authentication
In Public-key cryptography a pair of private key and public key is used. A private key is kept
secretly by the user, while the corresponding public key is commonly embedded in a certificate
digitally signed by a certification authority. The certificate is made available to others for sharing
the public key among different users. The private key is used to encrypt the messages send
between the communicating machines and both encryption and verification of signature is
accomplished with the public key [2] [3].
1.1.5. Biometric authentication
Biometrics is a method by which a person's authentication information is generated by digitizing
measurements (encoded value) of a physiological or behavioural characteristic. Users may
biometrically authenticate via their fingerprint, voiceprint, or iris scan using provided hardware
device. The device scans the physical characteristic, extracts critical information, and then stores
the result. Biometric authentication verifies user's claimed identity by comparing an encoded
value with a stored value of the concerned biometric characteristic [2] [3].
1.1.6. Digital Signatures
A digital signature is a digest calculated from a signed document (typically a one-way hash
function) which is then signed (encrypted with private key). The client verifies the digest
signature by decrypting it with the server’s public key and compares it to the digest value
calculated from the message received. The signature can also be used by the server to verify data
the client is sending. Digital signature is used to assure that the downloaded data is genuine and
not malicious or invalid information [2] [3].
1.2. Multi-factor Authentication
Multi-factor authentication (MFA) is an approach to authentication which requires the production
of two or more of the three following independent authentication factors:
3. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
57
• Knowledge factor
• Possession factor
• Inherence factor
After submission, each factor must be validated by the other party for authentication to occur.
Multifactor authentication (MFA) [1] is a security system that requires more than one form of
authentication to validate the authenticity of a transaction. Multifactor authentication requires two
or more independent credentials: what the user knows (password), what the user has (security
token) and what the user is (biometric verification).
Previously, MFA systems typically based upon two-factor authentication. Because customers are
more and more using mobile devices for banking and shopping, however, physical and logical
security concerns have converged. This, in turn, has formed more interest in three-factor
authentication.
1.2.1. Knowledge factor ("something only the user knows")
Knowledge factors are the most commonly used form of authentication. In this form, the user is
required to prove knowledge of a secret in order to authenticate like password (a secret word or
string of characters that is used for user authentication), PIN (A personal identification number
(PIN) is a secret numeric password and is typically used in ATMs) and Pattern (Pattern is a
regular or stochastic sequence or array of sets of information as e.g. in a single dimensional
barcode or in a two dimensional matrix code or in a finger print like set in any n-dimensional
stack in any physical representation).
1.2.2. Possession factor ("something only the user has")
Possession factors have been commonly used for authentication from many years, in the form of a
key to a lock. The basic principle is that the key holds a secret which is common between the lock
and the key, and the similar principle is used for possession factor authentication in computer
systems. A number of types of pocket-sized authentication token are available which display a
changing passcode on an LCD or e-ink display, which must be typed in at an authentication
screen, thus avoiding the need for an electronic connection. This can be done one in the forms
such as sequence-based token, time-based token, and the token may have a small keypad on
which a challenge can be entered. The challenge can take one of following tokens:
• Connected tokens: The connected type tokens are available in the form of Magnetic stripe
cards, Smartcards, Wireless RFID-based tokens, USB tokens and Audio Port tokens.
• Soft tokens (computer-simulated software-based tokens): The functionality of any
disconnected token can be emulated as a soft token on a PC or Smartphone using deployed
software, where that device itself becomes the possession factor.
• One-time pads: A one-time pad is a password used only once. Schemes based on a one
time pad have been described but are rarely deployed due to the need to supply a new
password or pad for each authentication.
• Mobile phones: A new category of TFA tools transforms the PC user's mobile phone into a
token device using SMS messaging, an interactive telephone call, or via downloadable
application to a Smartphone.
• SMS one time password: SMS one time password uses information sent to the user in an
SMS as part of the login process.
4. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
58
1.2.3. Inherence factor ("something only the user is")
Biometric authentication satisfies the regulatory definition of true multi-factor authentication.
Users may biometrically authenticate via their fingerprint, voiceprint, or iris scan using provided
hardware and then enter a PIN or password in order to open the credential vault. For many
biometric identifiers, the actual biometric information is rendered into string or mathematic
information. The device scans the physical characteristic, extracts critical information, and then
stores the result as a string of data. Comparison is therefore made between two data strings, and if
there is sufficient commonality a pass is achieved.
This paper is organized as follows: section 1 Introduction, section 2 present Biometric
Authentication, section 3 Biometric Modalities, section 4 Proposal System and hardware design
and section 5 is Conclusions.
2. BIOMETRIC AUTHENTICATION
Biometric technologies are defined as, “automated methods of verifying or recognizing the
identity of a living person based on a physiological or behavioral characteristic”. The term
automated methods refers to three basic methods in concern with biometric devices: A
mechanism to scan and capture a digital or analog image of a living personal characteristic;
Compression, processing and comparison of the image to a database of stored images; and
Interface with applications systems. [1]
2.1. Advantages of Biometrics
Biometric traits cannot be lost or forgotten.
Biometric traits are difficult to copy, share and distribute.
They require the person being authenticated to be present at the time and point of authentication.
2.2. Biometric Features
Uniqueness: An identical trait won’t appear in two people.
Universality: Occur in as many people as possible.
Performance: Don’t change over time.
Measurability: Measurable with simple technical instruments.
User friendliness: Are easy and comfortable to measure. [4] [5] [6] [7]
2.3. Physiological vs. Behavioral
When referring to a biometric technology, it is important to distinguish between physiological
and behavioral human characteristic.
A physiological characteristic is relatively a stable human physical characteristic, such as a
fingerprint, iris pattern, or blood vessel pattern on the back of the eye. This type of measurement
is unchanging and unalterable without significant duress. Alternatively, a behavioral
characteristic is a reflection of an individual’s psychological makeup, although physical traits,
such as size and gender, have a major influence. Some of the examples of behavioral traits used to
identify individuals include: Keystroke dynamics, and speech identification and/or verification.
5. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
59
Today, we have the technology and processing power to employ advanced, cost-effective, and
much more accurate biometric identification systems. There are two different ways to resolve a
person‟s identity: verification and identification. Verification (am I whom I claim to be?)
involves confirming or denying a person’s claimed identity. In identification, one has to establish
a person‟s identity (who am I?). Each approach has its own complexities and could probably be
solved best by a specific biometric system, including the following [4] [5]:
2.3.1. Physical Biometrics
Fingerprint: Analyzing fingertip patterns.
Facial recognition/face location: Measuring facialcharacteristics.
Hand geometry: Measuring the shape of the hand.
Iris scan: Analyzing features of colored ring of the eye.
Retinal scan: Analyzing blood vessels in the eye.
Vascular patterns: Analyzing vein patterns.
DNA: Analyzing genetic makeup. [4] [5] [6] [7]
2.3.2. Behavioral Biometrics
Speaker/voice recognition: Analyzing vocal behavior
Signature/handwriting: Analyzing signature dynamics
Keystroke/patterning: Measuring the time spacing of typed words. [4] [5] [6] [7]
3. BIOMETRIC MODALITIES
3.1. Fingerprint Recognition
A fingerprint is made up of ridges and furrows. Uniqueness is determined by ridges, furrows, the
minutiae points. Fingerprint is one of oldest and most popular recognition technique. Every
individual possesses unique finger patterns, even twins has different patterns of rings and furrows.
Fingerprint matching techniques are of three types [8] [9]:
• Minutiae-based techniques: In these minutiae points are finding and then mapped to their
relative position on finger. There are some difficulties like if image is of low quality it is
difficult to find minutiae points correctly also it considers local position of ridges and
furrows not global [8].
• Correlation- based method: It uses richer gray scale information. It overcome problems of
above method, it can work with bad quality data. But it has some of its own problems like
localization of points.
• Pattern based (image based) matching: Pattern based algorithms compare the basic
fingerprint patterns (arch, whorl, and loop) between a stored template and a candidate
fingerprint.
Advantages:
• It is the most developed method till now.
• Relatively inexpensive.
• Even twins have unique fingerprint patterns so highly secure.
• Small template size so matching is also fast.
6. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
60
Problems:
• Systems can be cheated by having artificial finger like finger made up of wax.
• Cuts, scars can produce obstacle for recognition.
Applications:
• Verification of driver-license authenticity and license validity check.
• Law Enforcement Forensics.
• Border Control/Visa Issuance.
3.2. Face Recognition
Face recognition is based on both the shape and location of the eyes, eyebrows, nose, lips and
chin. It is non intrusive method and very popular also. Facial recognition is carried out in two
ways [10] [11]:
• Facial metric: In this location and shape of facial attributes (e.g. distances between pupils
or from nose to lip or chin) are measured.
• Eigen faces: Analyzing the overall face image as “a weighted combination of a number of
canonical faces”.
Another emerging technique is to use face recognition combining with other visual details of skin.
This technique is called as skin texture analysis. The unique lines, patterns, and spots apparent in
a person„s skin is located. According to tests with this addition, performance in recognizing faces
can increase 20 to 25 percent.
Advantages:
• Totally non intrusive.
• Easy to store templates.
• Socially accepted.
Problems:
• Facial traits vary over time.
• Uniqueness is not maintained ex. in case of twins.
• Not proper recognition if person has different expressions like slight smiling can affect
recognition.
• Highly dependent on lightning.
Applications:
• General identity verification.
• Surveillance.
• Access Control.
7. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
61
3.3. Iris recognition
The iris is the elastic, pigmented, connective tissue that controls the pupil. The iris is formed in
early life in a process called morphogenesis. Once fully formed, the texture is stable throughout
life. It is the most correct biometric recognition system so it is called as king of biometrics. The
iris of the eye has a unique pattern, from eye to eye and person to person. Eye color is the color of
iris. Iris recognition uses camera technology with subtle infrared illumination to acquire images
of the detail-rich, intricate structures of the iris. [12] [13] [14] [15]
Advantages:
• Highly accurate.1 chances in 1078 that iris pattern of two individual matches.
• Highly scalable as iris structure remains same throughout lifetime.
• Small template size so fast matching.
Problems:
• Iris scanners are relatively expensive.
• Scanners can be fooled by high quality image.
• Require cooperation from user.
Applications:
• All of the UAE's land, air and sea ports of entry are equipped with systems.
• Google uses iris scanners to control access to their datacenters.
3.4. Retina Scan
The blood vessels at the back of the eye have a unique pattern, from eye to eye and person to
person. A light source is needed because retina is not visible. The infrared energy is absorbed
faster by blood vessels in the retina than by the surrounding tissue. Based on this pattern of blood
vessels can be easily recognized. It is required that a person remove its glasses, focus on a
specific point for about 10-15 seconds. A coupler is used to read the blood vessel patterns. A
coherent light source is also required for illumination. [16] [17] [18]
Advantages:
• Retinal scan cannot be forged.
• Error rate is 1 out of 10,000,000 (almost 0%).
• Highly reliable.
Problems:
• Reveals some medical conditions (e.g. hypertension), which causes privacy issues.
• It is intrusive so not user friendly.
• Measurement accuracy can be affected by a disease such as cataracts.
8. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
62
Applications:
• Utilized by several government agencies including the FBI, CIA, and NASA.
• Used for medical diagnostic applications.
4. PROPOSAL SYSTEM AND HARDWARE DESIGN
Base on the analyst in section 3, we decided using fingerprint and iris recognition for multifactor
authentication system. We used iris recognition for identifying and fingerprint recognition for
verifying.
4.1. Flow Charts Of System
4.1.1. Enroll Flow Charts
Figure 1. The enrolling flow charts
9. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
63
4.1.2. Authentication Flow Charts
Figure 2. The authentication flow charts
4.2. Hardward Design
The proposed system includes: Iris Sensor and fingerprint sensor. These sensors connect with
client computers by COM and USB port, which connect with servers base on LAN network as
figure 3. If clients want to use applications at server, they must capture their iris and fingerprint
and to send them to servers, servers will implement identification (Iris recognition) and
verification (Fingerprint recognition).
10. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
64
Figure 3. Architecture of multifactor authentication in Binh Duong Department of
Information and Communications
4.2.1. Iris Sensor
We used IriShield-USB MO 2121 EVM from Iritech Inc [19]. It shows features as follows:
• Capture Distance: (Optimal distance = 5 cm (2 inches), Focal depth = 6 mm (0.2 inch).
• Image Format: ISO Standard 19794-6 (2005 & 2011), (640 x 480 Pixels, 8 bit Grayscale),
full support of K1, K2, K3, K7.
• Power: Single USB Bus Powered (DC +5V±5%) (Max power consumption=250mA).
• Illumination: Near infrared LED.
• Connectivity: USB 2.0 (IriShield™ - USB Series), UART/ RS-232 ( IriShield™ -UART
Series).
• Security: RSA (2048-bit) and AES (256-bit); X509 Certificate, PFX/PKCS#12 Certificate,
RSA key pair generated on-board.
4.2.2. Fingerprint Sensor
We used FPM-10 from Adafruit [20]. It shows features as follows:
• Supply voltage: 3.6 - 6.0VDC.
• Operating current: 120mA max.
• Peak current: 150mA max.
• Fingerprint imaging time: <1.0 seconds.
• Window area: 14mm x 18mm.
• Signature file: 256 bytes.
• Template file: 512 bytes.
• Storage capacity: 162 templates.
• Safety ratings (1-5 low to high safety).
• Interface: TTL Serial.
11. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
65
• Baud rate: 9600, 19200, 28800, 38400, 57600 (default is 57600).
Figure 4. The iris and fingerprint sensor
4.3. Software
We designed and analysed the software by C# and SQL Server 2008, design of the interface is as
follows:
Figure 5. Interface of enroll function
12. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
66
Figure 6. Result of getting iris image successful for enroll function
Figure 7. Result of getting finger image successful for enroll function
13. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
67
Figure 8. Iris templates is stored on disk drive
Figure 9. Finger templates is stored on disk drive
14. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
68
Figure 10. Interface of login function
Figure 11. Result of successful identification with iris recognition
and export information of user
15. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
69
Figure 12. Result of successful verification with fingerprint recognition
and allow user to access system
Figure 13. User log in to document management software successful
Figure 13. User log in to public service of goverment management successful
16. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
70
4.4. Simulation and Discussion
4.4.1. Database of Simulation
The proposed system was tested using the iris and fingerprint database as shown in Table 1. The
database consists of 600 iris and fingerprint image of 50 different individuals. Out of the collected
data 600 samples from both iris and fingerprint are used for training the system and rest 360 are
used for testing. The system is also tested with 360 samples of unregistered data.
Table 1: Details of number of users
Type of users Number of templates
Training Testing
Registered
50 (Persons) × 2 (Irises) ×
6 (Fingerprints) = 600
30 (Persons) × 2 (Irises) ×
6 (Fingerprints) = 360
Unregistered
30 (Persons) × 2 (Irises) ×
6 (Fingerprints) = 360
Total 600 720
4.4.2. Result and Discussion
Table 2. Results of accuracy
Iris Fingerprint Iris + Fingerprint
FRR 2.78% 4.17% 1.67%
FAR 1.12% 1.12% 0.00%
Average Error Rate 1.95% 2.65% 0.84%
Accuracy 98.05% 97.36% 99.16%
The two common error rates are False accept rate (FAR) and False Reject Rate (FRR). FAR is
defined as “the probability of an impostor being accepted as a genuine individual. That is, in a
biometric authentication system, the FAR is computed as the rate of number of people
falsely accepted over the total number of enrolled people for a predefined threshold. FRR
is defined as “the probability of a genuine individual being rejected as an impostor” [9]. That is,
in a biometric authentication system, the FRR is computed as the rate of number of people falsely
rejected (genuine people are rejected) over the total number of enrolled people for a predefined
threshold. FAR and FRR can be changed by a significant amount depending on the
threshold used in the system. If a lower threshold is used in a similarity based biometric matching
system, then the FAR will be higher and the FRR will be lower and vice versa. The performance
of a biometric system may also be expressed using average error rate which is average of FAR
and FRR. A lower average error rate value thus indicates better performance.
Results as shown at table 1, accuracy of our system (99,16 percent) is better performane than iris
or fingerprint authentication system in turn are 97.36 and 97.36 percent.
Time of indentification (Iris recognition) is less equal one second and verification (Fingerprint
recogniton) user is less equal three seconds.
17. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
71
5. CONCLUSIONS
In this paper, we studied mutltifactor authentication, biometric authentication and comparation of
biometric authentication. Base on those biometric authentications, we built a multifactor
authentication system using iris and fingerprint biometric. Simulation of our multifactor
authentication system is relatively high accurate, therefore it can be used as a control access
system, high safety login information systems,etc. In future studies, we are going to continue
experience on large database, detection of fake iris and fingerprint, improving processing time of
capturing and matching iris and fingerprint template.
REFERENCES
[1] William E. Burr, Donna F. Dodson, Elaine M. Newton, Ray A. Perlner, W. Timothy Polk, Sarbari
Gupta, Emad A. Nabbus (August 2013), “Electronic Authentication Guideline”, NIST Special
Publication 800-63-2.
[2] Prachi Soni, Monali Sahoo (January 2015), “Multi-factor Authentication Security Framework in
Cloud Computing” International Journal of Advanced Research in Computer Science and Software
Engineering, Volume 5 Issue .
[3] Deepa Panse, P. Haritha (August 2014), “Multi-factor Authentication in Cloud Computing for Data
Storage Security” International Journal of Advanced Research in Computer Science and Software
Engineering, Volume 4 Issue 8.
[4] Palvi Sharma, Manit kapoor, NaveenDhillon (January 2016), “A Survey paper on Various Techniques
for Biometric Authentication System” International Scientific Research Organization Journal, Volume
01 Issue 01.
[5] Gursimarpreet Kaur, Dr.Chander Kant Verma (April 2014), “Comparative Analysis of Biometric
Modalities” International Journal of Advanced Research in Computer Science and Software
Engineering, Volume 4, Issue 4.
[6] Selva Priya G, Anitha P, Vinothini C (2014), “An Introduction to Biometrics: The Power of
Security”.
[7] P Tripathi (2011), “A Comparative Study of Biometric Technologies with Reference to Human
Interface” International Journal of Computer Applications (IJCA), vol. 14, no.5.
[8] Jain, A. K.; Ross, A. & Pankanti, S. (2006), "Biometrics: A Tool for Information Security," IEEE
Transactions on Information Forensics And Security, vol. 1, no. 2, pp 125 – 144.
[9] Mouad .M.H.Ali, Vivek H. Mahale, Pravin Yannawar và A. T. Gaikwad (2016), “Overview of
Fingerprint Recognition System” International Conference on Electrical, Electronics, and
Optimization Techniques (ICEEOT).
[10] S. Z. Li and A. K. Jain, Eds (2004), Handbook of Face Recognition. New York: Springer Verlag.
[11] Sandeep Mishra, Anupam Dubey (January 2015), “Face recognition approaches: A survey”,
International Journal of Computing and Business Research (IJCBR) ISSN (Online) : 2229-6166
Volume 6 Issue 1.
[12] John Daugman (2004), “How Iris Recogniton Works”, IEEE Transactions On Circuits and System for
Video Technokogy, Vol 14, No 1, pp 21-31.
[13] Sanjay R. Ganorkar, Ashok A. Ghatol (2007), “Iris Recognition: An Emerging Biometric
Technology”, In Proc. of the 6th WSEAS International Conference on Signal Processing, Robotics
and Automation, Greece, , pp.91 – 96.
[14] Manisha, Gurdeep Kaur and Parminder Singh (2014), “Iris Recognition Techniques: A Review”,
International Journal of Information & Computation Technology ISSN 0974-2239, Volume 4,
Number 17
[15] Manisha More, Vishakha Nagrale, Vanita Tonge (2015), “A Survey on Iris Recognition Techniques”
International Journal of Novel Research in Computer Science and Software Engineering, Vol. 2, Issue
1, pp: (89-94).
18. International Journal of Computer Networks & Communications (IJCNC) Vol.8, No.6, November 2016
72
[16] C. Marino, M. G. Penedo,M. Penas, M. J. Carreira, F. Gonzalez (May 2006), “Personal authentication
using digital retinal images”, Journal of Pattern Analysis and Application, Springer, Volume 9, Issue
1, pp. 21–33.
[17] Ms. Shivani Shikarwar, Ms. Devanshi Rathod, Mrs. Hiteshi Diwanji (April 2014), “Review paper on
retina authentication and its security issues”, International Journal For Technological Research In
Engineering Volume 1, Issue 8.
[18] Md. Amran Siddiqui, S. M. Hasan Sazzad Iqbal, Md. Rounok Salehin (November 2011), “Personal
Authentication through Retinal Blood Vessels Intersection Points Matching” , International Journal of
Computer Applications (0975 – 8887) Volume 33– No.9.
[19] https://www.adafruit.com/products/751.
[20] http://www.iritech.com/products/hardware/irishield%E2%84%A2-series.
Authors
Tran Cong Hung was born in Vietnam in 1961. He received the B.E in electronic and
Telecommunication engineering with first class honors from HOCHIMINH University
of technology in Vietnam, 1987. He received the B.E in informatics and computer
engineering from HOCHIMINH University of technology in Vietnam, 1995. He
received the master of engineering degree in telecommunications engineering course
from postgraduate department Hanoi University of technology in Vietnam, 1998. He
received Ph.D at Hanoi University of technology in Vietnam, 2004. His main research
areas are B – ISDN performance parameters and measuring methods, QoS in high speed
networks, MPLS. He is, currently, Associate Professor PhD. of Faculty of Information Technology II, Posts
and Telecoms Institute of Technology in HOCHIMINH, Vietnam.
Nguyen Thanh Tri was born in Vietnam in 1990. He received the B.E in informatics and
computer engineering from Posts and Telecoms Institute of Technology in HOCHIMINH,
Vietnam, 2013. He is currently a MSc. Candidate in Information System from Post &
Telecommunications Institute of Technology, Vietnam in 2016. He is working in Binh
Duong Department of Information and Communications, Vietnam.
Ho Nhut Minh was born in Vietnam in 1987. He received the B.E in Electronics and
Telecommunication engineering from Ho Chi Minh City University of Technology and
Education, Vietnam, 2010. He received the M.E degree in Telecommunications Engineering
from Post and Telecommunication Institute of Technology in Ho Chi Minh, Vietnam, 2014.
He is working as lecturer in Faculty of Electronics - Telecommunication, Saigon University,
Vietnam.