Sebastian Pape discusses two different scenarios for authentication. On the one hand, users cannot trust their devices and nevertheless want to be able to do secure authentication. On the other hand, users may not want to be tracked while their service provider does not want them to share their credentials. Many users may not be able to determine whether their device is trustworthy, i.e. it might contain malware. One solution is to use visual cryptography for authentication. The author generalizes this concept to human decipherable encryption schemes and establishes a relationship to CAPTCHAS. He proposes a new security model and presents the first visual encryption scheme which makes use of noise to complicate the adversary's task. To prevent service providers from keeping their users under surveillance, anonymous credentials may be used. However, sometimes it is desirable to prevent the users from sharing their credentials. The author compares existing approaches based on non-transferable anonymous credentials and proposes an approach which combines biometrics and smartcards.
This work addresses potentially occurring unintended flows of personally identifiable information (PII) within two fields of research, i.e., enterprise identity management and online social networks. For that, we investigate which pieces of PII can how often be gathered, correlated, or even be inferred by third parties that are not intended to get access to the specific pieces of PII. Furthermore, we introduce technical measures and concepts to avoid unintended flows of PII.
With the increasing personalization of the Web, many websites allow users to create their own personal accounts. This has resulted in Web users often having many accounts on different websites, to which they need to authenticate in order to gain access. Unfortunately, there are several security problems connected to the use and re-use of passwords, the most prevalent authentication method currently in use, including eavesdropping and replay attacks. Several alternative methods have been proposed to address these shortcomings, including the use of hardware authentication devices. However, these more secure authentication methods are often not adapted for mobile Web users who use different devices in different places and in untrusted environments, such as public Wi-Fi networks, to access their accounts. We have designed a method for comparing, evaluating and designing authentication solutions suitable for mobile users and untrusted environments. Our method leverages the fact that mobile users often bring their own cell phones, and also takes into account different levels of security adapted for different services on the Web. Another important trend in the authentication landscape is that an increasing number of websites use third-party authentication. This is a solution where users have an account on a single system, the identity provider, and this one account can then be used with multiple other websites. In addition to requiring fewer passwords, these services can also in some cases implement authentication with higher security than passwords can provide. How websites select their third-party identity providers has privacy and security implications for end users. To better understand the security and privacy risks with these services, we present a data collection methodology that we have used to identify and capture third-party authentication usage on the Web. We have also characterized the third-party authentication landscape based on our collected data, outlining which types of third-parties are used by which types of sites, and how usage differs across the world. Using a combination of large-scale crawling, longitudinal manual testing, and in-depth login tests, our characterization and analysis has also allowed us to discover interesting structural properties of the landscape, differences in the cross-site relationships, and how the use of third-party authentication is changing over time. Finally, we have also outlined what information is shared between websites in third-party authentication, dened risk classes based on shared data, and proled privacy leakage risks associated with websites and their identity providers sharing data with each other. Our ndings show how websites can strengthen the privacy of their users based on how these websites select and combine their third-parties and the data they allow to be shared.
The comprehensive A-to-Z guide on network security, fully revised and updated Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side. Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security. Covers all core areas of network security and how they interrelate Fully revised to address new techniques, technology, and methods for securing an enterprise worldwide Examines new trends and best practices in use by organizations to secure their enterprises Features additional chapters on areas related to data protection/correlation and forensics Includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats If you need to get up to date or stay current on network security, Network Security Bible, 2nd Edition covers everything you need to know.
This book introduces context-aware computing, providing definitions, categories, characteristics, and context awareness itself and discussing its applications with a particular focus on smart learning environments. It also examines the elements of a context-aware system, including acquisition, modelling, reasoning, and distribution of context. It also reviews applications of context-aware computing – both past and present – to offer readers the knowledge needed to critically analyse how context awareness can be put to use. It is particularly to those new to the subject area who are interested in learning how to develop context-aware computing-oriented applications, as well as postgraduates and researchers in computer engineering, communications engineering related areas of information technology (IT). Further it provides practical know-how for professionals working in IT support and technology, consultants and business decision-makers and those working in the medical, human, and social sciences.
This book commemorates the work done by Tony Hoare and published under the title Communicating Sequential Processes in the 1978 August issue of the Communications of ACM. The British Computer Society's specialist group Formal Aspects of Computing Science organized a meeting on July 7-8, 2004, in London, to mark the occasion of 25 years of CSP. The 19 carefully reviewed and revised full papers by leading researchers celebrate, reflect upon, and look beyond the first quarter-century of CSP's contributions to computer science. The papers explore the impact of CSP on many areas ranging from semantics and logic, through the design of parallel programming languages to applications varying from distributed software and parallel computing to information security, Web services, and concurrent hardware circuits.
Secure authentication – only with Kerberos. Kerberos is a protocol designated for authentication and authorization in computer networks. The mechanism based on this protocol mediates in confirming user identity and ensures secure access to remote services. The micro-course describes the rules of the mechanism, architecture and basic terms. Moreover, it describes installation and configuration of the system on the basis of Kerberos MIT implementation being the most popular non-commercial version of this mechanism. Keywords: Kerberos, kye seurity, Needhama, Schroedera, ticket, authentication, authorization, KDC, Key Distibution Center, Kerberos MIT, Heimdal Kerberos Kerberos – simplified way of working Kerberos – simplified way of working – stage one Kerberos – way of working Important features of the Kerberos protocol The Kerberos system glossary Implementations of the Kerberos system Installation of Kerberos Kerberos configuration
The five-volume set LNCS 9786-9790 constitutes the refereed proceedings of the 16th International Conference on Computational Science and Its Applications, ICCSA 2016, held in Beijing, China, in July 2016. The 239 revised full papers and 14 short papers presented at 33 workshops were carefully reviewed and selected from 849 submissions. They are organized in five thematical tracks: computational methods, algorithms and scientific applications; high performance computing and networks; geometric modeling, graphics and visualization; advanced and emerging applications; and information systems and technologies.
This book constitutes the proceedings of the International Conference on Information and Communication Technologies held in Kochi, Kerala, India in September 2010.
The Internet of Things is a wide-reaching network of devices, and these devices can intercommunicate and collaborate with each other to produce variety of services at any time, any place, and in any way. Maintaining access control, authentication and managing the identity of devices while they interact with other devices, services and people is an important challenge for identity management. The identity management presents significant challenges in the current Internet communication. These challenges are exacerbated in the internet of things by the unbound number of devices and expected limitations in constrained resources. Current identity management solutions are mainly concerned with identities that are used by end users, and services to identify themselves in the networked world. However, these identity management solutions are designed by considering that significant resources are available and applicability of these identity management solutions to the resource constrained internet of things needs a thorough analysis. Technical topics discussed in the book include:• Internet of Things;• Identity Management;• Identity models in Internet of Things;• Identity management and trust in the Internet of Things context;• Authentication and access control;Identitymanagement for Internet of Things contributes to the area of identity management for ubiquitous devices in the Internet of Things. It initially presents the motivational factors together with the identity management problems in the context of Internet of Things and proposes an identity management framework. Following this, it refers to the major challenges for Identitymanagement and presents different identity management models. This book also presents relationship between identity and trust, different approaches for trust management, authentication and access control.
