The Experts below are selected from a list of 2811 Experts worldwide ranked by ideXlab platform
Adam Freeman - One of the best experts on this subject based on the ideXlab platform.
-
External Authentication part 1
2021Co-Authors: Adam FreemanAbstract:In this chapter, I explain how External Authentication works. This is a complex process, even by the high standard set by other ASP.NET Core Identity features, and there is a lot of detail to take in. The examples in this chapter use a simulated third-party service, which allows me to explain the interactions in a controlled way. In Chapter 23, I add support for working with real services from Google and Facebook. Table 22-1 puts External Authentication in context.
-
External Authentication part 2
2021Co-Authors: Adam FreemanAbstract:In this chapter, I complete my description of the Identity features by showing you how to store Authentication tokens received from External services and by adding support for Authentication with the real services provided by Google and Facebook.
-
two factor and External Authentication
2021Co-Authors: Adam FreemanAbstract:Identity supports two-factor Authentication, where the user provides additional information alongside their password. In Chapter 17, I demonstrate how to create an SMS two-factor workflow, but for this chapter, I am going to focus on support for an authenticator, which is a more secure approach but requires users to have access to an app. I also create workflows for signing in with third-party services from Facebook, Google, and Twitter, using the same configuration settings created in Chapter 5. Table 11-1 puts the features described in this chapter in context.
Wang, Lv Meng - One of the best experts on this subject based on the ideXlab platform.
-
A Survey on Public Key Mechanism in Wireless Sensor Networks
2020Co-Authors: He, Yan Xiang, Sun, Fa Jun, He Jing, Wang, Lv MengAbstract:© 2020, Science Press. All right reserved. Internet of Things (IoT) is a research hotspot in academia and industry. As one of the main components of IoT, the security of WSNs (Wireless Sensor Networks) is closely related to people\u27s life security and privacy. In the past nearly 20 years, the security of WSNs has been studied extensively and deeply. From the initial infeasible consciousness to the present extensive researches and applications, the feasibility of public key mechanism in WSNs has been recognized gradually by scholars. However, there are still many problems that need to be further explored, such as whether the public key mechanism can be fully deployed in WSNs, what problems it brings after being introduced into WSNs, and what remains unresolved. In this paper, the high-quality literature on public key mechanism researches in WSNs have been collected and classified into four categories: Primitive, Key Management, Authentication and Access Control, and other applications. The necessity, feasibility, and related issues and challenges of introducing public key mechanism into WSNs have been summarized. Moreover, the existing feasible solutions addressing the aforementioned challenges have been analyzed comprehensively in this paper. According to the existing researches we find that: (1)Considering key length, speed, security, etc. the most suitable public key mechanism for WSNs is ECC(Elliptic Curve Cryptography). The fastest scalar multiplication in the existing implementation schemes of ECC primitives only takes 0.29s on MCAz platform with security level ECC163, which was achieved by Aranha et al. of Oliveira project team in 2010. (2)As for the WSN applications with high security requirements, it is necessary to employee a public key mechanism for key agreement. AKA(Authenticated Key Agreement) scheme based on pairing-free certificateless public key mechanism is the most promising scheme. And the CL-EKM scheme recently proposed by Seo et al. has comprehensive advantages among the existing AKA schemes for WSNs. (3)Among the Authentication and access control schemes, Ke et al.\u27s External Authentication scheme, Jiang et al.\u27s three-factor Authentication scheme, and Ren, Shim et al.\u27s External user broadcast Authentication scheme are the most representative. Finally, the research directions and probable solutions are prospected. (1)NTRU with high efficiency, anti-quantum attack and lattice-based theory may become the most important public key primitive in WSNs in the future after solving the problem of high storage and communication load caused by the long keys. (2)AKA scheme based on certificateless public key mechanism without pairing operation is becoming a hot topic in the current low-cost and high-efficiency AKA research. (3)In the public key mechanisms of Authentication and access control, AKA is the basis of Authentication mechanism for internal nodes. While in the access control of External users, access control technologies based on three or even multiple factors such as passwords, memory cards, biometrics and other factors are becoming a research hotspot. Furthermore, broadcast Authentication is also an important research direction in this field. (4)In addition, public key-based schemes have also received widespread attention in the field of security research in medical and healthcare applications. In summary, with the deepening of security researches, public key mechanism is increasingly becoming an important fundamental tool to ensuring security in WSNs, especially in the case of high security requirements
He, Yan Xiang - One of the best experts on this subject based on the ideXlab platform.
-
A Survey on Public Key Mechanism in Wireless Sensor Networks
2020Co-Authors: He, Yan Xiang, Sun, Fa Jun, He Jing, Wang, Lv MengAbstract:© 2020, Science Press. All right reserved. Internet of Things (IoT) is a research hotspot in academia and industry. As one of the main components of IoT, the security of WSNs (Wireless Sensor Networks) is closely related to people\u27s life security and privacy. In the past nearly 20 years, the security of WSNs has been studied extensively and deeply. From the initial infeasible consciousness to the present extensive researches and applications, the feasibility of public key mechanism in WSNs has been recognized gradually by scholars. However, there are still many problems that need to be further explored, such as whether the public key mechanism can be fully deployed in WSNs, what problems it brings after being introduced into WSNs, and what remains unresolved. In this paper, the high-quality literature on public key mechanism researches in WSNs have been collected and classified into four categories: Primitive, Key Management, Authentication and Access Control, and other applications. The necessity, feasibility, and related issues and challenges of introducing public key mechanism into WSNs have been summarized. Moreover, the existing feasible solutions addressing the aforementioned challenges have been analyzed comprehensively in this paper. According to the existing researches we find that: (1)Considering key length, speed, security, etc. the most suitable public key mechanism for WSNs is ECC(Elliptic Curve Cryptography). The fastest scalar multiplication in the existing implementation schemes of ECC primitives only takes 0.29s on MCAz platform with security level ECC163, which was achieved by Aranha et al. of Oliveira project team in 2010. (2)As for the WSN applications with high security requirements, it is necessary to employee a public key mechanism for key agreement. AKA(Authenticated Key Agreement) scheme based on pairing-free certificateless public key mechanism is the most promising scheme. And the CL-EKM scheme recently proposed by Seo et al. has comprehensive advantages among the existing AKA schemes for WSNs. (3)Among the Authentication and access control schemes, Ke et al.\u27s External Authentication scheme, Jiang et al.\u27s three-factor Authentication scheme, and Ren, Shim et al.\u27s External user broadcast Authentication scheme are the most representative. Finally, the research directions and probable solutions are prospected. (1)NTRU with high efficiency, anti-quantum attack and lattice-based theory may become the most important public key primitive in WSNs in the future after solving the problem of high storage and communication load caused by the long keys. (2)AKA scheme based on certificateless public key mechanism without pairing operation is becoming a hot topic in the current low-cost and high-efficiency AKA research. (3)In the public key mechanisms of Authentication and access control, AKA is the basis of Authentication mechanism for internal nodes. While in the access control of External users, access control technologies based on three or even multiple factors such as passwords, memory cards, biometrics and other factors are becoming a research hotspot. Furthermore, broadcast Authentication is also an important research direction in this field. (4)In addition, public key-based schemes have also received widespread attention in the field of security research in medical and healthcare applications. In summary, with the deepening of security researches, public key mechanism is increasingly becoming an important fundamental tool to ensuring security in WSNs, especially in the case of high security requirements
Šafařík Jiří - One of the best experts on this subject based on the ideXlab platform.
-
ověřování, vícefaktorové ověřování, ověřování na základě rizik, více faktorové ověřování, detekce podvodů, heslo, digitální otisk
2020Co-Authors: Dostálek Libor, Šafařík JiříAbstract:Kontext. V současné době čelí instituce a společnosti masivním kybernetickým útokům. Útoky jsou vždy zaměřeny na určitou slabost ověřování, která je součástí konkrétního ověřovacího protokolu. V případě útoku je nutné pružně reagovat na oslabení autentizačních mechanismů. V případě útoku je nutné rychle identifikovat ovlivněný faktor autentizace a jeho důležitost dočasně oslabit. Následně je možné detekovat ovlivněnou slabost a oslabit význam pouze algoritmů zobrazujících tuto slabost. Algoritmy, které tuto slabost nevykazují, by měly zůstat beze změny. Tento článek představuje matematický model autentizace. Rychlou změnou parametrů modelu můžeme flexibilně přizpůsobit použití autentizačních prostředků situaci. Předmět. Účelem této práce je navrhnout metodu, která umožní kvantifikovat sílu (kvalitu) autentizace. Aby bylo možné dynamicky měnit metodu ověřování v závislosti na aktuálním riziku útoků. Metoda. Metodou je návrh matematického modelu a jeho simulace. Model je pak založen na součtu sil jednotlivých faktorů autentizace. K určení parametrů modelu se používá mechanismus založený na riziku. Výsledek. Příspěvek poté demonstruje výsledky simulace pomocí běžně používaných prostředků autentizace. Příspěvek poté demonstruje výsledky simulace pomocí běžně používaných prostředků ověřování: heslo, jednorázové heslo založené na hardwaru, otisk prstu zařízení, externí ověřování a kombinace těchto metod. Simulace ukázaly, že použití tohoto matematického modelu usnadňuje modelování použití prostředků autentizace. Závěry. S tímto modelem se zdá snadné modelovat různé bezpečnostní situace. Ve skutečné situaci bude nutné upřesnit parametry modelu jako součást zpětnovazebního vyhodnocení zjištěných bezpečnostních incidentů.Context. Currently, institutions and companies face massive cyber-attacks. Attacks are always focused on some Authentication weakness that is part of a particular Authentication protocol. In the event of an attack, it is necessary to respond flexibly to the weakening of Authentication mechanisms. In the event of an attack, it is necessary to quickly identify the affected Authentication factor and its importance to temporarily weaken. Subsequently, it is possible to detect the affected weakness and weaken the meaning of only the algorithms showing this weakness. Algorithms that do not show this weakness should be left unchanged. This paper introduces a mathematics model of Authentication. By quick changing the model parameters, we can flexibly adapt the use of Authentication means to the situation. Objective. The purpose of this work is to propose a method that will allow to quantify the strength (quality) of Authentication. In order it will be possible to dynamically change the Authentication method depending on the current risks of attacks. Method. The method is to design a mathematical model and its simulation. The model is then based on the sum of the strengths of the individual Authentication factors. A risk-based mechanism is used to determine model parameters. Results. The paper then demonstrates the simulation results using commonly used Authentication means. The paper then demonstrates the simulation results using commonly used Authentication means: password, hardware based one-time password, device fingerprint, External Authentication, and combination of this methods. Simulations have shown that using this mathematical model makes it easy to model the use of Authentication resources. Conclusions. With this model, it seems easy to model different security situations. In the real situation, the model parameters will need to be refined as part of the feedback assessment of the established security incidents
Avishai Wool - One of the best experts on this subject based on the ideXlab platform.
-
Lightweight Key Management for IEEE 802.11 Wireless LANs with Key Refresh and Host Revocation
2005Co-Authors: Avishai WoolAbstract:The IEEE 802.11 Wireless LAN standard has been designed with very limited key management capabilities, using up to 4 static, long term, keys, shared by all the stations on the LAN. This design makes it quite difficult to fully revoke access from previously-authorized hosts. A host is fully revoked when it can no longer eavesdrop and decrypt traffic generated by other hosts on the wireless LAN. This paper proposes WEP*, a lightweight solution to the host-revocation problem. The key management in WEP* is in the style of pay-TV systems: The Access Point periodically generates new keys, and these keys are transferred to the hosts at Authentication time. The fact that the keys are only valid for one re-key period makes host revocation possible, and scalable: A revoked host will simply not receive the new keys. Clearly, WEP* is not an ideal solution, and does not address all the security problems that IEEE 802.11 suffers from. However, what makes WEP* worthwhile is that it is 100% compatible with the existing standard. And, unlike other solutions, WEP* does not rely on External Authentication servers. Therefore, WEP* is suitable for use even in the most basic IEEE 802.11 LAN configurations, such as those deployed in small or home offices. A WEP* prototype has been partially implemented using free, open-source tools.
