Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 8 of 8
Full-Text Articles in Computer Sciences
Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar
Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar
Australian Information Security Management Conference
Passwords are broken. Multi-factor Authentication overcomes password insecurities, but its potentials are often not realised. This article presents InSight, a system to actively identify perpetrators by deceitful adaptation of the accessible system resources using Multi-factor Authentication profiles. This approach improves authentication reliability and attributes users by computing trust scores against profiles. Based on this score, certain functionality is locked, unlocked, buffered, or redirected to a deceptive honeypot, which is used for attribution. The novelty of this approach is twofold; a profile-based multi-factor authentication approach that is combined with a gradient, deceptive honeypot.
Authentication And Authorisation In Entrusted Unions, Ayed F. Dhouha, Jan Camenisch, Tanya Ignatenko, Michael N. Johnstone, Paul Koster, Brigitta Lange, Milan Petkovic, Dieter Sommer, John Zic
Authentication And Authorisation In Entrusted Unions, Ayed F. Dhouha, Jan Camenisch, Tanya Ignatenko, Michael N. Johnstone, Paul Koster, Brigitta Lange, Milan Petkovic, Dieter Sommer, John Zic
Australian Information Security Management Conference
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two …
A Conceptual Model For Federated Authentication In The Cloud, Abdulwahid Al Abdulwahid, Nathan Clarke, Steven Furnell, Ingo Stengel
A Conceptual Model For Federated Authentication In The Cloud, Abdulwahid Al Abdulwahid, Nathan Clarke, Steven Furnell, Ingo Stengel
Australian Information Security Management Conference
Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and …
A Preliminary Investigation Of Distributed And Cooperative User Authentication, C G. Hocking, S M. Furnell, N L. Clarke, P L. Reynolds
A Preliminary Investigation Of Distributed And Cooperative User Authentication, C G. Hocking, S M. Furnell, N L. Clarke, P L. Reynolds
Australian Information Security Management Conference
Smartphones and other highly mobile yet sophisticated technologies are rapidly spreading through society and increasingly finding their way into pockets and handbags. As reliance upon these intensifies and familiarity grows, human nature dictates that more and more personal details and information is now to be found upon such devices. The need to secure and protect this valuable and desirable information is becoming ever more prevalent. Building upon previous work which proposed a novel approach to user authentication, an Authentication Aura, this paper investigates the latent security potential contained in surrounding devices in everyday life. An experiment has been undertaken to …
Strong Authentication For Web Services Using Smartcards, D S. Stienne, Nathan Clarke, Paul Reynolds
Strong Authentication For Web Services Using Smartcards, D S. Stienne, Nathan Clarke, Paul Reynolds
Australian Information Security Management Conference
The popularity of the Internet and the variety of services it provides has been immense. Unfortunately, many of these services require the user to register and subsequently login to the system in order to access them. This has resulted in the user having to remember a multitude of username and password combinations in order to use the service securely. However, literature has clearly demonstrated this is not an effective approach, as users will frequently choose simple passwords, write them down, share them or use the same password for multiple systems. This paper proposes a novel concept where Internet users authenticate …
Enhanced Security For Preventing Man-In-The-Middle Attacks In Authentication, Dataentry And Transaction Verification, Jason Wells, Damien Hutchinson, Justin Pierce
Enhanced Security For Preventing Man-In-The-Middle Attacks In Authentication, Dataentry And Transaction Verification, Jason Wells, Damien Hutchinson, Justin Pierce
Australian Information Security Management Conference
There is increasing coverage in the literature highlighting threats to online financial systems. Attacks range from the prevalent reverse social engineering technique known as phishing; where spam emails are sent to customers with links to fake websites, to Trojans that monitor a customer’s account log on process that captures authentication details that are later replayed for financial gain. This ultimately results in loss of monetary funds for affected victims. As technological advances continue to influence the way society makes payment for goods and services, the requirement for more advanced security approaches for transaction verification in the online environment increases. This …
An Investigation Into The Usability Of Graphical Authentication Using Authentigraph, Paul Minne, Jason Wells, Damien Hutchinson, Justin Pierce
An Investigation Into The Usability Of Graphical Authentication Using Authentigraph, Paul Minne, Jason Wells, Damien Hutchinson, Justin Pierce
Australian Information Security Management Conference
There is increasing coverage in the literature relating to the different facets surrounding the security service of authentication, but there is a need for further research into the usability of graphical authentication. Specifically, the usability and viability of graphical authentication techniques for providing increased security needs to be further explored. There is a significant amount of evidence relating to traditional authentication techniques which highlight the fact that as technological advances grip modern societies, the requirement for more advanced authentication and security approaches increases. The exponential growth in the number of people using the Internet carries with it the high potential …
Security Issues Of Ieee 802.16 (Wimax), Jamshed Hasan
Security Issues Of Ieee 802.16 (Wimax), Jamshed Hasan
Australian Information Security Management Conference
Worldwide Interoperability for Microwave Access (WiMAX) is going to be an emerging wireless technology for the future. With the increasing popularity of Broadband internet, wireless networking market is thriving. Wireless network is not fully secure due to rapid release of new technologies, market competition and lack of physical infrastructure. In the IEEE 802.11 technology, security was added later. Iin IEEE 802.16, security has been considered as the main issue during the design of the protocol. However, security mechanism of the IEEE 802.16 (WiMAX) still remains a question. WiMAX is relatively a new technology; not deployed widely to justify the evidence …