Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 2 of 2
Full-Text Articles in Computer Sciences
Trust Negotiation For Authentication And Authorization In Healthcare Information Systems, Charles D. Knutson, Kent E. Seamons, Tore L. Sundelin, David K. Vawdrey
Trust Negotiation For Authentication And Authorization In Healthcare Information Systems, Charles D. Knutson, Kent E. Seamons, Tore L. Sundelin, David K. Vawdrey
Faculty Publications
The expanding availability of health information in an electronic format is strategic for industry-wide efforts to improve the quality and reduce the cnst of health care. The implementation of electronic medical record systems has been hindered by inadequate security provisions. This paper describes the use of frust negotiation as a framework for providing authentication and access control services in healthcare information systems. nust negotiation enables two parties with no pre-existing relationship to establish the trust necessary to perform sensitive transactions via the mutual disclosure of attributes contained within digital credentials. An extension of this system, surrogate irusf negoikiion is introduced …
Improving The Security And Flexibility Of One-Time Passwords By Signature Chains, Kemal Biçakci, Nazi̇fe Baykal
Improving The Security And Flexibility Of One-Time Passwords By Signature Chains, Kemal Biçakci, Nazi̇fe Baykal
Turkish Journal of Electrical Engineering and Computer Sciences
While the classical attack of ``monitor the network and intercept the password'' can be avoided by advanced protocols like SSH, one-time passwords are still considered a viable alternative or a supplement for software authentication since they are the only ones that safeguard against attacks on insecure client machines. In this paper by using public-key techniques we present a method called signature chain alternative to Lamport's hash chain to improve security and flexibility of one-time passwords. Our proposition improves the security because first, like other public-key authentication protocols, the server and the user do not share a secret, thereby eliminating attacks …