zhu jianxin,yang xiaohu,dong jinxiang,cao zhexin

DOI: https://doi.org/10.3321/j.issn:1002-8331.2002.10.030

2002-01-01

Abstract:The reliable identity authentication will ensure the security of information system firstly.The technology of biometric authentication will provide a more reliable and more secure method to protect the security of information system.This paper analyzes a generalized biometric identification system reference model,then point s out that this model will help the design of architecture in the biometric authentication system.The paper also analyzes the main issues that must be considered in the design of biometric authentication system,then introduces an example -the design of fingerprint-based authentication system in network environment.

姚琳,范庆娜,孔祥维

DOI: https://doi.org/10.3969/j.issn.1001-3695.2010.01.079

2010-01-01

Abstract:Traditional authorization with a variety of secure and privacy limitations,cannot satisfy the security needs of the internet environment,this paper proposed an identity authentication scheme based on biometric encryption.By adopting the biometric encryption,protected the biometric and key of the user well.The scheme could prevent unauthorized users from accessing and avoid unauthorized use of resources.The experiment results show that the scheme can distinguish the genuine users from imitated users though the face expressions very much.The scheme provided perfect authentication,and secure the communication well.

Qi Xie,Ji-Lin Wang,Deren Chen,Xiuyuan Yu

DOI: https://doi.org/10.1109/csse.2008.1043

2008-01-01

Abstract:Recently, Das et al. proposed a dynamic ID-based remote user authentication scheme using smart cards. Liao et al. pointed out some weaknesses of Das et al.psilas scheme, and presented an improved scheme. However, an impersonate attack on Liao et al.psilas scheme is proposed, it proves that their scheme is also insecure. To overcome the weakness, the new scheme is presented. The advantage of the proposed scheme is that there are no secret numbers in the smart card, and can withstand all sorts of attacks.

Lein Harn,Hung-Yu Lin,Shoubao Yang

DOI: https://doi.org/10.1016/0167-4048(92)90130-J

1992-01-01

Abstract:This paper describes a software authentication technique based on the public key cryptography for information integrity. The software provider can use a secret key to sign any released program and the user can verify the integrity of programs obtained from vendors or a ''trusted information database''. The software provider needs to go through a registration process to become ''licensed'' and obtains certificates from multiple certificate centers before being able to sign any released program. Users need only one public key to verify the integrity of the programs.

Yuanchao Shu,Jiming Chen,Fachang Jiang,Yu Gu,Zhiyu Dai,Tian He

DOI: https://doi.org/10.1145/2070942.2071025

2011-01-01

Abstract:To bridge the gap between insufficiency of existing proximity authentication solutions and the increasing demand of high security guarantee for access control systems, we develope a WISP-based access control system combing electronic and mechanical authentication methods. In our authentication, encryption complexity is changeable and trusted users can share privileges with each other. During experiments, our system has achieved 95% authentication accuracy rate with up to 3 different users.

Lein Harn,Hung-Yu Lin,Shoubao Yang

DOI: https://doi.org/10.1145/131214.131270

1992-01-01

Abstract:In the absence of systematic techniques to detect the existence of computer viruses, preventing suspicious software from entering the system at the initial point of entry appears to be the best method to protect computing resources against attacks of computer viruses. Currently, software is distributed primarily by diskettes instead of online transmission. Diskettes are more susceptible to modification and masquerading while on-line transmission usually follows proper user/message authentication. A software authentication system is proposed which does not require a mutually trusted center of both software vendors and users, or users' interaction with any key center. Vendors assume responsibility by signing released software and users verify the authenticity of received software before using it. Through such an authentication process, users eliminate the risk of running “unlicensed” or modified programs, thus eliminating the possibility of virus infections.

Yao Liu,Yueting Chai,Yi Liu

DOI: https://doi.org/10.1109/icebe.2015.76

2015-01-01

Abstract:In the current Internet environment, security incidents occur frequently and the potential safety problems are highlighted. In this case, we propose "Internet trusted identity authentication system". The system changes the previous conventional mode of identity authentication, changes the mode of username/password to the relationship bound between net ID and password rule and replaces the traditional dead-password mode with the mode of dynamic password and password rule. At the same time, we should establish the repository of trusted identity to store and manage the net ID and password rule. With the tools of USBKEY, SMS and digital certificates, the system can achieve the function of implementing the real-name network in the Internet, making remembering passwords more convenience, simplifying users' operations online and strengthening the security of personal identification information online, which can improve the safety, reliability and efficiency of the Internet, on the premise that it won't change the Internet functions or the operation habits.

Xiong Li,Jianwei Niu,Muhammad Khurram Khan,Junguo Liao

DOI: https://doi.org/10.1109/ISBAST.2013.27

2013-01-01

Abstract:Remote user authentication is an important and efficient method to ensure security for many network-based application systems. So far, several dynamic identity based authentication schemes have been proposed to protect the user's anonymity. Recently, Sood pointed out the security weaknesses of a dynamic identity based authentication scheme, which was proposed by Wang et al. presented an improved scheme. However, in this paper, we demonstrate that Sood's scheme cannot resist leak of verifier attack, impersonation attack and server spoofing attack. Furthermore, Sood's scheme cannot achieve mutual authentication between the user and the server. Consequently, in this paper, we propose a new dynamic identity based user authentication scheme using elliptic curve cryptosystem to resolve all the aforementioned problems.

LI Hua,LIU Zhi,QIN Zheng,ZHANG Xiao-song

DOI: https://doi.org/10.3969/j.issn.1001-3695.2011.03.094

2011-01-01

Abstract:This paper proposed a new approach that could effectively detect and restrict(unknown) malware,and implemented a prototype system.First,used support vector machine to build classifier,which could judge whether a program was malicious or not,and extracted the malware's signature.Agents running in host could detect malware and stop its execution.To analyze precise behaviors,put samples in virtual machines for executions.Experiment results show compared with naive Bayes and decision tree,our system yields low false positives as well false negatives,and the distributed architecture accelerates restriction.

ZHANG Chunrui,XU Ke,HAO Xiangdong,LIU Yuan

DOI: https://doi.org/10.3321/j.issn:1000-0054.2009.10.035

2009-01-01

Abstract:Many applications of engineering simulation need to control remote logins to linux systems and control them. However, almost all such applications use a username-password method for the identity authentication which is net very secure since the password can be easily guessed. This paper presents a digital certificate method for identity authentication in the SSH protocol to improve login security. A remote linux login system was developed to provide single sign-on. The results show that the certificate system for remote linux logins improves application security and workability.

ZHENG Yu,HE Da-ke,MEI Qi-xiang

DOI: https://doi.org/10.3969/j.issn.0258-2724.2006.01.013

2006-01-01

Journal of Southwest Jiaotong University

Abstract:With the help of the key technologies in trusted computing(TC) including integrity measurement,access control and seal storage,a TC-based secure model for software protection was proposed.A trusted platform module(TPM),which is an extention of current USB port,is employed in this model to prevent software from illegal copying,unauthorized modification and implementation of software.The technologies,such as dynamic password-based authentication,role-based access control,code transformation and channel encryption.Compared with traditional schemes,the proposed model implements mutual identification between user and software via TPM,and authentication mechanism via role-based access control(RBAC).

Xiong Li,Jianwei Niu,Yazhi Liu,Junguo Liao,Wei Liang

DOI: https://doi.org/10.1504/ijahuc.2014.066423

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Smart card-based password authentication scheme is one of the most simple and efficient method to identify the legitimacy of a user via an insecure channel. To protect the user from tracking by the attacker, many dynamic ID-based user authentication schemes have been proposed. Recently, Chen et al. proposed an efficient and secure dynamic ID-based authentication scheme using smart cards. However, we find that Chen et al.'s scheme cannot really protect user's anonymity and forward secrecy. Besides, their scheme is inefficient in the authentication phase and cannot resist stolen smart card attack. In this paper, we propose a robust dynamic ID-based user authentication scheme using smart cards to cover the above weaknesses, the proposed scheme can really protect the user's anonymity and is more secure comparing with other related schemes.

Wang Ke,Ling Li

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.02.068

2008-01-01

Abstract:In order to make the authentic-name network services much more convenient and effective for customers,a model of Single-Sign-On in Authentic-Name Network Services is proposed.The model combines the advantages of two popular SSO methods,Centralized SSO(Microsoft) and distributed SSO(Liberty Alliance).Based on this,the SSO process in Authentic-Name Network Services is elaborated with the eKey idea,and finally,a daemon is set up to verify the model.

Mingwei Zhao,Xiaochen Yu

DOI: https://doi.org/10.3969/j.issn.1000-386x.2015.10.076

2015-01-01

Abstract:Compared with traditional static password identity authentication technology,the identity authentication system with dynamic password is more secure.Current schemes of dynamic password authentication have difficulties in heavy computation load and key storage because of the use of the public key encryption system mostly.In view of this,we propose a new identity authentication scheme with dynamic password which combines hash function,symmetric encryption mechanism and Challenge /Response mechanism.At the same time,we carry out the performance test and analysis on the scheme.Experimental results show that the scheme not only realises mutual authentication between server and clients under the network environment,but also has the advantages of high safety,strong practicability,low cost etc., which can be used as the identity authentication in most insecure network channels.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1002/sec.1305

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Nowadays, smart-card-based user authentication becomes one of the most important security issues. But many schemes of that kind are under different attacks. Recently, Kumari et al. pointed that Chen et al.'s scheme and Li et al.'s scheme with the smart card were not secure. They proposed two improved schemes. Unfortunately, we find that the two schemes are not secure. The first scheme of Kumari et al. is under the de-synchronization attack and lacks strong forward security. The second has the weaknesses including no user anonymity and password leaking. Also, it cannot withstand the user-impersonation attack. We present a new scheme also based on the smart card overcoming common disadvantages and give a formal proof. We also use the tool ProVerif to verify the security of our scheme. Compared with some recent schemes, our scheme performs well, and it is fit for network applications. Copyright (C) 2015 John Wiley & Sons, Ltd.

Zhao Mingwei,Ji Xiaoyu,Jiang Rongan

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.05.085

2009-01-01

Abstract:Compared with traditional static password system,the identity authentication system with dynamic password is more secure.Based on ElGamal's private key cryptosystem and challenge-response mechanism,this paper presents a new identity authentication scheme with dynamic password which integrates the smart card and the fingerprint features.The bidirectional authentication between the clients and the server is also achieved.This scheme is effective in preventing reply attack and masquerade attack.

Weiping Zhang,Wenyuan Chen,Shengyong Li,Minhua Feng,Shunyi Tan

DOI: https://doi.org/10.1117/1.3129823

2009-01-01

Journal of Micro/Nanolithography MEMS and MOEMS

Abstract:A novel computer security authentication system is proposed to improve computer security. There are two main differences between the novel system and the conventional one. First, the key is a physical code that is stored in counter meshing gears (CMEs). Second, the user's password is discriminated by a microelectromechanical systems (MEMS) coded lock. This system is composed of a MEMS coded lock, a peripheral component interconnect (PCI) card with a printed circuit board (PCB), and software in a basic input/output system (BIOS) chip. Unlike the old MEMS coded lock, two reset micromotors and an optoelectronic coupler are installed in the new MEMS coded lock. The circuit of the PCI card with PCB, which is used to drive the four micromotors of the lock, is developed. The software is assembled by netwide assembler (NASM) and written into the BIOS chip. Testing of the prototype shows that the MEMS coded lock can discriminate the user's password effectively. If the user's password is matched with the physical code, permission to use the computer is granted; otherwise, it is locked up. (c) 2009 Society of Photo-Optical Instrumentation Engineers. [DOI: 10.1117/1.3129823]

Marimuthu Karuppiah,Ashok Kumar Das,Xiong Li,Saru Kumari,Fan Wu,Shehzad Ashraf Chaudhry,R. Niranchana

DOI: https://doi.org/10.1007/s11036-018-1061-8

2018-01-01

Abstract:Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes.

qi ming,zhang ling,tang shaohua,xiao guozhen

1997-01-01

Abstract:In this paper,many new remote password authentication schemes are proposed based on generalized ElGamal type digital signature schemes.In addition,three improved schemes of paper are presented.By using these schemes,computer system can not only supervises and controls all passwords,but also withstand all attack of forging password.

SHA Yaqing,SUN Hongwei,GU Ming

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.14.049

2006-01-01

Abstract:This paper proposes a new authentication scheme based on smart cards and fingerprint recognition,which solves the insecure problem of the present one using identities and passwords for electronic filing of tax returns systems.This scheme combines fingerprint recognition with the enhanced remote user authentication scheme using smart cards proposed by Awasthi,and uses fingerprint information to justify the owners of smart cards and generate random numbers,keys and passwords,which has the characteristics of dynamic keys,dynamic passwords and two-way authentication,and improves the security of electronic filing of tax returns systems.