Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297578
M. David, G. Hussein, K. Sakurai
We propose identity authentication by using a contactless smart card (CSC) with multiple biometric features for secure logical access to improve airport security. Proper identification of a cardholder with reliable data securely stored in a CSC provides a means to validate and audit access into a computer or communications network. We recommend the CSC because it facilitates fast, secure physical access to airport facilities, and offers lower mechanical complexity of the reader/writer (r/w) unit, thereby affording higher reliability and less field maintenance. The two-stage random number generator (TSRG) cryptosystem hybrid scheme algorithm is proposed for secure identity authentication between the cardholder and the workstation. This hybrid cryptosystem is based on an attack-oriented design to satisfy all security services. For enrollment, the user's live biometrics is scanned and, the unique characteristics are extracted from the biometric image to create the user's biometric template. The TSRG cryptosystem generates the appropriate seed that is called basic random data, random key and data key. Using the previous random data, instantaneous real time one time pad (OTP)-like data with lengths equal to that of the template is generated and combined with the template, then encrypted using the data key. A collision resistant hashing scheme is used for hashing the encrypted template to be used in the signature. The hash value is appended to the random key and data key. To generate the signature block, these three values are encrypted using the public key algorithm. The result is concatenated with the encrypted basic random data and template then stored in the smart card. For authenticating the user, the smart card is positioned onto a reader/writer. The stored file of the encrypted biometric template is retrieved. The identity verification process starts with placing the user's biometric feature on the scanner. The unique characteristics are extracted from the biometric image to create the users "live" biometric template. This new template is then compared with the template previously and a numeric matching score is generated, based on the percent of matching between the live and stored template. System designers determine the threshold value for this identity verification score based upon the security threat to the system.
{"title":"Secure identity authentication and logical access control for airport information systems","authors":"M. David, G. Hussein, K. Sakurai","doi":"10.1109/CCST.2003.1297578","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297578","url":null,"abstract":"We propose identity authentication by using a contactless smart card (CSC) with multiple biometric features for secure logical access to improve airport security. Proper identification of a cardholder with reliable data securely stored in a CSC provides a means to validate and audit access into a computer or communications network. We recommend the CSC because it facilitates fast, secure physical access to airport facilities, and offers lower mechanical complexity of the reader/writer (r/w) unit, thereby affording higher reliability and less field maintenance. The two-stage random number generator (TSRG) cryptosystem hybrid scheme algorithm is proposed for secure identity authentication between the cardholder and the workstation. This hybrid cryptosystem is based on an attack-oriented design to satisfy all security services. For enrollment, the user's live biometrics is scanned and, the unique characteristics are extracted from the biometric image to create the user's biometric template. The TSRG cryptosystem generates the appropriate seed that is called basic random data, random key and data key. Using the previous random data, instantaneous real time one time pad (OTP)-like data with lengths equal to that of the template is generated and combined with the template, then encrypted using the data key. A collision resistant hashing scheme is used for hashing the encrypted template to be used in the signature. The hash value is appended to the random key and data key. To generate the signature block, these three values are encrypted using the public key algorithm. The result is concatenated with the encrypted basic random data and template then stored in the smart card. For authenticating the user, the smart card is positioned onto a reader/writer. The stored file of the encrypted biometric template is retrieved. The identity verification process starts with placing the user's biometric feature on the scanner. The unique characteristics are extracted from the biometric image to create the users \"live\" biometric template. This new template is then compared with the template previously and a numeric matching score is generated, based on the percent of matching between the live and stored template. System designers determine the threshold value for this identity verification score based upon the security threat to the system.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"52 3-4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120917740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297537
Shwu-Jing Chang
Maritime security has become major concerns of all coastal states, and the fundamental requirement is "maritime domain awareness" via identification, tracking and monitoring of vessels within their waters. We first identify candidate technologies and systems for different types of vessels. These systems have been designed and provided with regulatory framework for other reasons such as sustainable fishery, search and rescue, environmental protection, navigational safety, etc. We then present the results of a feasibility study on the application and integration of the technologies and facilities of these systems for maritime security. The technologies such as automatic identification systems (AIS), Inmarsat-C, and digital selective calling (DSC) and GSM are investigated with regard to the propagation/coverage, cost, reliability, etc. based on sea trials and field tests of prototype subsystems. Finally, we propose an integrated vessel identification and monitoring system and present a prototype system to demonstrate the display and fusion of targets from various sources including radar surveillance.
{"title":"Vessel identification and monitoring systems for maritime security","authors":"Shwu-Jing Chang","doi":"10.1109/CCST.2003.1297537","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297537","url":null,"abstract":"Maritime security has become major concerns of all coastal states, and the fundamental requirement is \"maritime domain awareness\" via identification, tracking and monitoring of vessels within their waters. We first identify candidate technologies and systems for different types of vessels. These systems have been designed and provided with regulatory framework for other reasons such as sustainable fishery, search and rescue, environmental protection, navigational safety, etc. We then present the results of a feasibility study on the application and integration of the technologies and facilities of these systems for maritime security. The technologies such as automatic identification systems (AIS), Inmarsat-C, and digital selective calling (DSC) and GSM are investigated with regard to the propagation/coverage, cost, reliability, etc. based on sea trials and field tests of prototype subsystems. Finally, we propose an integrated vessel identification and monitoring system and present a prototype system to demonstrate the display and fusion of targets from various sources including radar surveillance.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131434876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297527
S.G. King, J. Stewart, T.M. Wood
We detail the Operational Test and Evaluation Program (OTEP) at the U.S. National Guard Bureau's (NGB) Center for National Response (CNR). OTEP's mission is to evaluate the utility of equipment, technology, and apparatus to materially aid emergency responders in a weapons of mass destruction (WMD) environment. The goal is twofold. First, to allow emergency responders to operationally test equipment in a realistic WMD environment, prior to purchase, so that they are able to resourcefully identify equipment that meets their needs and enables them to complete their mission. Second, to provide the manufacturers with test results and feedback from the testing organization, which presents them with product strengths, as well as ways in which they can improve their product.
{"title":"Testing and evaluating counterterrorism technology","authors":"S.G. King, J. Stewart, T.M. Wood","doi":"10.1109/CCST.2003.1297527","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297527","url":null,"abstract":"We detail the Operational Test and Evaluation Program (OTEP) at the U.S. National Guard Bureau's (NGB) Center for National Response (CNR). OTEP's mission is to evaluate the utility of equipment, technology, and apparatus to materially aid emergency responders in a weapons of mass destruction (WMD) environment. The goal is twofold. First, to allow emergency responders to operationally test equipment in a realistic WMD environment, prior to purchase, so that they are able to resourcefully identify equipment that meets their needs and enables them to complete their mission. Second, to provide the manufacturers with test results and feedback from the testing organization, which presents them with product strengths, as well as ways in which they can improve their product.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124021083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297571
J.J.-R. Chen, P. Sun, Chih-Lin Lin
The vogue of Internet, makes the changes of the people' s style. Security is one of the key elements of the development of Internet. Digital certification can take the place of identification and verification in virtual world constructed by computer network. MAMBO, USUDA, and OKAMOTO are the pioneers in the research of proxy signature and brings digital signature into a new direction. The original signer can authorize the proxy signers to act as agent via proxy signature scheme without leaking his/her private key. Most of the proposed scheme usually emphasize on the factuality of proxy signature. Some researchers take warrants to enhance the security of proxy signature scheme. The agent may sign many times after one legal authorization until the origin signer changed his/her password or grant periods. The others may need a secure channel to transmit parameters and it decrease practicability. This paper proposes a new proxy signature scheme that can set the grant period without using a warrant or a secure channel. Our scheme is based on the complexity of the discrete logarithm. We also make use of Denning's time stamp technology to solve the problem of the illegal using of proxy signature by illegal user.
{"title":"A new proxy signature scheme based on dual complexities","authors":"J.J.-R. Chen, P. Sun, Chih-Lin Lin","doi":"10.1109/CCST.2003.1297571","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297571","url":null,"abstract":"The vogue of Internet, makes the changes of the people' s style. Security is one of the key elements of the development of Internet. Digital certification can take the place of identification and verification in virtual world constructed by computer network. MAMBO, USUDA, and OKAMOTO are the pioneers in the research of proxy signature and brings digital signature into a new direction. The original signer can authorize the proxy signers to act as agent via proxy signature scheme without leaking his/her private key. Most of the proposed scheme usually emphasize on the factuality of proxy signature. Some researchers take warrants to enhance the security of proxy signature scheme. The agent may sign many times after one legal authorization until the origin signer changed his/her password or grant periods. The others may need a secure channel to transmit parameters and it decrease practicability. This paper proposes a new proxy signature scheme that can set the grant period without using a warrant or a secure channel. Our scheme is based on the complexity of the discrete logarithm. We also make use of Denning's time stamp technology to solve the problem of the illegal using of proxy signature by illegal user.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129068934","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297542
J. Fu, C. Cai, Y. Lu, Z. Shen
A driver-enhanced single pole double-throw (SPDT) switch was designed and implemented for secured giga-scale system. The design were simulated on advanced design system (ADS) package and implemented on RT-duriod 5880 with 10 mils thick dielectric substrate in a 3-port WR28 waveguide, to validate the design for broadband application in Ka-band of digital millimeter waves.
{"title":"Millimeter wave control switch for secure giga-scale system","authors":"J. Fu, C. Cai, Y. Lu, Z. Shen","doi":"10.1109/CCST.2003.1297542","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297542","url":null,"abstract":"A driver-enhanced single pole double-throw (SPDT) switch was designed and implemented for secured giga-scale system. The design were simulated on advanced design system (ADS) package and implemented on RT-duriod 5880 with 10 mils thick dielectric substrate in a 3-port WR28 waveguide, to validate the design for broadband application in Ka-band of digital millimeter waves.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114707376","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297577
C. Wilkinson, E. Rao
This paper cover a major airport security focus since the tragic events of 9/11; namely employee access to secure areas, and the application of new technologies (biometrics and smart cards) to enhance airport security. The significance of access controls systems to airport security is apparent by several recent studies made by US federal oversight entities, which identified "unauthorized access" to secure areas as one of the highest potential vulnerability. As a consequence, deployment of biometrics and other new technologies were emphasized by US legislation shortly after 9-11. Although the new legislation for creating the US Transportation Security Administration focused on passengers and their baggage screening, equal importance was placed on airport access controls with potential new multipurpose applications such as a transportation worker identity card and trusted traveler card. Existing access control systems at US airports were based on a series of regulatory requirements and guidelines, which did not reflect this increased security requirement. Accordingly, a federal advisory committee under the RTCA (Radio and Technical Commission for Aeronautics) was established to set an appropriate set of guidelines and minimum standards to meet the new requirements. This paper discusses the process used to establish new guidelines and minimum standards, and the results of the process, and its importance to airports. The guidance provided various airport security stakeholders, namely airport operators, consultants and federal regulating agencies, on the areas of operational requirements, system and subsystem performance, system verification and validation are described. Critical technical issues such as nature of the credential, nature of the biometrics, and interoperability requirements within the USA and elsewhere, are elaborated. Finally, lessons learned from the previous generation of access control systems implementation difficulties: including poor specifications, environmental susceptibility, system verification, system phasing and limited planning for future technology, are discussed.
{"title":"Airport access control standards","authors":"C. Wilkinson, E. Rao","doi":"10.1109/CCST.2003.1297577","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297577","url":null,"abstract":"This paper cover a major airport security focus since the tragic events of 9/11; namely employee access to secure areas, and the application of new technologies (biometrics and smart cards) to enhance airport security. The significance of access controls systems to airport security is apparent by several recent studies made by US federal oversight entities, which identified \"unauthorized access\" to secure areas as one of the highest potential vulnerability. As a consequence, deployment of biometrics and other new technologies were emphasized by US legislation shortly after 9-11. Although the new legislation for creating the US Transportation Security Administration focused on passengers and their baggage screening, equal importance was placed on airport access controls with potential new multipurpose applications such as a transportation worker identity card and trusted traveler card. Existing access control systems at US airports were based on a series of regulatory requirements and guidelines, which did not reflect this increased security requirement. Accordingly, a federal advisory committee under the RTCA (Radio and Technical Commission for Aeronautics) was established to set an appropriate set of guidelines and minimum standards to meet the new requirements. This paper discusses the process used to establish new guidelines and minimum standards, and the results of the process, and its importance to airports. The guidance provided various airport security stakeholders, namely airport operators, consultants and federal regulating agencies, on the areas of operational requirements, system and subsystem performance, system verification and validation are described. Critical technical issues such as nature of the credential, nature of the biometrics, and interoperability requirements within the USA and elsewhere, are elaborated. Finally, lessons learned from the previous generation of access control systems implementation difficulties: including poor specifications, environmental susceptibility, system verification, system phasing and limited planning for future technology, are discussed.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"110 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126869084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297540
W. Liu, X. Liu
The mathematical model of two novel constant false alarm rate (CFAR) detectors, the And-CFAR and Or-CFAR, are derived. The two new CFAR detectors improve the conventional cell averaging CFAR (CA-CFAR) and order statistics CFAR (OS-CFAR) by making full use of the cell information. The mathematical model has been validated.
{"title":"And-CFAR and Or-CFAR detectors design in Weibull background","authors":"W. Liu, X. Liu","doi":"10.1109/CCST.2003.1297540","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297540","url":null,"abstract":"The mathematical model of two novel constant false alarm rate (CFAR) detectors, the And-CFAR and Or-CFAR, are derived. The two new CFAR detectors improve the conventional cell averaging CFAR (CA-CFAR) and order statistics CFAR (OS-CFAR) by making full use of the cell information. The mathematical model has been validated.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124267245","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297559
T.M. Wood, S.G. King, J. Kennon
We describe a concept for a formalized system of analysis tools intended for use in evaluating risk of terrorist attacks on a facility, based upon a proven vulnerability assessment methodology and traditional approach. It describes a three-phase approach, including: 1) focusing policy, procedures, budgeting, research and development, and further assessment activities on those scenarios, which are most likely to be high-risk scenarios; 2) evaluating facilities across an organization in order to prioritize them for detailed facility evaluations; and 3) conducting a detailed facility assessment.
{"title":"A risk assessment system for multi-facility organizations","authors":"T.M. Wood, S.G. King, J. Kennon","doi":"10.1109/CCST.2003.1297559","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297559","url":null,"abstract":"We describe a concept for a formalized system of analysis tools intended for use in evaluating risk of terrorist attacks on a facility, based upon a proven vulnerability assessment methodology and traditional approach. It describes a three-phase approach, including: 1) focusing policy, procedures, budgeting, research and development, and further assessment activities on those scenarios, which are most likely to be high-risk scenarios; 2) evaluating facilities across an organization in order to prioritize them for detailed facility evaluations; and 3) conducting a detailed facility assessment.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"392 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124651235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297602
P. Deng, L. Jaw, Jau-Hwang Wang, C. Tung
Handwritten signature verification has been extensively studied in past decades. Its many applications include banking, credit card validation, security systems etc. We mainly deal with the trace copy forgery detection problem in a handwritten signature verification system. Based on one of our previously study [P. S. Deng et al. (1999)], we have proposed an efficient approach, called Deng's approach to build-up an offline handwritten signature verification system by using wavelet transformation technique. From the experimental results, the accuracy rate of the Deng's approach [P. S. Deng et al. (1999)] is 92.57% and 93.68% for English and Chinese respectively. The approach we proposed not only got a good accuracy result, i.e. 87%, but also has many other advantages as follows: (1) it can be applied in many languages including English and Chinese, (2) it can be adopted to both on-line and off-line applications, and (3) it uses all the strokes information rather than only the vertical strokes information in a Chinese signature.
在过去的几十年里,手写签名的验证得到了广泛的研究。它的许多应用包括银行、信用卡验证、安全系统等。本文主要研究手写签名验证系统中的跟踪副本伪造检测问题。基于我们之前的一项研究[P。S. Deng等人(1999)],我们提出了一种有效的方法,称为Deng的方法,通过小波变换技术建立离线手写签名验证系统。从实验结果来看,邓氏方法的准确率[P。S. Deng et al.(1999)]为92.57%,中文为93.68%。本文提出的方法不仅获得了87%的准确率,而且具有以下优点:(1)可应用于包括英语和汉语在内的多种语言;(2)在线和离线应用均可采用;(3)利用中文签名中的所有笔画信息而不仅仅是竖笔画信息。
{"title":"Trace copy forgery detection for handwritten signature verification","authors":"P. Deng, L. Jaw, Jau-Hwang Wang, C. Tung","doi":"10.1109/CCST.2003.1297602","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297602","url":null,"abstract":"Handwritten signature verification has been extensively studied in past decades. Its many applications include banking, credit card validation, security systems etc. We mainly deal with the trace copy forgery detection problem in a handwritten signature verification system. Based on one of our previously study [P. S. Deng et al. (1999)], we have proposed an efficient approach, called Deng's approach to build-up an offline handwritten signature verification system by using wavelet transformation technique. From the experimental results, the accuracy rate of the Deng's approach [P. S. Deng et al. (1999)] is 92.57% and 93.68% for English and Chinese respectively. The approach we proposed not only got a good accuracy result, i.e. 87%, but also has many other advantages as follows: (1) it can be applied in many languages including English and Chinese, (2) it can be adopted to both on-line and off-line applications, and (3) it uses all the strokes information rather than only the vertical strokes information in a Chinese signature.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116506582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2003-10-14DOI: 10.1109/CCST.2003.1297550
H. Chien, J. Jan
Conventionally, user authentication and access control are two separate security mechanisms in many distributed systems. An integrated design of user authentication and access control may provide better performance in terms of security and computational complexity. We discuss the pros and cons of the separate approach and the integrated approach, and then propose a new integrated scheme without using public key cryptography. The new scheme has several practical merits - no user-sensitive data stored on the server, no storage for access list or capability list on the server, extreme low computational cost, the freedom of choosing users' passwords, and mutual authentication.
{"title":"An integrated user authentication and access control scheme without public key cryptography","authors":"H. Chien, J. Jan","doi":"10.1109/CCST.2003.1297550","DOIUrl":"https://doi.org/10.1109/CCST.2003.1297550","url":null,"abstract":"Conventionally, user authentication and access control are two separate security mechanisms in many distributed systems. An integrated design of user authentication and access control may provide better performance in terms of security and computational complexity. We discuss the pros and cons of the separate approach and the integrated approach, and then propose a new integrated scheme without using public key cryptography. The new scheme has several practical merits - no user-sensitive data stored on the server, no storage for access list or capability list on the server, extreme low computational cost, the freedom of choosing users' passwords, and mutual authentication.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130295920","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: