Abstract

Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu’s scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu’s scheme. We show that our scheme is efficient as compared to Lee-Liu’s scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

Abstract

Several key management schemes for access control in a user hierarchy have been proposed in the recent years. However, most of them have dealt with key management issues for tree structured hierarchies, which result overheads when they are applied to the linear hierarchies. Linear hierarchy comprises a particularly interesting type of hierarchies, and it appears in a wide range of applications such as secure communications within security corporations and multi-layered data streaming. In this paper, we propose an effective key management scheme for linear hierarchies. Compared to the recently proposed Hassen et al.'s scheme, our scheme reduces the storage overhead of each class significantly. Further, use of symmetric-key cryptosystem (Advanced Encryption Standard algorithm) makes the key sizes for security classes to reduce in our scheme. In addition, our scheme is secure against possible attacks required for a linear hierarchy access control scheme. Security along with low storage and computational overheads make our scheme to be much suitable for practical applications for linear hierarchies.

Abstract

In an access control scheme, a deployed sensor node proves its identity to its neighbor nodes through authentication and also proves that it has the proper right to access the sensor network. After successful authentication, the shared secret keys should be established between a deployed sensor node and its neighbor nodes to protect communications. In a wireless sensor network, we often require deployment of new nodes to extend the lifetime of the network because sensor network may be lost due to power exhaustion problem or malicious nodes. In order to protect malicious nodes from joining the sensor network, access control mechanism becomes a major challenge in the design of sensor network protocols due to resource limitations of sensor nodes. Until now, there have been ample of access control schemes published in the literature, and each published scheme has its own merits and demerits. In this paper, we have identified all the functionality features and security requirements which must be satisfied for an ideal access control scheme. We have presented and discussed the recently proposed access control schemes available so far in the literature and their cryptanalysis. We have critically analyzed the storage, communication, computational overheads requirement, functionality and security analysis of the existing schemes. Further, we have performed formal security analysis of existing schemes using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. All the schemes are vulnerable to different attacks except the Zhou et al.’s scheme and the Chatterjee et al.’s scheme. However he Zhou et al.’s scheme requires high storage, communication and computational costs. Hence, we feel that there is a strong need to design an ideal efficient access control scheme in future, which should meet all the security requirements and achieve all the functionality features.

Abstract

In this paper, we propose a new biometric-based user authentication mechanism in heterogeneous wireless sensor networks. The proposed protocol provides strong authentication compared to traditional related password-based schemes and achieves good properties such as works without synchronized clock, freely changes password, low computation costs and mutual authentication. Our scheme establishes a symmetric secret session key shared between the user and a sensor node so that the secret session key can be used later for secure future communications between them. Moreover, the proposed scheme provides unconditional security against node capture attack and it is also resilient against different attacks.

Abstract

Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against ‘man-in-the-middle attack’ or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.’s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu–Chen’s scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu–Chen’s scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu–Chen’s scheme, Nikooghadam–Zakerolhosseini’s scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.

Abstract

Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user’s personal biometrics along with his/her password with the help of the smart card. The user’s biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.’s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.’s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

Abstract

In 2012, Das et al. proposed a new password-based user authentication scheme in hierarchical wireless sensor networks [Journal of Network and Computer Applications 35(5) (2012) 1646-1656]. The proposed scheme achieves better security and efficiency as compared to those for other existing password-based user authentication schemes proposed in the literature. This scheme supports to change dynamically the user’s password locally at any time without contacting the base station or gateway node. This scheme also supports dynamic node addition after the initial deployment of nodes in the existing sensor network. In this paper, we simulate this proposed scheme for formal security verification using the widely-accepted Automated Validation of Internet Security Protocols nd Applications (AVISPA) tool. AVISPA tool ensures that whether a protocol is insecure against possible passive and active attacks, including the replay and man-in-the-middle attacks. Using the AVISPA model checkers, we show that Das et al.’s scheme is secure against possible assive and active attacks.

Abstract

Friendsourcing games aim to collect useful information about individuals by targeting their socially connected groups or friends. The current method of eliciting information is to pose direct questions to friends and expect a truthful response in return. However, such an approach not only becomes monotonous after some time but also suffers from problems like social awkwardness and reticence and thus, affecting the accuracy of the generated responses. In this paper, we present Power of Friends, a novel approach to friendsourcing games, which involves identifying the unanimous opinion of all the friends about a question related to an individual. We tested our proposed approach with seven different groups and were able to generate 47 facts about members of the selected groups. Participants particularly enjoyed the guesswork and interactive elements of the game. Based on the feedback obtained from the study, we propose four strategies for designing similar friendsourcing games.

Abstract

Sparse representation based image restoration tech-niques have shown to be successful in solving various inverse problems such as denoising, in painting, and super-resolution,etc. on natural images and videos. In this paper, we explore the use of sparse representation based methods specifically to restore the degraded document images. While natural images form a very small subset of all possible images admitting the possibility of sparse representation, document images are significantly more restricted and are expected to be ideally suited for such a representation. However, the binary nature of textual document images makes dictionary learning and coding techniques unsuitable to be applied directly. We leverage the fact that different characters possess similar strokes, curves, and edges, and learn a dictionary that gives sparse decomposition for patches. Experimental results show significant improvement in image quality and OCR performance on documents collected from a variety of sources such as magazines and books. This method is therefore, ideally suited for restoring highly degraded images in repositories such as digital libraries.

Abstract

Sparse representations have emerged as a powerful approach for encoding images in a large class of machine recognition problems including face recognition. These methods rely on the use of an over-complete basis set for representing an image. This often assumes the availability of a large number of labeled training images, especially for high dimensional data. In many practical problems, the number of labeled training samples are very limited leading to significant degradations in classification performance. To address the problem of lack of training samples, we propose a semi-supervised algorithm that labels the unlabeled samples through a multi-stage label propagation combined with sparse representation. In this representation, each image is decomposed as a linear combination of its nearest basis images, which has the advantage of both locality and sparsity.Extensive experiments on publicly available face databases show that the results are significantly better compared to state-of-the-art face recognition methods in semi-supervised setting and are on par with fully supervised techniques