Abstract

Advancement in communication technology provides a scalable platform for various services, where a remote user can access the server from anywhere without moving from its place. It provides a unique opportunity for online services such that a user does not need to be physically present at the service center. These services adopt authentication and key agreement protocols in order to ensure authorized and secure access to the resources. Most of the authentication schemes proposed in the literature support a single-server environment, where the user has to register with each server. If a user wishes to access multiple application servers, he/she requires to register with each server. The multi-server authentication introduces a scalable platform such that a user can interact with any server using single registration. Recently, Chuang and Chen proposed an efficient multi-server authenticated key agreement scheme based on a user’s password and biometrics (Chuang and Chen, 2014). Their scheme is a lightweight, which requires the computation of only hash functions. In this paper, we first analyze Chuang and Chen’s scheme and then identify that their scheme does not resist stolen smart card attack which causes the user’s impersonation attack and server spoofing attack. We also show that their scheme fails to protect denial-of-service attack. We aim to propose an efficient improvement on Chuang and Chen’s scheme to overcome the weaknesses of their scheme, while also retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Chuang and Chen’s scheme. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against the replay and man-in-the-middle attacks. In addition, our scheme is comparable in terms of the communication and computational overheads with Chuang and Chen’s scheme and other related existing schemes.

Abstract

A user authentication in the distributed computer networks (DCNs) plays a crucial rule to verify whether the user is a legal user and can therefore be granted access to the requested services to that user. In recent years, several RSA‐based single sign‐on mechanisms have been proposed in DCNs. However, most of them cannot preserve the user anonymity when possible attacks occur. The user devices are usually battery limited (e.g., cellular phones) and the elliptic‐curve cryptosystem is much efficient than RSA cryptosystem for the battery‐limited devices. In this paper, we aim to propose a new secure elliptic‐curve cryptosystem‐based single sign‐on mechanism for user authentication and key establishment for the secure communications in a DCNs using biometric‐based smart card. In our scheme, a user only needs to remember a private password and his or her selected unique identity to authenticate and agree on a high‐entropy cryptographic one‐time session key with a provider to communicate over untrusted public networks. Through formal and informal security analysis, we show that our scheme prevents other known possible attacks. In addition, we perform simulation on our scheme for the formal security verification using the widely‐accepted Automated Validation of Internet Security Protocols and Applications tool. The simulation results ensure that our scheme is secure against replay and man‐in‐the‐middle attacks. Furthermore, our scheme provides high security along with lower computational cost and communication cost, and as a result, our scheme is much suitable for the battery‐limited devices as compared to other related RSA‐based schemes.

Abstract

Authentication plays an important role in an open network environment in order to authenticate two communication parties among each other. Authentication protocols should protect the sensitive information against a malicious adversary by providing a variety of services, such as authentication, user credentials’ privacy, user revocation and re-registration, when the smart card is lost/stolen or the private key of a user or a server is revealed. Unfortunately, most of the existing multi-server authentication schemes proposed in the literature do not support the fundamental security property such as the revocation and re-registration with same identity. Recently, in 2014, He and Wang proposed a robust and efficient multi-server authentication scheme using biometrics-based smart card and elliptic curve cryptography (ECC). In this paper, we analyze the He-Wang’s scheme and show that He-Wang’s scheme is vulnerable to a known session-specific temporary information attack and impersonation attack. In addition, we show that their scheme does not provide strong user’s anonymity. Furthermore, He-Wang’s scheme cannot support the revocation and re-registration property. Apart from these, He-Wang’s scheme has some design flaws, such as wrong password login and its consequences, and wrong password update during password change phase.

Abstract

In 2013, Althobaiti et al. proposed an efficient biometricbased user authentication scheme for wireless sensor networks. We analyze their scheme for the security against known attacks. Though their scheme is efficient in computation, in this paper we show that their scheme has some security pitfalls such as (1) it is not resilient against node capture attack,(2) it is insecure against impersonation attack and (3) it is insecure against man-in-the-middle attack. Finally, we give some pointers for improving their scheme so that the designed scheme needs to be secure against various known attacks.

Abstract

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

Abstract

Lo et al. (2011) proposed an efficient key assignment scheme for access control in a large leaf class hierarchy where the alternations in leaf classes are more frequent than in non-leaf classes in the hierarchy. Their scheme is based on the public-key cryptosystem and hash function where operations like modular exponentiations are very much costly compared to symmetric-key encryptions and decryptions, and hash computations. Their scheme performs better than the previously proposed schemes. However, in this paper, we show that Lo et al.’s scheme fails to preserve the forward security property where a security class can also derive the secret keys of its successor classes ’s even after deleting the security class from the hierarchy. We aim to propose a new key management scheme for dynamic access control in a large leaf class hierarchy, which makes use of symmetric-key cryptosystem and one-way hash function. We show that our scheme requires significantly less storage and computational overheads as compared to Lo et al.’s scheme and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against all possible attacks including the forward security. In addition, our scheme supports efficiently dynamic access control problems compared to Lo et al.’s scheme and other related schemes. Thus, higher security along with low storage and computational costs make our scheme more suitable for practical applications compared to other schemes.

Abstract

Wireless body area networks (WBANs) can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is also secure against passive and active attacks.

Abstract

Traditional association rule mining based on the support-confidence framework provides the objective measure of the rules that are of interest to users. However, it does not reflect the utility of the rules. To extract non-redundant association rules in support-confidence framework frequent closed itemsets and their generators play an important role. To extract non-redundant association rules among high utility itemsets, high utility closed itemsets (HUCI) and their generators should be extracted in order to apply traditional support-confidence framework. However, no efficient method exists at present for mining HUCIs with their generators. This paper addresses this issue. A postprocessing algorithm, called the HUCI-Miner, is proposed to mine HUCIs with their generators. The proposed algorithm is implemented using both synthetic and real datasets.

Abstract

Mangroves are one of the productive and highly adaptive ecosystems on the Earth, and provide invaluable services to the coastal communities. Ecological and sustainable management of the mangrove ecosystem requires crucial knowledge of variability and dynamics over a time and space. There are no reliable recent spatial extent estimates of mangroves or trend of coverage in West coast. The mapping from medium spatial resolution remote sensing data often leads to the underestimation of spatial extent. An attempt has been made to provide detailed information of mangroves species distribution using remote sensing data of high spatial resolution integrated with the other collateral field information through GIS. The coastline changes and the mangrove dynamics during 1989–2010 were assessed using supervised classifier technique provided the spatial distribution of mangrove species namely Rhizophora mucronata, Sonneratia caseolaris, Avicennia officinalis, Sonneratia alba, and Kandelia candel with classification good accuracy. Delineation of mangroves at species wise records based on extensive field data will be invaluable for appropriate management (eg plantation, eco-tourism) and conservation measures for estuaries of Central Western Ghats. Mangroves play pivotal role in providing vital ecosystem goods and services, but are under threat due to anthropogenic activities, affecting habitat for specialised fauna and food resources for humans, birds and fish. This necessitates interventions of regulatory authorities to partner with the local communities in the restoration and conservation of mangrove habitats.

Abstract

One of the major challenges in the current scenario for ecological conservation is to quantify the forest landscape in its spatio-temporal domain and understand further implications of those. While the detailed study of the forest ecosystems may provide insights into biodiversity, carrying capacity and productive nature, most of the studies are restricted to single time/event inventory and focused on assessment of tree diversity patterns. Through the adoption of geospatial technologies like remote sensing and Geographical Information System (GIS), though forest monitoring has been possible, the linkages to the biodiversity distribution and its patterns are still at an empirical level, thus supporting broad measures of protection and preservation without accounting for the local/regional variability.