Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes
نویسندگان
چکیده
In web authentication, the many password alternatives proposed over the years, despite having different designs and objectives, all predominantly rely on an element of secrecy. This motivates us, herein, to provide the first detailed exploration of the integration of a fundamentally different element of defense into the design of web authentication schemes: a mimicry resistance dimension. We analyze web authentication mechanisms with respect to new properties related to mimicry-resistance, and in particular evaluate invisible techniques that provide some mimicry-resistance (unlike those relying solely on static secrets), including device fingerprinting schemes, PUFs (physically unclonable functions), and a subset of Internet geolocation mechanisms.
منابع مشابه
GSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication
Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...
متن کاملComparative Analysis of Smart Card Authentication Schemes
Various kinds of authentication schemes have been deployed to secure the information or resources from unauthorized access. In these schemes, server maintains a verification table which is vulnerable to a variety of attacks. To withstand the possible attacks for verification table, smart card based authentication scheme has been proposed as an alternative solution. Smart card is a small, tamper...
متن کاملEnhancing privacy of recent authentication schemes for low-cost RFID systems
Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we a...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کاملوب مرئی و نامرئی: تجزیه و تحلیل استفاده از محیط وب بر اساس مدل ایدهآل تیپ ماکس وبر
Using the Web has become ubiquitous and an indispensable part of scientists’ daily life. Although there are many studies dealing with the use of the Web, few studies have focused on how different user groups including scientists make use of visible and invisible parts of the Web for educational and research purposes. This article first introduces the visible and invisible parts of the Web, and ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1708.01706 شماره
صفحات -
تاریخ انتشار 2017