Design and Implementation of Secure OTP Generation for IoT Devices
|
|
- Regina Mildred Hancock
- 6 years ago
- Views:
Transcription
1 , pp Design and Implementation of Secure OTP Generation for IoT Devices Young-Sae Kim 1 and Jeong-Nyeo Kim 1 1 Electronics and Telecommunications Research Institute (ETRI), Daejeon, Rep. Of Korea {vincent, jnkim}@etri.re.kr Abstract. This paper presents a secure design and implementation of a One Time Password (OTP) generation scheme with an OTP generation engine based on Mobile Trusted Module (MTM). In order to make security enhancement of IoT services as well as that of IoT devices, we integrate a hardware-based OTP generation engine into the MTM and design a new OTP generation procedure interacting with the OTP generation engine. The new design is implemented and verified on our prototype IoT device with the MTM. As a result, it is shown that the proposed architecture provides an efficient security solution suitable for IoT devices and services Keywords: OTP, IoT, MTM, security 1 Introduction Security in the IoT environment can be variously approached from a technical point of view [1]. However, considering the basic configuration of IoT that a person, a device, and a service are connected, the security of the device and that of the service are key technologies for IoT security. Therefore, it is indispensable and essential to protect IoT devices from security threats, to keep the devices safe, and to guarantee the security of the device. And security-enhanced user authentication should be applied to make IoT services more secure. In the field of device security various technologies have been studied such as secure SE [2], MTM [3] and so on. In the field of service security, OTP authentication technology is used as a strong authentication method in secure user authentication [4, 5]. However, it is difficult to apply current security technologies to IoT environment. Therefore, it is necessary to study security technology that can provide security suitable for IoT environment. In this paper, we have developed and verified the OTP generation scheme based on MTM, which is a kind of security technology suitable for the IoT environment. This paper is organized as follows. Section 2 describes related works and security issues related to IoT, and Section 3 shows the proposed design of the OTP generation engine and application. In Section 4, the implementation and verification results are reported. Finally, conclusions are presented in Section 5. ISSN: ASTL Copyright 2017 SERSC
2 2 Related Works 2.1 IoT Security With the growth of IoT, security threats such as security vulnerabilities, privacy, forgery, hacking, and malfunction are growing in parallel. In general, IoT technology includes various element technologies such as sensing, data processing, networking, and low-power consumption. However, considering that the security threats can cause economic losses, social infrastructure paralysis, and even personal threats, security technology should also be developed as a component technology for IoT and various researches related to IoT security are being carried out [6-8]. Therefore, for IoT devices, especially client devices for IoT services like smart phones, it is essential to develop security technologies dedicated to IoT services such as data protection, user authentication for service use, access control, and so on. 2.2 MTM The MTM is a kind of chip which is installed in mobile devices such as smart phones to provide Root of Trust and to guarantee the device integrity based on the hardwarebased security such as secure storage and cryptographic primitives [3]. TCG standardizes the mobile-specific and hardware-based security module that can solve security problems such as user authentication, platform authentication, device authentication and data protection for mobile devices or embedded systems. 2.3 OTP Authentication With the increase of user authentication service and that of attacks to the traditional authentication method, the need for improved security of user authentication method grows. Traditional static password authentication methods are widely used due to their convenience. However, they often suffer from attacks as eavesdropping, replay, guessing and so on. As a way to free from any of them, OTP authentication service is usually adopted to support 2-factor authentication for various fields such as financial, portal, game and so on [4, 5]. One-time password authentication, by default, requires a user-side OTP generator, called token, for the generation of dynamic passwords. Recently, the OTP generation in mobile devices is being increasingly used as a way to facilitate OTP authentication without dedicated OTP hardware token. This is referred to as mobile OTP token. However, the mobile OTP usually is an application implemented by software in a mobile terminal. That is why there is a possibility in which important information or the OTP value is hacked by an external attack for generating a mobile OTP. In this paper, we propose an MTM-based OTP generator, which is a new OTP generation technology that solves the problems of existing mobile OTP technology and provides security for IoT devices. 76 Copyright 2017 SERSC
3 3 Design This section describes the design of the MTM-based OTP engine, which is the core module of the proposed OTP generator. In order to provide secure service the proposed OTP generator constructs a secure device environment through MTM which provides integrity functions and various security functions for the IoT client devices and adds an OTP generation engine to MTM for secure user authentication. It is a hardware-based security technology that does not depend on the software platform of the device, so it is easy to apply to various kinds of client devices in numerous IoT services. 3.1 OTP Generation Engine As described in section 2, MTM provides integrity assurance, secure storage, and various encryption functions based on hardware security. In general, MTM is implemented as a chip and mounted on a mobile device. The proposed architecture of the MTM is shown in Fig. 1. The MTM shown in Figure 1 is an expanded MTM with a security service engine in addition to the basic function engines of the MTM. The security service engine includes an OTP generation engine. Although the OTP generation engine is separate from the MTM function, the hash function required for OTP generation uses a cryptographic processor and the seed to be safely stored for OTP generation is designed to use a secure storage function in Flash memory. It has the advantage that the OTP generation engine can be implemented by utilizing the resources of the MTM chip without supplement of resources. Fig. 1. Proposed architecture for the MTM Copyright 2017 SERSC 77
4 3.2 OTP Generation Application To generate an OTP value based on the expanded MTM with the OTP generation engine, the OTP generation application on the device is designed as shown in Fig. 2. There are four main functional blocks: MTM-based OTP generation engine, OTP generation API (Application Programming Interface), OTP management API, and user interface. In the OTP generation process the application on the device only plays the role of showing the OTP generation request and the generated OTP value to the user. In practice, the creation of the OTP value and the storage of the important data are performed on the independent hardware MTM. As a result, it is possible to generate OTP securely. Fig. 2. Procedure design of the OTP Application 4 Implementation and Verification The MTM-based OTP generation engine is implemented in the proposed MTM chip. Then, the OTP generation application is implemented on an IoT client device with the MTM chip. This section describes the implementation and test results of the OTP generation. 4.1 Implementation Fist, the implementation of MTM chip uses smart card IC which is verified and used for various security products. Second, a mobile device based on Android OS was made as a prototype for an IoT client device embedded with the MTM chip. Finally, the OTP generation function is performed in conjunction with the MTM chip at application level. Table 1 summarizes the features of the implemented MTM chip and Fig. 3. shows the prototype IoT device with the MTM chip. 78 Copyright 2017 SERSC
5 Table 1. MTM chip features Parameter Size Chip Core I/O Interface Value 3.2mm x 2.9mm Smart Card IC UART Fig. 3. Prototype of the implemented IoT device 4.2 Verification To verify the MTM-based OTP generation function, a reference OTP application and an OTP authentication server provided for OTP verification are utilized [9]. Since the reference application is implemented by software only, it is modified according to the design of the hardware-based OTP generation so that the OTP generation function and the important data storage function can be performed in conjunction with the OTP generation engine of the MTM. Fig. 4. Verification procedure of OTP generation Copyright 2017 SERSC 79
6 Fig.4 shows the verification procedure in which the generated OTP value from the modified OTP generation app on the prototype device with MTM is verified at the authentication server. 5 Conclusion This paper presents the design and implementation of an efficient OTP generation engine for IoT client devices that requires both the security of devices and that of services. For the purpose, each of the MTM and the OTP generation app is modified in order to add a novel hardware-based OTP engine to the MTM and to design the OTP generation app interworking with the expanded MTM. We also present a new procedure to implement the hardware/software co-design of OTP generation in IoT devices. The results of implementation and verification show that the proposed architecture contributes a good solution to practical implementation of the OTP authentication for IoT security. Acknowledgments. This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No , Development of Operating System Security Core Technology for the Smart Lightweight IoT Devices) References 1. ITU.: The Internet of Things. Internet Reports, (2005). 2. J. Guaus, L. Kanniainen, P. Koistinen, P. Laaksonen, K. Murphy, J. Remes, N. Taylor and O. Welin, Best Practice for Mobile Financial Services: Enrolment Business Model Analysis. Mobey Forum Mobile Financial Services Ltd., Helsinki, (2008). 3. M. Kim, H. Ju, Y. Kim, J. Park and Y. Park, Design and implementation of mobile trusted module for trusted mobile computing, IEEE Transactions on Consumer Electronics, vol. 56, no. 8, (2010), pp N. Haller, C. Metz, P. Nesser and M. Straw, A One-Time Password system, IETF RFC 2289, (1998). 5. ITU-T.: Management framework of a one time password-based authentication service. Recommendation X.1153, (2011). 6. R. H. Weber, Internet of things - new security and privacy challenges, Computer Law & Security Review, vol. 26, (2010), pp D. Gessner, A. Olivereau, A. S. Segura and A. Serbanati, A.: Trustworthy Infrastructure Services for a Secure and Privacy-respecting Internet of Things. In: Proceedings of IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp (2012) 8. Keoh, S., Kumar, S., Tschofenig, H.: Securing the internet of things: A standardization perspective. In: IEEE Internet of Things Journal, Vol. 1, No. 3, pp (2014) 9. Mobile OTP project, 80 Copyright 2017 SERSC
The Design and Implementation of a BLE-based WebD2D Service for Android Smartphone
, pp.1-5 http://dx.doi.org/10.14257/astl.2017.146.01 The Design and Implementation of a BLE-based WebD2D Service for Android Smartphone Do-Hyung Kim 1, Seok-Jin Yoon 1, Hyung-Seok Lee 1 and Jae-Ho Lee
More informationA Virtual-Synchronized-File Based Privacy Protection System
Vol.133 (Information Technology and Computer Science 2016), pp.29-33 http://dx.doi.org/10.14257/astl.2016. A Virtual-Synchronized-File Based Privacy Protection System Hye-Lim Jeong 1, Ki-Woong Park 2 System
More informationFeatured Articles II Security Research and Development Research and Development of Advanced Security Technology
364 Hitachi Review Vol. 65 (2016), No. 8 Featured Articles II Security Research and Development Research and Development of Advanced Security Technology Tadashi Kaji, Ph.D. OVERVIEW: The damage done by
More informationA Study on the IoT Sensor Interaction Transmission System based on BigData
Vol.123 (SoftTech 2016), pp.220-224 http://dx.doi.org/10.14257/astl.2016.123.41 A Study on the IoT Sensor Interaction Transmission System based on BigData Jin-Tae Park 1, Gyung-Soo Phyo 1 and Il-Young
More informationNetwork Intrusion Forensics System based on Collection and Preservation of Attack Evidence
, pp.354-359 http://dx.doi.org/10.14257/astl.2016.139.71 Network Intrusion Forensics System based on Collection and Preservation of Attack Evidence Jong-Hyun Kim, Yangseo Choi, Joo-Young Lee, Sunoh Choi,
More informationA Design of Authentication Protocol for a Limited Mobile Network Environment
Vol.29 (SecTech 2013), pp.41-45 http://dx.doi.org/10.14257/astl.2013.29.08 A Design of Authentication Protocol for a Limited Mobile Network Environment Minha Park 1,1, Yeog Kim 2, Okyeon Yi 3 1, 3 Dept.
More informationTrusted Computing Today: Benefits and Solutions
Trusted Computing Today: Benefits and Solutions Brian D. Berger EVP Marketing & Sales Wave Systems Corp. bberger@wavesys.com Copyright 2009 Trusted Computing Group Agenda TCG Vision TCG Benefits Solution
More informationProvisioning secure Identity for Microcontroller based IoT Devices
Provisioning secure Identity for Microcontroller based IoT Devices Mark Schaeffer, Sr. Product Marketing Manager, Security Solutions Synergy IoT Platform Business Division, Renesas Electronics, Inc. May
More informationDevelopment of Smart-CITY Based Convergent Contents Platform Using Bluetooth Low Energy Beacon Sensors
, pp.16-20 http://dx.doi.org/10.14257/astl.2017.145.04 Development of Smart-CITY Based Convergent Contents Platform Using Bluetooth Low Energy Beacon Sensors Jihoon Seo 1 and Kil-Hong Joo 2* 1 HI-CUBE,
More informationBuilding Ubiquitous Computing Environment Using the Web of Things Platform
, pp.105-109 http://dx.doi.org/10.14257/astl.2013 Building Ubiquitous Computing Environment Using the Web of Things Platform Woo-Chang Shin Dept. of Computer Science, at SeoKyeong University 16-1 Jungneung-Dong
More informationIntroduction to Device Trust Architecture
Introduction to Device Trust Architecture July 2018 www.globalplatform.org 2018 GlobalPlatform, Inc. THE TECHNOLOGY The Device Trust Architecture is a security framework which shows how GlobalPlatform
More informationDesign and Implementation of a RFC3161-Enhanced Time-Stamping Service
Design and Implementation of a RFC3161-Enhanced Time-Stamping Service Chung-Huang Yang, 1 Chih-Ching Yeh, 2 and Fang-Dar Chu 3 1 Institute of Information and Computer Education, National Kaohsiung Normal
More informationTrusted Computing Group
Trusted Computing Group Backgrounder May 2003 Copyright 2003 Trusted Computing Group (www.trustedcomputinggroup.org.) All Rights Reserved Trusted Computing Group Enabling the Industry to Make Computing
More informationSecuring Network Communications
Securing Network Communications Demonstration: Securing network access with Whitenoise Labs identity management, one-time-pad dynamic authentication, and onetime-pad authenticated encryption. Use of Whitenoise
More informationAccelerating the implementation of trusted computing
Infineon Network Use Case Accelerating the implementation of trusted computing Building Confidence in Our Connected World with TPM middleware Products OPTIGA TPM www.infineon.com/ispn Use Case Use case
More informationInternet of Things Security standards
Internet of Things Security standards Vangelis Gazis (vangelis.gazis@huawei.com) Chief Architect Security Internet of Things (IoT) Security Solution Planning & Architecture Design (SPD) Security standards
More informationFirmware Updates for Internet of Things Devices
Firmware Updates for Internet of Things Devices Brendan Moran, Milosch Meriac, Hannes Tschofenig Drafts: draft-moran-suit-architecture draft-moran-suit-manifest 1 WHY DO WE CARE? 2 IoT needs a firmware
More informationRandom Password Generation of OTP System using Changed Location and Angle of Fingerprint Features
Random Password Generation of OTP System using Changed Location and Angle of Fingerprint Features ByungRae Cha*, KyungJun Kim, HyunShik Na** Dept. of Computer Eng.*, Dept. of Radio Mobile Communication
More informationA Mobile Device Classification Mechanism for Efficient Prevention of Wireless Intrusion
A obile Device Classification echanism for Efficient Prevention of Wireless Intrusion Hyeokchan Kwon 1, Sin-Hyo Kim 1, 1 Electronics and Telecommunications Research Institue, 218 Gajeong-ro, Yuseong-gu,
More informationTrusted Platform for Mobile Devices: Challenges and Solutions
Trusted Platform for Mobile Devices: Challenges and Solutions Lily Chen Motorola Inc. May 13, 2005 Outline Introduction Challenges for a trusted platform Current solutions Standard activities Summary New
More informationExploring the potential of Mobile Connect: From authentication to identity and attribute sharing. Janne Jutila, Head of Business Development, GSMA
Exploring the potential of Mobile Connect: From authentication to identity and attribute sharing Janne Jutila, Head of Business Development, GSMA Fragility of passwords No matter what you tell them, users
More informationAS emas emudhra Authentication Solution
AS emas emudhra Authentication Solution Create your own trusted enterprise network of users, devices, applications! With malware, ransomware and other cyber threats constantly thrown at Enterprises, a
More informationOpen Mobile API The enabler of Mobile ID solutions. Alexander Summerer, Giesecke & Devrient 30th Oct. 2014
The enabler of solutions Alexander Summerer, Giesecke & Devrient 30th Oct. 2014 SIMalliance Allows usage of Secure Elements in Mobile Devices Designed for Open Handset OS platforms Common API for Apps
More informationMobile: Purely a Powerful Platform; Or Panacea?
EBT: The Next Generation 2017 Mobile: Purely a Powerful Platform; Or Panacea? Evan O Regan, Director of Product Management Authentication & Fraud Solutions Entrust Datacard POWERFUL PLATFORM OR PANACEA
More informationTrusted Platform Module explained
Bosch Security Systems Video Systems Trusted Platform Module explained What it is, what it does and what its benefits are 3 August 2016 2 Bosch Security Systems Video Systems Table of contents Table of
More informationEasy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications
Infineon Network Use Case Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications Providing Infineon customers with an easy path to integrating TPM support into their products and systems
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationA Design of Building Group Management Service Framework for On-Going Commissioning
, pp.84-88 http://dx.doi.org/10.14257/astl.2014.49.18 A Design of Building Group Management Service Framework for On-Going Commissioning Taehyung Kim 1, Youn Kwae Jeong 1 and Il Woo Lee 1, 1 Electronics
More informationSemantic IoT System for Indoor Environment Control A Sparql and SQL based hybrid model
, pp.678-683 http://dx.doi.org/10.14257/astl.2015.120.135 Semantic IoT System for Indoor Environment Control A Sparql and SQL based hybrid model Faiza Tila, Do Hyuen Kim Computer Engineering Department,
More informationWindows 10 IoT Core Azure Connectivity and Security
Windows 10 IoT Core Azure Connectivity and Security Published July 27, 2016 Version 1.0 Table of Contents Introduction... 2 Device identities... 2 Building security into the platform... 3 Security as a
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationSecurity Flaws of Cheng et al. s Biometric-based Remote User Authentication Scheme Using Quadratic Residues
Contemporary Engineering Sciences, Vol. 7, 2014, no. 26, 1467-1473 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ces.2014.49118 Security Flaws of Cheng et al. s Biometric-based Remote User Authentication
More informationSmart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability
Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 25,
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationCardOS Secure Elements for Smart Home Applications
Infineon Security Partner Network Partner Use Case CardOS Secure Elements for Smart Home Applications Using cryptographic functionality provided by ATOS to secure embedded platforms in Smart Home applications.
More informationIntelligent Terminal System Based on Trusted Platform Module
American Journal of Mobile Systems, Applications and Services Vol. 4, No. 3, 2018, pp. 13-18 http://www.aiscience.org/journal/ajmsas ISSN: 2471-7282 (Print); ISSN: 2471-7290 (Online) Intelligent Terminal
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More information1. INTRODUCTION 2. PROPOSED SYSTEM. Parashar Sangle, IJECS Volume 05 Issue 12 Dec., 2016 Page No Page 19489
www.ijecs.in International Journal Of Engineering And Computer Science ISSN: 2319-7242 Volume 5 Issue 12 Dec. 2016, Page No. 19489-19493 Data Security System in Cloud by Using Fog Computing and Data Mining
More informationThe Next Generation of Credential Technology
The Next Generation of Credential Technology Seos Credential Technology from HID Global The Next Generation of Credential Technology Seos provides the ideal mix of security and flexibility for any organization.
More information#RSAC #RSAC Thing Thing Thing Thing Thing Thing Edge Edge Gateway Gateway Cut costs Create value Find information in data then act Maintain Things Enrol Authorized Users & Things Authentication
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationITU-T SG 17 Q10/17. Trust Elevation Frameworks
ITU-T SG 17 Q10/17 Trust Elevation Frameworks Abbie Barbir, Ph.D. ITU-T SG 17 Q10 Rapporteur Martin Euchner SG 17 Advisor ITU Workshop on "Future Trust and Knowledge Infrastructure July 1 2016 Contents
More informationSECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA
SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA CTO Office www.digi.me another Engineering Briefing digi.me keeping your data secure at all times ALL YOUR DATA IN ONE PLACE TO SHARE WITH PEOPLE WHO
More informationSecurity Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement
Security Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement Young-Hwa An* * Division of Computer and Media Information Engineering, Kangnam University 111, Gugal-dong,
More informationBuilding Digital Key Solution for Automotive
Building Digital Key Solution for Automotive Content Overview Use Cases Unlocking Use Cases Key Provisioning Use Cases Key Sharing Use Cases Key Properties High Level Architecture and Related Standards
More information$263 WHITE PAPER. Flexible Key Provisioning with SRAM PUF. Securing Billions of IoT Devices Requires a New Key Provisioning Method that Scales
WHITE PAPER Flexible Key Provisioning with SRAM PUF SRAM PUF Benefits Uses standard SRAM Device-unique keys No secrets reside on the chip No key material programmed Flexible and scalable Certifications:
More informationPro s and con s Why pins # s, passwords, smart cards and tokens fail
Current Authentication Methods Pro s and con s Why pins # s, passwords, smart cards and tokens fail IDENTIFYING CREDENTIALS In The Physical World Verified by Physical Inspection of the Credential by an
More informationScienceDirect. A Secure and Light Weight Authentication Service in Hadoop using One Time Pad
Available online at www.sciencedirect.com ScienceDirect Procedia Computer Science 50 (2015 ) 81 86 2nd International Symposium on Big Data and Cloud Computing (ISBCC 15) A Secure and Light Weight Authentication
More informationSecurity Enhanced IEEE 802.1x Authentication Method for WLAN Mobile Router
Security Enhanced IEEE 802.1x Method for WLAN Mobile Router Keun Young Park*, Yong Soo Kim*, Juho Kim* * Department of Computer Science & Engineering, Sogang University, Seoul, Korea kypark@sogang.ac.kr,
More informationExecutive Summary. (The Abridged Version of The White Paper) BLOCKCHAIN OF THINGS, INC. A Delaware Corporation
2017 Executive Summary (The Abridged Version of The White Paper) BLOCKCHAIN OF THINGS, INC. A Delaware Corporation www.blockchainofthings.com Abstract The Internet of Things (IoT) is not secure and we
More informationSmart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme
Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme Y.. Lee Department of Security Technology and Management WuFeng niversity, hiayi, 653, Taiwan yclee@wfu.edu.tw ABSTRAT Due
More informationResearch on the Performance of JavaScript-based IoT Service Platform
International Journal of Control Theory and Applications ISSN : 0974-5572 International Science Press Volume 9 Number 44 2016 Research on the Performance of JavaScript-based IoT Service Platform Jin-Tae
More informationData Sheet NCP Secure Enterprise Management
Centrally Managed VPN Fully Automatic Operation of a Remote Access VPN via a Single Console Administration and license management system for NCP Exclusive Remote Access Clients Enables easy rollout and
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationMulti-factor Authentication Using Mobile Phones
Multi-factor Authentication Using Mobile Phones Prathamesh S. Dhanorkar 1, Atish R. Jadhav 2, Assistant Professor Shweta B. Barshe 3 1 Department of Computer Engineering, BVCOE, 2 Department of Computer
More informationShifting focus: Internet of Things (IoT) from the security manufacturer's perspective
Shifting focus: Internet of Things (IoT) from the security manufacturer's perspective Published on 27 Nov 2018 The term Internet of Things (IoT) has almost been beaten to death at this point, as more and
More informationSmart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security
Smart Cards and Authentication Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security Payment Landscape Contactless payment technology being deployed Speeds
More informationA Study on Secure SDLC Specialized in Common Criteria
, pp.19-23 http://dx.doi.org/10.14257/astl.2015.93.05 A Study on Secure SDLC Specialized in Common Criteria Min-Gyu Lee 1, Hyo-jung Sohn 2, Baek-MinSeong 3 and Jong-Bae Kim 4* 1,2,3,4* Graduate School
More informationLinQ2FA. Helping You. Network. Direct Communication. Stay Fraud Free!
LinQ2FA Stay Fraud Free! Helping You Direct Communication Secure to your Your customers Network LINQ2FA Stay Fraud Free! Enhance your security against cyber fraud with Two Factor Authentication Suitable
More informationWi-Fi Security for Next Generation Connectivity. Perry Correll Aerohive, Wi-Fi Alliance member October 2018
Perry Correll Aerohive, Wi-Fi Alliance member October 2018 1 Value of Wi-F1 The value Wi-Fi provides to the global economy rivals the combined market value of Apple Inc. and Amazon. The fact that Wi-Fi
More informationNCP Exclusive Remote Access Management
Centrally Managed VPN Fully Automatic Operation of a Remote Access VPN via a Single Console Administration and license management system for NCP Exclusive Remote Access Clients Enables easy rollout and
More informationSEAhawk and Self Encrypting Drives (SED) Whitepaper
Suite 301, 100 Front Street East, Toronto, Ontario, M5A 1E1 SEAhawk and Self Encrypting Drives (SED) Whitepaper This paper discusses the technology behind Self-Encrypting Drives (SEDs) and how Cryptomill
More informationResearch on Autonomic Control System Connection Goal-model and Fault-tree
, pp.47-53 http://dx.doi.org/10.14257/astl.2016.129.10 Research on Autonomic Control System Connection Goal-model and Fault-tree Dongbeom Ko 1, Teayoung Kim 1, Sungjoo Kang 2, Ingeol Chun 2, Jeongmin Park
More informationImplementation of Digital Contents System for Cleaning Facility management
, pp.126-130 http://dx.doi.org/10.14257/astl.2016.135.32 Implementation of Digital Contents System for Cleaning Facility management Byeongtae Ahn 1, 1 Division of Liberal Arts at Anyang University, Daeshin-Hall
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationSafelayer's Adaptive Authentication: Increased security through context information
1 Safelayer's Adaptive Authentication: Increased security through context information The password continues to be the most widely used credential, although awareness is growing that it provides insufficient
More informationASC Chairman. Best Practice In Data Security In The Cloud. Speaker Name Dr. Eng. Bahaa Hasan
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Best Practice In Data Security
More informationAdvanced Android Security APIs. KeyStore and Crypto VPN
Advanced Android Security APIs KeyStore and Crypto VPN 1 KEYCHAIN AND CRYPTO APIS Like any other OS: support for crypto operations - SecureRandom: generate cryptographically secure random data E.g., seeding
More informationAn Automata-based Security Policy Translation for Network Security Functions
An Automata-based Security Policy Translation for Network Security Functions Jinhyuk Yang, Jaehoon (Paul) Jeong Department of Electrical and Computer Engineering, Sungkyunkwan University, Republic of Korea
More informationOffline dictionary attack on TCG TPM weak authorisation data, and solution
Offline dictionary attack on TCG TPM weak authorisation data, and solution Liqun Chen HP Labs, UK Mark Ryan HP Labs, UK, and University of Birmingham Abstract The Trusted Platform Module (TPM) is a hardware
More informationA Two-Fold Authentication Mechanism for Network Security
Asian Journal of Engineering and Applied Technology ISSN 2249-068X Vol. 7 No. 2, 2018, pp. 86-90 The Research Publication, www.trp.org.in A Two-Fold for Network Security D. Selvamani 1 and V Selvi 2 1
More informationMobilePASS for BlackBerry OS 10
MobilePASS for BlackBerry OS 10 CUSTOMER RELEASE NOTES Version: 8.4 Build: 84 Issue Date: 25 March 2015 Document Part Number: 007-012937-001, Rev. B Contents Product Description... 2 Release Description...
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationDeliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) ATTPS. Achieving The Trust Paradigm Shift
Deliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) Version 1.0 Author: Bharadwaj Pulugundla (Verizon) 25.10.2015 Table of content 1. Introduction... 3
More informationA Personal Information Retrieval System in a Web Environment
Vol.87 (Art, Culture, Game, Graphics, Broadcasting and Digital Contents 2015), pp.42-46 http://dx.doi.org/10.14257/astl.2015.87.10 A Personal Information Retrieval System in a Web Environment YoungDeok
More informationSecurity and Privacy in the Internet of Things : Antonio F. Skarmeta
Security and Privacy in the Internet of Things : Antonio F. Skarmeta University of Murcia (UMU) SPAIN Motivation Security and privacy concerns were always there but we need to move from
More informationNational Institute of Information and Communications Technology. Cybersecurity Laboratory Security Fundamentals Laboratory Planning Office
National Institute of Information and Communications Technology Cybersecurity Research Institute Cybersecurity Laboratory Security Fundamentals Laboratory Planning Office National Institute of Information
More informationImplementation of ATM security using IOT
Implementation of ATM security using IOT Mahalakshmi.T.K 1, J.Kumudha 2, M.Ranjitha 3, Mr.J.Gurumurthy 4, Dr.D.Sivakumar 5 1,2,3 Department of electronics and communication engineering, Easwari engineering
More informationStorage as an IoT Device Roundtable Walt Hubis, CISSP Tom Coughlin
Storage as an IoT Device Roundtable Walt Hubis, CISSP Tom Coughlin Participants Monty A. Forehand Product Security Officer and Technologist Seagate Technology Robert Thibadeau Chairman and CEO Drive Trust
More informationPass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
More informationA Study on the Communication Agent Model for One-way Data Transfer System
, pp. 161-168 http://dx.doi.org/10.14257/ijsh.2015.9.10.18 A Study on the Communication Agent Model for One-way Data Transfer System Young-Chul Oh 1, Mi-Ran Han 2, Yongtae Shin 3 and Jong-Bae Kim 4* 1
More informationMobile Security using IBM Endpoint Manager Mobile Device Management
Mobile Security using IBM Endpoint Manager Mobile Device Management Mahendra Chopra Security Solution Architect @ IBM CIO Lab, Innovation mahendra.chopra@in.ibm.com Agenda Market Trends Mobile Security?
More informationFederal Information Processing Standard (FIPS) What is it? Why should you care?
Federal Information Processing Standard (FIPS) 140-2 What is it? Why should you care? SECURITY IS BECOMING A GROWING CONCERN The migration from TDM to IP communication networks has drastically increased
More informationA Secure Routing Protocol for Wireless Adhoc Network Creation
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 6, June 2014, pg.88
More informationZigBee Security Using Attribute-Based Proxy Re-encryption
J. lnf. Commun. Converg. Eng. 10(4): 343-348, Dec. 2012 Regular Paper ZigBee Security Using Attribute-Based Proxy Re-encryption Hwajeong Seo and Howon Kim*, Member, KIICE Department of Computer Engineering,
More informationVirtualization and Softwarization Technologies for End-to-end Networking
ization and Softwarization Technologies for End-to-end Networking Naoki Oguchi Toru Katagiri Kazuki Matsui Xi Wang Motoyoshi Sekiya The emergence of 5th generation mobile networks (5G) and Internet of
More informationMobile Devices prioritize User Experience
Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile
More informationKeeping your VPN protected
Keeping your VPN protected Overview The increasing use of remote access is driving businesses to look for an easy to manage, secure solution for providing access to sensitive company assets. To meet that
More informationKeeping your VPN protected. proven. trusted.
Keeping your VPN protected proven. trusted. Overview The increasing use of remote access is driving businesses to look for an easy to manage, secure solution for providing access to sensitive company assets.
More informationAn Enhanced Security Policy Framework for Android
All rights are reserved and copyright of this manuscript belongs to the authors. This manuscript has been published without reviewing and editing as received from the authors: posting the manuscript to
More information[NEC Group Internal Use Only] IoT Security. - Challenges & Standardization status. Sivabalan Arumugam.
[NEC Group Internal Use Only] IoT Security - Challenges & Standardization status Sivabalan Arumugam Outline IoT Security Overview IoT Security Challenges IoT related Threats
More informationProgressive Authentication in ios
Progressive Authentication in ios Genghis Chau, Denis Plotnikov, Edwin Zhang December 12 th, 2014 1 Overview In today s increasingly mobile-centric world, more people are beginning to use their smartphones
More informationCryptography and Network Security
Security Sixth Edition Chapter 1 Introduction Dr. Ahmed Y. Mahmoud Background Information Security requirements have changed in recent times traditionally provided by physical and administrative mechanisms
More informationAutomotive Security An Overview of Standardization in AUTOSAR
Automotive Security An Overview of Standardization in AUTOSAR Dr. Marcel Wille 31. VDI/VW-Gemeinschaftstagung Automotive Security 21. Oktober 2015, Wolfsburg Hackers take over steering from smart car driver
More informationSecuring Multiple Mobile Platforms
Securing Multiple Mobile Platforms CPU-based Multi Factor Security 2010 Security Workshop ETSI 2010 Security Workshop Navin Govind Aventyn, Inc. Founder and CEO 1 Mobile Platform Security Gaps Software
More informationChongqing, China. *Corresponding author. Keywords: Wireless body area network, Privacy protection, Data aggregation.
2016 International Conference on Computer, Mechatronics and Electronic Engineering (CMEE 2016) ISBN: 978-1-60595-406-6 The Data Aggregation Privacy Protection Algorithm of Body Area Network Based on Data
More informationPenetration testing.
Penetration testing Penetration testing is a globally recognized security measure that can help provide assurances that a company s critical business infrastructure is protected from internal or external
More informationCreating Trust in a Highly Mobile World
Creating Trust in a Highly Mobile World Technical White Paper Oct, 2014 MobileCrypt with Hardware Strength Security MobileCrypt s solution leverages an Android based mobile application and a Hardware Security
More informationSMART DEVICES: DO THEY RESPECT YOUR PRIVACY?
SMART DEVICES: DO THEY RESPECT YOUR PRIVACY? Systems and Mobile Research Lab, Department of Computer Science and Engineering INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Presenter: Sandip Chakraborty sandipc@cse.iitkgp.ac.in
More informationConnecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
More information