We introduce context-aware scalable authentication (CASA) as a way of balancing security and usability for authentication. Our core idea is to combine a number of passive factors for authentication (e.g., a user’s current location) with appropriate active factors. In this paper, we provide a probabilistic framework for dynamically selecting an active authentication scheme that satisfies a secur...

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication sc...

IEEE 802.1X is a key part of IEEE802.11i. By employing Extensible Authentication Protocol (EAP) it supports a variety of upper layer authentication methods each with different benefits and drawbacks. Any one of these authentication methods can be the ideal choice for a specific networking environment. The fact that IEEE 802.11i leaves the selection of the most suitable authentication method to ...

We extend the -calculus and the spi-calculus with two primitives that guarantee authentication. They enable us to abstract from various implementations/specifications of authentication, and to obtain idealized protocols which are “secure by construction”. The main underlying idea, originally proposed in [14] for entity authentication, is to use the locations of processes in order to check who i...

In this paper, we propose a handover authentication mechanism, called handover key management and authentication scheme (HaKMA), which as a three-layer authentication architecture is a new version of our previous work Diffie-Hellman-PKDS-based authentication method (DiHam for short) by improving its key generation flow and adding a handover authentication scheme to respectively speed up handove...

Entity authentication becomes ubiquitously necessary in pervasive computing environments. We provide taxonomy of entity authentication between keys and locks. Based on the discussion, we propose a novel authentication approach for pervasive computing environments. A person uses a single device, the Master Key, which aggregates all his digital keys for entity authentication. The Master Key initi...

Biometric authentication technologies, such as fingerprint, face, iris, and vein, have been widespread in many applications from individual portable devices to national ID management systems. Furthermore, relatively newer biometric authentication modalities including eye movement, lip-motion, etc., have been also researched and developed in order to improve an authentication accuracy and an usa...

Entity authentication provides confidence in the claimed identity of a peer entity, but the manner in which this goal is achieved results in different types of authentication. An important factor in this regard is the order between authentication and the execution of the associated session. In this paper, we consider the case of post-session authentication, where parties authenticate each other...

This paper describes a solution for nodes and message authentication problems in wireless sensor networks, this solution allows effectively avoiding node-impersonation and messaging falsification among the WSN nodes. The resulting protocol address authentication at two level using identity based cryptography and message authentication codes with SHA-1, for node and message authentication respec...

This paper describes BarterRoam: a new novel mobile and wireless roaming settlement model and clearance methodology, based on the concept of sharing and bartering excess capacities for usage in Visiting Wireless Internet Service Provider (WISP) coverage areas with Home WISP. The methodology is not limited to WISPs; it is applicable to virtual WISPs and any Value-Added Services in the mobile and...