A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.

System and method for secure three-party communications

In this paper, the fundamental insecurities hampering a scalable, wide-spread deployment of biometric authentication are examined, and a cryptosystem capable of using fingerprint data as its key is presented. For our application, we focus on situations where a private key stored on a smartcard is used for authentication in a networked environment, and we assume an attacker can launch o -line attacks against a stolen card.Juels and Sudan's fuzzy vault is used as a starting point for building and analyzing a secure authentication scheme using fingerprints and smartcards called a figerprint vault. Fingerprint minutiae coordinates mi are encoded as elements in a nite eld F and the secret key is encoded in a polynomial f(x) over F[x]. The polynomial is evaluated at the minutiae locations, and the pairs (mi, f(mi)) are stored along with random (ci, di) cha points such that di ≠ f(ci). Given a matching fingerprint, a valid user can seperate out enough true points from the cha points to reconstruct f(x), and hence the original secret key.The parameters of the vault are selected such that the attacker's vault unlocking complexity is maximized, subject to zero unlocking complexity with a matching fingerprint and a reasonable amount of error. For a feature location measurement variance of 9 pixels, the optimal vault is 269 times more difficult to unlock for an attacker compared to a user posessing a matching fingerprint, along with approximately a 30% chance of unlocking failure.

Secure smartcardbased fingerprint authentication

A survey of approaches combining safety and security for industrial control systems

A system and method authenticates users via any two or three of 1) Something the user knows; 2) Something the user has; and 3) A physical characteristic of the user.

System and method for authenticating users using two or more factors

With the fast development in ad hoc wireless communications and vehicular technology, it is foreseeable that, in the near future, traffic information will be collected and disseminated in real-time by mobile sensors instead of fixed sensors used in the current infrastructure-based traffic information systems. A distributed network of vehicles such as a vehicular ad hoc network (VANET) can easily turn into an infrastructure-less self-organizing traffic information system, where any vehicle can participate in collecting and reporting useful traffic information such as section travel time, flow rate, and density. Disseminating traffic information relies on broadcasting protocols. Recently, there have been a significant number of broadcasting protocols for VANETs reported in the literature. In this paper, we classify and provide an in-depth review of these protocols.

A Review of Information Dissemination Protocols for Vehicular Ad Hoc Networks

As the use of information technology is increasing rapidly in organizations around the world, an important task is to design global networks with high security, eÆciency and functionality. While centralized systems have the advantages of simpli ed management, they face the problems of bottleneck and single point of failure. In this paper, we propose a new authorization scheme that operates over existing centralized authentication mechanisms. The goal is to enhance the performance and scalability in a centrally administered security architecture. A new technique of using one-shot authorization tokens is introduced. It facilitates a mechanism for updating or revocation of the access rights of users in online or o -line authorization models. A smart card is used as an authorization device in addition to its traditional function of user authentication. This scheme provides the mobility for users and the exibility in coping with di erent access control policies in a cross domain multi-application environment.

Cross-domain one-shot authorization using smart cards

Network-based Intrusion Detection Systems (NIDSs) analyse network traffic to detect instances of malicious activity. Typically, this is only possible when the network traffic is accessible for analysis. With the growing use of Virtual Private Networks (VPNs) that encrypt network traffic, the NIDS can no longer access this crucial audit data. In this paper, we present an implementation and evaluation of our approach proposed in Goh et al. (2009). It is based on Shamir's secret-sharing scheme and allows a NIDS to function normally in a VPN without any modifications and without compromising the confidentiality afforded by the VPN.

/pdf/experimenting-with-an-intrusion-detection-system-for-22obbpjkeu.pdf

Experimenting with an Intrusion Detection System for Encrypted Networks

Experimenting with an intrusion detection system for encrypted networks

A novel user-centric authorisation framework suitable for e-commerce in an open environment is proposed. The credential-based approach allows a user to gain access rights anonymously from various service providers who may not have pre-existing relationships. Trust establishment is achieved by making use of referrals from external third parties in the form of Anonymous Attribute Certificates. The concepts of One-task Authorisation Key and Binding Signature are proposed to facilitate pseudonymity in authorisation service. These mechanisms enhance user privacy and tackle the problem of scalability in identity-based access control systems.

A user-centric anonymous authorisation framework in e-commerce environment

This paper presents alternative schemes for the integration of smart card technology into the Kerberos authentication system. A limitation of the initial interaction phase is identified and three implementation options are proposed to overcome this weakness. A further three implementation options are described that enhance the security of Kerberos authentication, however these do not cryptgraphically overcome the identified limitation.

Integrating Smart Cards Into Authentication Systems

Handle everyday research tasks with reliable, citation-backed results

Your personal Research Agent to handle research tasks with citation-backed results

Popular Tasks used by Researchers

How can I help with your research?

Meet SciSpace

Get more enhanced response by uploading the PDFs you want me to reference.

No relevant PDFs in your library

SciSpace is the AI research assistant for academics. Run systematic literature reviews on 280M+ papers, and write papers with cited sources. Trusted by 1M+ students, PhDs & researchers.

SciSpace | AI for Research

Analyze PDFs

Code & Manuscripts

Funding & Grants

Literature & Patents

Medical & Clinical Data

Systematic Review

Visualize & Present

Web & Data

Build a Google Scholar-like website for your research.

Build a website

Create charts and images for your research

Create a Chart

Write a paper for submission to a journal

Draft a manuscript

Patent Search

Design eye-catching scientific posters in minutes.

Scientific Poster Generation

Systematic Literature Review

One task is running at the moment. Your messages will be shown right after.

Drag and drop or click here to browse

Loved by <highlight>1 million+</highlight> researchers

Extract a list of specific topics and their sources from unstructured text

Topics

Compare and analyze relevant papers that matches with your search

Papers

Get insights from PDFs and bookmarked papers from your library

My library

Recent searches

Try searching for:

Catch AI-generated content in scholarly and non-scholarly content

{ai} Detector

Ai Writer

Get PDF Summaries, highlighted text explanations 

Chat with PDF

Effortlessly create in-text citations and bibliographies in APA and 2,500 other formats

Citation generator

Get explanations, summaries, and answers on academic papers

Ease up your research workflow with {scispace}'s cohort of exciting AI tools

Elevate your academic writing skills and convey your ideas the way you want

Paraphraser

Explore our range of reading and writing tools

Your file is being prepared and should be ready in a few minutes. If it's a large file, it might take a bit longer. You can close this window, and we'll email you the file when it's done.

You have reached a maximum limit of <strong>{limit}</strong> columns in the table. Remove at least <strong>1</strong> column to add or create another one.

Mark Looi

Author Tools

Chat about Author