احراز هویت

Open Access Article

1 - Providing lightweight mutual group authentication of Internet of Things
reza sarabi miyanaji sam jabbehdari nasser modiri

The Internet of things is becoming the largest computing platform and we are seeing an increase in the number of devices in this environment. In addition, most Things in this infrastructure have the computational power and memory constraints. They cannot perform complex More

The Internet of things is becoming the largest computing platform and we are seeing an increase in the number of devices in this environment. In addition, most Things in this infrastructure have the computational power and memory constraints. They cannot perform complex computational operations. These limitations have been ignored in most traditional authentication methods. Meanwhile, in the new methods of authentication of this environment, not much attention has been paid to the issue of scalability. Therefore, the need for a lightweight, scalable authentication is felt. In this paper, a lightweight authentication protocol is presented in which things are placed in different groups. In each group, a group manager node is considered and as an agent, it performs authentication on behalf of other members. Therefore, Authentication is done in groups, which makes the proposed protocol highly scalable. The proposed method reduces the computational cost of nodes and servers and provides privacy through node anonymity. In addition, it has forward-looking privacy without the use of asynchronous encryption and key agreement. The AVISPA tool has been used to confirm the security of the proposed method. In our method, the computation time of the node and server in authentication has been decreased by 7.8% and 3.5%, respectively, compared with reviewing protocols. Manuscript profile

Open Access Article

2 - A Patient Identification and Authentication Protocol to Increase Security
Afsaneh Sharafi Sepideh Adabi Ali Movaghar Salah Al-Majed

Today, with the ever-expanding IoT, information technology has led the physical world to interact more with stimuli, sensors, and devices. The result of this interaction is communication "anytime, anywhere" in the real world. A research gap that can be felt in addition More

Today, with the ever-expanding IoT, information technology has led the physical world to interact more with stimuli, sensors, and devices. The result of this interaction is communication "anytime, anywhere" in the real world. A research gap that can be felt in addition to providing a multi-layered and highly secure protocol (a protocol that simultaneously performs authentication) and at the same time has a low computational burden. Therefore, in the field of health and treatment and for the purpose of remote monitoring of patients with physical and mental disabilities (such as patients with cerebral palsy and spinal cord amputation) there is an urgent need for a very safe protocol. The protocol we propose in this study is a two-layer protocol called "Identification-Authentication" which is based on EEG and fingerprint. Also, our authentication step is the modified Diffie-Hellman algorithm. This algorithm needs to be modified due to a security problem (the presence of a third person) that the proposed method is able to authenticate the patient with very high accuracy and high speed by receiving the patient's fingerprint and EEG signal. The proposed protocol was evaluated using data from 40 patients with spinal cord injury. The implementation results show more security of this protocol, Validity of the proposed protocol is checked and the processing time of authentication stage is decrease to 0.0215 seconds. Manuscript profile

Open Access Article

3 - Mutual Continuous Lightweight Authentication Based on Node Prioritization Using Traffic Rates for Internet of Things
reza sarabi miyanaji sam jabbehdari nasser modiri

Today, billions of devices are connected via the Internet of Things, often through insecure communications. Therefore, security and privacy issues of these devices are a major concern. Since devices in IoT are typically resource-constrained devices, the security solutio More

Today, billions of devices are connected via the Internet of Things, often through insecure communications. Therefore, security and privacy issues of these devices are a major concern. Since devices in IoT are typically resource-constrained devices, the security solutions of this environment in terms of processing and memory must be secure and lightweight. However, many existing security solutions are not particularly suitable for IoT due to high computation. So there is a need for a lightweight authentication protocol for IoT devices. In this paper, a mutual lightweight authentication protocol between nodes with limited resources and IoT servers is introduced that uses node prioritization based on traffic rates. This scheme is light due to the use of lightweight XOR and Hash operations. The proposed is resistant to cyber-attacks such as eavesdropping attack, and replay attack. The proposed is also secure using the AVISPA tool in the Dolev-Yao threat model. The security risks of this scheme are low compared to other lightweight methods. In addition, the proposal is compared with existing authentication schemes reduces the computational cost, protects privacy through anonymity of nodes, and provides forward secrecy. In our method, the execute time of authentication is reduced by 15% compared to the other methods. Manuscript profile

Open Access Article

4 - SQ-PUF: A Resistant PUF-Based Authentication Protocol against Machine-Learning Attack
Abolfazl Sajadi Bijan Alizadeh

Physically unclonable functions (PUFs) provide hardware to generate a unique challenge-response pattern for authentication and encryption purposes. An essential feature of these circuits is their unpredictability, meaning that an adversary cannot sufficiently predict fu More

Physically unclonable functions (PUFs) provide hardware to generate a unique challenge-response pattern for authentication and encryption purposes. An essential feature of these circuits is their unpredictability, meaning that an adversary cannot sufficiently predict future responses from previous observations. However, machine learning algorithms have been demonstrated to be a severe threat to PUFs since they are capable of accurately modeling their behavior. In this work, we analyze PUF security threats and propose a PUF-based authentication mechanism called SQ-PUF, which can provide good resistance to machine learning attacks. In order to make it harder to simulate or predict, we obfuscated the correlation between challenge-response pairs. Experimental results show that, unlike existing PUFs, even with a large data set, the SQ-PUF model cannot be successfully attacked with a maximum prediction accuracy of 53%, indicating that this model is unpredictable. In addition, the uniformity in this model remains almost the same as the ideal value in A-PUF. Manuscript profile

Open Access Article

5 - Identifying the Key Drivers of Digital Signature Implementation in Iran (using fuzzy Delphi method)
Ghorbanali Mehrabani Fatemeh Zargaran khouzani

iThe purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The More

iThe purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The statistical community consists of all experts and specialists in the field of information technology and digital signature and articles in this field. The sample size of the statistical community of experts is 13 people who were selected by the purposeful sampling method. 30 articles were selected based on their availability and downloadable, non-technical nature, and relevance to the topic. The method of data analysis was done according to the fuzzy Delphi approach. Validity and reliability were calculated and confirmed using the CVR index and Cohen's kappa test with coefficients of 0.83 and 0.93, respectively. The results prove that the key drivers of digital signature implementation in Iran include 5 main dimensions and 30 concepts, which are 1) security (information confidentiality, information security, sender authentication, document authentication, privacy protection, trust between parties), 2) business (digital business models, communication needs, staff management, organization size, organizational structure, organization resources, organizational culture, top managers, competition ecosystem, e-governance), 3) user (perceived convenience, perceived benefit, consumer behavior, consumer literacy, consumer lifestyle), 4) technical (development of technical infrastructure, systems integration, system complexity, system tanks, design quality, technical speed of certificate production and verification, impermeability of hackers) and 5) Legal (legal licenses, penal laws, legislative body, e-commerce laws). Manuscript profile

Open Access Article

6 - Identifying the Key Drivers of Digital Signature Implementation in Iran (Using Fuzzy Delphi Method)
Ghorbanali Mehrabani Fatemeh Zargaran khouzani

Despite the emphasis of researchers and experts on the need to implement digital signatures and the progress of technology towards the digitization of all affairs and electronic governance, Iran is still facing the challenge of implementing digital signatures. The purpo More

Despite the emphasis of researchers and experts on the need to implement digital signatures and the progress of technology towards the digitization of all affairs and electronic governance, Iran is still facing the challenge of implementing digital signatures. The purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The statistical community consists of all experts and specialists in the field of information technology and digital signature and articles in this field. The sample size of the statistical community of experts is 13 people who were selected by the purposeful sampling method. 31 articles were selected based on their availability and downloadable, non-technical nature, and relevance to the topic. The method of data analysis was done according to the fuzzy Delphi approach. Validity and reliability were calculated and confirmed using the CVR index and Cohen's kappa test with coefficients of 0.83 and 0.93, respectively. The results prove that the key drivers of digital signature implementation in Iran include 5 main dimensions and 30 concepts, which are 1) security (information confidentiality, information security, sender authentication, document authentication, privacy protection, trust between parties), 2) business (digital business models, communication needs, staff management, organization size, organizational structure, organization resources, organizational culture, top managers, competition ecosystem, e-governance), 3) user (perceived convenience, perceived benefit, consumer behavior, consumer literacy, consumer lifestyle), 4) technical (development of technical infrastructure, systems integration, system complexity, system tanks, design quality, technical speed of certificate production and verification, impermeability of hackers) and 5) Legal (legal licenses, penal laws, legislative body, e-commerce laws). It is suggested that in the field of digital signature implementation, special attention should be paid to rewriting rules, training users, creating a security culture, and digital signature policymakers should invite knowledge-based companies to cooperate in developing infrastructure and making relevant software competitive. Manuscript profile

List of Articles احراز هویت

Rimag

Links

Related Centers

Technical Support

Official pages