Relevant bibliographies by topics / Security tokens

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Security tokens'

Author: Grafiati
Published: 11 September 2021
Last updated: 10 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Security tokens.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Security tokens"

1

Putri, Marsha Chikita Intania, Parman Sukarno, and Aulia Arif Wardana. "Two factor authentication framework based on ethereum blockchain with dApp as token generation system instead of third-party on web application." Register: Jurnal Ilmiah Teknologi Sistem Informasi 6, no. 2 (June 3, 2020): 74. http://dx.doi.org/10.26594/register.v6i2.1932.

Full text
Abstract:
Authentication is a method for securing an account by verifying the user identity by inputting email with a password. Two factor authentications is an authentication system that combines the first-factor authentication with the second factor. General two factor authentication by entering an email or username with a password are similar. However, two factor authentication requires additional information that must be inputted by the user. Additional information can be in the form of tokens or one-time passwords (OTP). Two factor authentications generally still uses third-party services to generate token or OTP still have vulnerable because can attacked from tokens steal through MITM and found that the generated tokens with the same value. Therefore, we propose a two-factor authentication framework based on ethereum blockchain with dApp as token generation system. Firstly, outcome from the analysis of the system, next succeeded in creating a two-factor authentication system without using third-parties. Second, token system generate up to 3164 different tokens in one second and has been collisions tested. Third, security method to protect token from MITM attack. The attacker unable to get access caused all the checking are done by dApp user authentication.
APA, Harvard, Vancouver, ISO, and other styles
2

Skaruz, Jarosław. "Database security: combining neural networks and classification approach." Studia Informatica, no. 23 (December 22, 2020): 95–115. http://dx.doi.org/10.34739/si.2019.23.06.

Full text
Abstract:
In the paper we present a new approach based on application of neural networks to detect SQL attacks. SQL attacks are those attacks that take the advantage of using SQL statements to be performed. The problem of detection of this class of attacks is transformed to time series prediction problem. SQL queries are used as a source of events in a protected environment. To differentiate between normal SQL queries and those sent by an attacker, we divide SQL statements into tokens and pass them to our detection system, which predicts the next token, taking into account previously seen tokens. In the learning phase tokens are passed to a recurrent neural network (RNN) trained by backpropagation through time (BPTT) algorithm. Then, two coefficients of the rule are evaluated. The rule is used to interpret RNN output. In the testing phase RNN with the rule is examined against attacks and legal data to find out how evaluated rule affects efficiency of detecting attacks. All experiments were conducted on Jordan network. Experimental results show the relationship between the rule and a length of SQL queries.
APA, Harvard, Vancouver, ISO, and other styles
3

Jánoky, László Viktor, János Levendovszky, and Péter Ekler. "An analysis on the revoking mechanisms for JSON Web Tokens." International Journal of Distributed Sensor Networks 14, no. 9 (September 2018): 155014771880153. http://dx.doi.org/10.1177/1550147718801535.

Full text
Abstract:
JSON Web Tokens provide a scalable solution with significant performance benefits for user access control in decentralized, large-scale distributed systems. Such examples would entail cloud-based, micro-services styled systems or typical Internet of Things solutions. One of the obstacles still preventing the wide-spread use of JSON Web Token–based access control is the problem of invalidating the issued tokens upon clients leaving the system. Token invalidation presently takes a considerable processing overhead or a drastically increased architectural complexity. Solving this problem without losing the main benefits of JSON Web Tokens still remains an open challenge which will be addressed in the article. We are going to propose some solutions to implement low-complexity token revocations and compare their characteristics in different environments with the traditional solutions. The proposed solutions have the benefit of preserving the advantages of JSON Web Tokens, while also adhering to stronger security constraints and possessing a finely tuneable performance cost.
APA, Harvard, Vancouver, ISO, and other styles
4

Klimm, Alexander, Benjamin Glas, Matthias Wachs, Sebastian Vogel, Klaus D. Müller-Glaser, and Jürgen Becker. "A Security Scheme for Dependable Key Insertion in Mobile Embedded Devices." International Journal of Reconfigurable Computing 2011 (2011): 1–19. http://dx.doi.org/10.1155/2011/820454.

Full text
Abstract:
Public Key Cryptography enables entity authentication protocols based on a platform's knowledge of other platforms' public key. This is particularly advantageous for embedded systems, such as FPGA platforms, with limited or none read-protected memory resources. For access control systems, an access token is authenticated by the mobile system. Only the public key of authorized tokens needs to be stored inside the mobile platform. At some point during the platform's lifetime, these might need to be updated in the field due to loss or damage of tokens. This paper proposes a holistic approach for an automotive access control system based on Public Key Cryptography. Next to a FPGA-based hardware architecture, we focus on a secure scheme for key flashing of public keys to highly mobile systems. The main goal of the proposed scheme is the minimization of online dependencies to Trusted Third Parties, Certification Authorities, or the like, to enable key flashing in remote locations with only minor technical infrastructure. Introducing trusted mediator devices, new tokens can be authorized and later their public key can be flashed into a mobile system on demand.
APA, Harvard, Vancouver, ISO, and other styles
5

Martinez Pedreira, Miguel, Costin Grigoras, Volodymyr Yurchenko, and Maksim Melnik Storetvedt. "The Security model of the ALICE next generation Grid framework." EPJ Web of Conferences 214 (2019): 03042. http://dx.doi.org/10.1051/epjconf/201921403042.

Full text
Abstract:
JAliEn (Java-AliEn) is the ALICE next generation Grid framework which will be used for the top-level distributed computing resources management during the LHC Run 3 and onward. While preserving an interface familiar to the ALICE users, its performance and scalability are an order of magnitude better than the currently used framework. To implement the JAliEn security model, we have developed the so-called Token Certificates – short lived full Grid certificates, generated by central services automatically or on the client’s request. Token Certificates allow fine-grained control over user/client authorization, e.g. filtering out unauthorized requests based on the client’s type: end user, job agent, jobpayload. These and other parameters (like job ID) are encrypted in the token by the issuing service and cannot be altered.The client-side security implementation is further described in aspects of the interaction between user jobs and job agents. User jobs will use JAliEn tokens for authentication and authorization by the central JAliEn services. These tokens are passed from the job agent through a pipe stream, not stored on disk and thus readily available only to the intended job process. The level of isolation of user payloads is further improved by running them in containers. While JAliEn doesn't rely on X.509 proxies, the backward compatibility is kept to assure interoperability with services that require them.
APA, Harvard, Vancouver, ISO, and other styles
6

Alabi, Peter Akubo. "AN AUTHENTICATION FOR GROUP COMMUNICATIONS IN AD-HOC NETWORKS." International Journal for Innovation Education and Research 9, no. 2 (February 1, 2021): 396–404. http://dx.doi.org/10.31686/ijier.vol9.iss2.2941.

Full text
Abstract:
Group communication implies a many-to-many communication and it goes beyond both one-to-one communication (i.e., unicast) and one-to-many communication (i.e., multicast). Unlike most user authentication protocols that authenticate a single user each time, we propose a new type of authentication, called group authentication that authenticates all users in a group at once. The group authentication protocol is specially designed to support group communications. There is a group manager who is responsible to manage the group communication. During registration, each user of a group obtains an unique token from the group manager. Users present their tokens to determine whether they all belong to the same group or not. The group authentication protocol allows users to reuse their tokens without compromising the security of tokens. In addition, the group authentication can protect the identity of each user.
APA, Harvard, Vancouver, ISO, and other styles
7

Frischat, Steffen. "The next generation of USB security tokens." Card Technology Today 20, no. 6 (June 2008): 10–11. http://dx.doi.org/10.1016/s0965-2590(08)70153-1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Et. al., Wan Nur Izzah Wan Muhamad Fokri,. "Classification of Cryptocurrency: A Review of the Literature." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 5 (April 11, 2021): 1353–60. http://dx.doi.org/10.17762/turcomat.v12i5.2027.

Full text
Abstract:
Technological development has affected the global financial industry. The use of digital currency is increasingly gaining a place among the world’s population, so much so that there are 2486 types of digital currency on record. Scholars in Islamic finance as well as Fatwa institutions all over the world have delivered their religious decree concerning the digital currency; hence, most discussions about the use of the decree was only directed at Bitcoin as a medium of payment although some digital currencies have other functions, such as being utility and security tokens. Therefore, the decree concerning other digital currencies cannot apply the decree issued for Bitcoin only because each digital currency has a different conceptual framework. Hence, this study, which applied the qualitative approach and a descriptive research design, intended to analyse the classification of digital currencies according to their function and characteristics. The findings show that digital currency is classified into coins, currency, tokens, payment tokens, utility tokens and security or asset tokens. Coins function as a medium of payment and store of value that was developed using its own blockchain. Currency is a medium of exchange and can be exchanged with any form of money, including the crediting or debiting of an account. Tokens represent services, financial instruments or infrastructure that is developed using the blockchain technology of other digital currencies. Tokens are divided into three types according to their function, namely payment tokens, utility tokens and security or asset tokens. The classification of digital currencies provides a guideline for the public who wish to carry out transactions using digital currencies. It is important to ensure that transactions carried out in accordance with the syarak will help alleviate cases of fraud related to investment and sale of digital currencies.
APA, Harvard, Vancouver, ISO, and other styles
9

Liu, Zhenpeng, Xiaojing Song, Wansheng Tang, Xiaomeng Chang, and Dongdong Zhou. "A message-level security model consisting of multiple security-tokens mechanism." Wuhan University Journal of Natural Sciences 12, no. 1 (January 2007): 1–4. http://dx.doi.org/10.1007/s11859-006-0130-1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Subramanian, Hemang. "Security tokens: architecture, smart contract applications and illustrations using SAFE." Managerial Finance 46, no. 6 (August 13, 2019): 735–48. http://dx.doi.org/10.1108/mf-09-2018-0467.

Full text
Abstract:
Purpose Blockchain technologies have pervaded modern crowdfunding and capital sourcing through a variety of financial instruments implemented as smart contracts. Smart contracts provide a unique mechanism not only to create a unique one-of-a-type financial instrument, but also to enable unique innovations atop existing financial instruments due to underlying efficiencies. The smartness comes from the flexibility that programs provide which can create extremely unique financial instruments that are often complex to implement, yet easy to create, maintain through versioning, trade and destroy. The purpose of this paper is to describe the security token architecture as an application of smart contracts. Further, the author illustrates the implementation and design of a commonly used financial instrument known as Simple Agreement for Future Equity (SAFE) using the security token architecture proposed and smart contract functionality. The author then models the transaction using relational algebra, and, models the utility maximization. The author shows how on account of reduced information asymmetry between the investors and SAFE users (i.e. startups) utility is positive when smart contract-based security tokens are deployed for each state in the SAFE contract. Design/methodology/approach Using an existing well-adopted instrument called a SAFE contract, the author illustrates the architecture of a smart contract-based security token system. The author illustrates how different components of a SAFE contract can be implemented as a smart contract and discusses the advantages and disadvantages of applying blockchain-based smart contracts to design SAFE instruments. The author deploys two methods: a state space diagram to explain state transitions and a utility model to explain the utilities. Findings The key findings of this research study are the design of a security token architecture, which can be used to convert any the physical or contract-based financial instrument to a smart contract that runs on the blockchain. However, there are limitations to the implementation of the same which can be overcome. The model illustrates the positive utilities derived for all economic actors, i.e. the contractors, the utility providers, etc., in the market. Originality/value This paper is an original paper. For the very first time, the author explored the architecture of a security token system. Using a well-known financial instrument, namely the SAFE, the author describes various components, e.g. the four contracts that form SAFE and then model the utilities for the system.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Security tokens"

1

Liu, Hailong, Wenhua Qi, Qishan Zhang, and Jinpei Wu. "PKI/PMI AND SMART TOKENS IN HEALTHCARE INFORMATION SYSTEMS." International Foundation for Telemetering, 2003. http://hdl.handle.net/10150/606668.

Full text
Abstract:
International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada
While healthcare industry is striving to achieve e-health systems for improvements in healthcare quality, cost, and access, privacy and security about medical records should be considered carefully. This paper makes a deep study of Public Key Infrastructures (PKIs) and Privilege Management Infrastructures (PMIs) and how they can secure e-health systems. To access resources, e.g. patient records, both authentication and authorization are needed, so public key certificates and attribute certificates are both required to protect healthcare information. From a typical medical scenario, we see not only static but also dynamic permissions are required. Dynamic authorization maybe the most complex problem in e-health systems.
APA, Harvard, Vancouver, ISO, and other styles
2

Tran, Florén Simon. "Implementation and Analysis of Authentication and Authorization Methods in a Microservice Architecture : A Comparison Between Microservice Security Design Patterns for Authentication and Authorization Flows." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-301620.

Full text
Abstract:
Microservices have emerged as an attractive alternative to more classical monolithic software application architectures. Microservices provides many benefits that help with code base comprehension, deployability, testability, and scalability. As the Information technology (IT) industry has grown ever larger, it makes sense for the technology giants to adopt the microservice architecture to make use of these benefits. However, with new software solutions come new security vulnerabilities, especially when the technology is new and vulnerabilities are yet to be fully mapped out. Authentication and authorization are the cornerstone of any application that has a multitude of users. However, due to the lack of studies of microservices, stemming from their relatively young age, there are no standardized design patterns for how authentication and authorization are best implemented in a microservice. This thesis investigates an existing microservice in order to secure it by applying what is known as a security design pattern for authentication and authorization. Different security patterns were tested and compared on performance. The differing levels of security provided by these approaches assisted in identifying an acceptable security versus performance trade-off. Ultimately, the goal was to give the patterns greater validity as accepted security patterns within the area of microservice security. Another goal was to find such a security pattern suitable for the given microservice used in this project. The results showed a correlation between increased security and longer response times. For the general case a security pattern which provided internal authentication and authorization but with some trust between services was suggested. If horizontal scaling was used the results showed that normal services proved to be the best target. Further, it was also revealed that for lower user counts the performance penalties were close to equal between the tested patterns. This meant that for the specific case where microservices sees lower amounts of traffic the recommended pattern was the one that implemented the maximum amount access control checks. In the case for the environment where the research were performed low amounts of traffic was seen and the recommended security pattern was therefore one that secured all services of the microservices.
Mikrotjänster har framträtt som ett mer attraktivt alternativ än mer konventionella mjukvaruapplikationsarkitekturer såsom den monolitiska. Mikrotjänster erbjuder flera fördelar som underlättar med en helhetsförståelse för kodbasen, driftsättning, testbarhet, och skalbarhet. Då IT industrin har växt sig allt större, så är det rimligt att tech jättar inför mikrotjänstarkitekturen för att kunna utnyttja dessa fördelar. Nya mjukvarulösningar medför säkerhetsproblem, speciellt då tekniken är helt ny och inte har kartlagts ordentligt. Autentisering och auktorisering utgör grunden för applikationer som har ett flertal användare. Då mikrotjänster ej hunnit blivit utförligt täckt av undersökning, på grund av sin relativt unga ålder, så finns det ej några standardiserade designmönster för hur autentisering och auktorisering är implementerade till bästa effekt i en mikrotjänst. Detta examensarbete undersöker en existerande mikrotjänst för att säkra den genom att applicera vad som är känt som ett säkerhetsdesignmönster för autentisering och auktorisering. Olika sådana mönster testades och jämfördes baserat på prestanda i olika bakgrunder. De varierade nivåerna av säkerhet från de olika angreppssätten som säkerhetsmönstrena erbjöd användes för att identifiera en acceptabel kompromiss mellan säkerhet mot prestanda. Målet är att i slutändan så kommer detta att ge mönstren en högre giltighet när det kommer till att bli accepterade som säkerhetsdesignmönster inom området av mikrotjänstsäkerhet. Ett annat mål var att hitta den bästa kandidaten bland dessa säkerhetsmönster för den givna mikrotjänsten som användes i projektet. Resultaten visade på en korrelation mellan ökad säkerhet och längre responstider. För generella fall rekommenderas det säkerhetsmönster som implementerade intern autentisering och auktorisering men med en viss del tillit mellan tjänster. Om horisontell skalning användes visade resultaten att de normala tjänsterna var de bästa valet att lägga dessa resurser på. Fortsättningsvis visade resultaten även att för ett lägre antal användare så var den negativa effekten på prestandan nästan likvärdig mellan de olika mönstren. Detta innebar att det specifika fallet då mikrotjänster ser en lägre mängd trafik så är det rekommenderade säkerhetsmönstret det som implementerad flest åtkomstkontroller. I fallet för den miljö där undersökningen tog plats förekom det en lägre mängd trafik och därför rekommenderades det säkerhetsmönster som säkrade alla tjänster närvarande i mikrotjänsten.
APA, Harvard, Vancouver, ISO, and other styles
3

Hedberg, David. "Autentisiering av användare i datoriserade miljöer hos SMF - biometri kontra tokens : En jämförelse av två sätt att implementera autentisering av användare." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-18816.

Full text
Abstract:
Allt eftersom mer och mer information sparas på datorer så ökar även trycket på att denna information sparas säkert, och att endast behöriga personer kommer åt den.Syftet med arbetet var att se vilka skillnader som finns mellan biometri och tokens, och vilka skillnader som små till medelstora företag borde ta i beaktande när de väljer en autentiseringsmetod. Det förväntade resultatet var då en beskrivning, i form av ett ramverk, över vilka för- och nackdelar som finns med de två metoderna, och således vilken metod som ett enskilt företag som använder ramverket borde använda sig utav.Arbetet genomfördes via en litteraturstudie, i vilket tre databaser användes för att samla information. IEEEXplore, ACM Digital Library, och ScienceDirect var de tre databaser som användes för arbetet. I dessa identifierades ett antal artiklar, som delades upp i kodade kategorier utefter innehåll. Detta i syfte att utföra en tematisk kodad analys.Totalt identifierades 28 artiklar i de olika databaserna. I dessa artiklar identifierades kostnad, säkerhet, integritet, och användarvänlighet som några av de mesta omtalade ämnena. 7 utav de 28 artiklarna pratade om kostnad, 20 av artiklarna nämnde säkerhet, 5 nämnde integritet, och 9 pratade om användarvänlighet. Det fanns även ett antal mindre teman i tvåfaktorsautentisering, skalbarhet, typer av biometri, typer av tokens, och framtida teknologi inom biometri.Efter genomförd analys formulerades ett ramverk i vilket ett smått till medelstort företag kan se vilken metod av autentisering som passar deras företag bäst.
As technology evolves, corporations and enterprises are forced to evolve alongside it. Storing company information and data on servers and computers have become common practice.Initially, the goal with the work presented was to compare biometric authentication and token authentication in relation so SMEs. In the current landscape there is no comprehensive study in these two methods of authentication in relation to SMEs. A framework was developed for system administrators to use when choosing one of these methods of authentication. The framework is a summarization of the works analytical part.A literature study was conducted to reach the goal. Three databases were used as sources of information. These three were namely IEEEXplore, ACM Digital Library, and ScienceDirect. From these sources, literature was identified on which the study was then based. Thematic coding was used to analyze the collected data.After the process of collecting and including/excluding was complete, a total of 28 articles remained. From these articles a total of 10 themes were identified from the thematic coding. These themes were cost, integrity, usability, security pros, security cons, two-factor authentication, scalability, biometric types, token types, and future biometric technology. Four of these were more prevalent, namely cost, integrity, usability, and security.After the analysis was finished the themes that emerged as important were integrity and usability. Because of this, the framework is heavily influenced by these themes and they are particularly important for system administrators to consider.
APA, Harvard, Vancouver, ISO, and other styles
4

Minello, Giacomo. "Metodologie per la realizzazione di una Security Token Offering." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2019. http://amslaurea.unibo.it/19133/.

Full text
Abstract:
Le Security Token Offerings, abbreviate in STOs, sono un fenomeno recente che si è diffuso a partire dalla seconda metà del 2017 mantenendo inizialmente la connotazione di Initial Coin Offerings (ICOs), per poi prestare maggiore attenzione alla regolamentazione e differenziarsi in token sales in cui il token è uno strumento finanziario regolamentato. Come si avrà modo di osservare, questo cambio di paradigma è ciò che contraddistingue le STOs. Nel 2017 le ICOs hanno raggiunto un picco di popolarità per poi la maggior parte fallire in meno di un anno, facendo capire agli investitori che le ICOs sono state una bolla speculativa. Nonostante ciò, la validità del modello di raccolta di capitale tramite la vendita di token basati su tecnologia Blockchain non è stata messa in discussione. Proprio per questo sono nate le STOs, delle token sales in cui il token è uno strumento finanziario, che offre tutela agli investitori. Lo scopo di questo lavoro di tesi è stato approfondire la comprensione di questo fenomeno in particolare analizzandone le motivazioni, le caratteristiche e le metodologie con le quali queste STOs vengono realizzate.
APA, Harvard, Vancouver, ISO, and other styles
5

Mao, Tingting. "Scheduling services and security ticket token services in iLab interactive services." Thesis, Massachusetts Institute of Technology, 2007. http://hdl.handle.net/1721.1/42223.

Full text
Abstract:
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Civil and Environmental Engineering, 2007.
Includes bibliographical references (leaves 65-66).
The iLab architecture allows students to execute laboratory experiments remotely through internet. It supports three different kinds of experiments: batched, interactive and sensor-based. The iLab Interactive Experiments architecture includes the following servers and services: the Interactive Service Broker (ISB), the Experiment Storage Service (ESS) and the Lab Server (LS). In addition, students execute interactive experiments by running a Lab Client (LC). In order to support interactive experiments which require scheduled access, the iLab interactive architecture envisions scheduling servers and services which enable students from different campuses to reserve time periods to execute experiments. Since the user side and lab side require different scheduling functionalities, a user-side scheduling server (USS) and a lab-side scheduling server (LSS) are introduced in the iLab Interactive Services to manage reservations. In the first part of this thesis, the philosophy of the scheduling services design and the implementation will be illustrated in detail. In dealing the security issues in the iLab interactive architecture, the complexity of the higher level authentication between iLab processes increases when one considers collaboration between domains. In second part of this thesis, I present a Security Token Service (STS) scheme for using WS-Security to optimize the cross-domain authentication in the iLab interactive architecture. The scheme uses the brokered authentication with a security token issued by the STS. The STS is trusted by the web applications and web services in the iLab interactive architecture to provide interoperable security tokens. A security token is used to convey the credential information and the proof of a relationship with the broker, which can be used by the service to verify the token. A comparison between the STS scheme and the current General Ticket scheme is summarized.
by Tingting Mao.
S.M.
APA, Harvard, Vancouver, ISO, and other styles
6

Wenhua, Qi, Zhang Qishan, and Liu Hailong. "RESEARCH OF SECURITY HARDWARE IN PKI SYSTEM." International Foundation for Telemetering, 2003. http://hdl.handle.net/10150/606688.

Full text
Abstract:
International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada
Security hardware based on asymmetric algorithm is the key component of Public Key Infrastructure (PKI), which decides the safety and performance of system. Security device in server or client have some common functions. We designed the client token and cryptographic server to improve the performance of PKI, and got obvious effect.
APA, Harvard, Vancouver, ISO, and other styles
7

Cheong, Chi Po. "Participant Domain Name Token Profile for security enhancements supporting service oriented architecture." Thesis, University of Sussex, 2014. http://sro.sussex.ac.uk/id/eprint/49364/.

Full text
Abstract:
This research proposes a new secure token profile for improving the existing Web Services security standards. It provides a new authentication mechanism. This additional level of security is important for the Service-Oriented Architecture (SOA), which is an architectural style that uses a set of principles and design rules to shape interacting applications and maintain interoperability. Currently, the market push is towards SOA, which provides several advantages, for instance: integration with heterogeneous systems, services reuse, standardization of data exchange, etc. Web Services is one of the technologies to implement SOA and it can be implemented using Simple Object Access Protocol (SOAP). A SOAP-based Web Service relies on XML for its message format and common application layer protocols for message negotiation and transmission. However, it is a security challenge when a message is transmitted over the network, especially on the Internet. The Organization for Advancement of Structured Information Standards (OASIS) announced a set of Web Services Security standards that focus on two major areas. “Who” can use the Web Service and “What” are the permissions. However, the location or domain of the message sender is not authenticated. Therefore, a new secure token profile called: Participant Domain Name Token Profile (PDNT) is created to tackle this issue. The PDNT provides a new security feature, which the existing token profiles do not address. Location-based authentication is achieved if adopting the PDNT when using Web Services. In the performance evaluation, PDNT is demonstrated to be significantly faster than other secure token profiles. The processing overhead of using the PDNT with other secure token profiles is very small given the additional security provided. Therefore all the participants can acquire the benefits of increased security and performance at low cost.
APA, Harvard, Vancouver, ISO, and other styles
8

Vieira, Gustavo Yamasaki Martins. "Projeto de um dispositivo de autenticação e assinatura." Universidade de São Paulo, 2007. http://www.teses.usp.br/teses/disponiveis/3/3141/tde-14012008-162619/.

Full text
Abstract:
Atualmente o uso de senhas, método comum para efetuar autenticação em páginas da internet, mostra-se uma alternativa com problemas de segurança devido ao aumento de ataques baseados em spyware e phishing. O objetivo desses ataques é obter a senha do usuário, isto é, sua identidade digital sem que o usuário perceba o ocorrido. Para conter esse tipo de ataque, instituições financeiras começaram a adotar a autenticação forte, técnica que emprega o uso simultâneo de múltiplos autenticadores. A combinação das vantagens dos diferentes autenticadores resulta em uma atenuação mútua de suas vulnerabilidades e, em conseqüência, um método mais seguro de verificação de identidade. Esse trabalho apresenta o projeto e a implementação de um dispositivo de autenticação, permitindo combinar o uso de senhas e autenticadores baseados em objeto. As principais características do dispositivo são o seu custo reduzido e o uso de algoritmos criptográficos com código aberto. Algoritmos de código aberto possuem a sua segurança averiguada de forma ampla e independente, característica que dá maior confiabilidade ao sistema, permitindo a qualquer pessoa avaliar o código executado pelo dispositivo.
Currently, password-based authentication is the most widespread identity verification method for web pages access. However it presents security issues due to the growth of attacks based on spywares and phishing. The main purpose of both techniques is the digital identity theft, that is, stealing users\' passwords in an unnoticed way. In order to counter this type of attack, many financial institutions have adopted strong authentication, a technique that employs a simultaneous use of different authentication factors. By synergistically combining the advantages of distinct factors, such arrangement results in the mutual mitigation of the vulnerabilities of each one, yielding an architecturally safer identity verification method. This work presents the design and implementation of an authentication device, which combines passwordbased and object-based authenticators. Its main distinguishing features are the reduced cost and the use of open sourced cryptographic algorithms. Open source algorithms have their security widely and independently verified, a characteristic that helps increase the system\'s reliability, since third parties may check the source code running on the device.
APA, Harvard, Vancouver, ISO, and other styles
9

Venne, Jacob. "Tradeoffs in Protocol Designs for Collaborative Authentication." Scholar Commons, 2017. http://scholarcommons.usf.edu/etd/6633.

Full text
Abstract:
Authentication is a crucial tool used in access control mechanisms to verify a user’s identity. Collaborative Authentication (co-authentication) is a newly proposed authentication scheme designed to improve on traditional token authentication. Co-authentication works by using multiple user devices as tokens to collaborate in a challenge and authenticate a user request on single device. This thesis adds two contributions to the co-authentication project. First, a detailed survey of applications that are suitable for adopting co-authentication is presented. Second, an analysis of tradeoffs between varying protocol designs of co-authentication is performed to determine whether, and how, any designs are superior to other designs.
APA, Harvard, Vancouver, ISO, and other styles
10

Au, Wai Ki Richard. "Agent-based one-shot authorisation scheme in a commercial extranet environment." Queensland University of Technology, 2005. http://eprints.qut.edu.au/16708/.

Full text
Abstract:
The enormous growth of the Internet and the World Wide Web has provided the opportunity for an enterprise to extend its boundaries in the global business environment. While commercial functions can be shared among a variety of strategic allies - including business partners and customers, extranets appear to be the cost-effective solution to providing global connectivity for different user groups. Because extranets allow third-party users into corporate networks, they need to be extremely secure and external access needs to be highly controllable. Access control and authorisation mechanisms must be in place to regulate user access to information/resources in a manner that is consistent with the current set of policies and practices both at intra-organisational and cross-organisational levels. In the business-to-customer (B2C) e-commerce setting, a service provider faces a wide spectrum of new customers, who may not have pre-existing relationships established. Thus the authorisation problem is particularly complex. In this thesis, a new authorisation scheme is proposed to facilitate the service provider to establish trust with potential customers, grant access privileges to legitimate users and enforce access control in a diversified commercial environment. Four modules with a number of innovative components and mechanisms suitable for distributed authorisation on extranets are developed: * One-shot Authorisation Module - One-shot authorisation token is designed as a flexible and secure credential for access control enforcement in client/server systems; * Token-Based Trust Establishment Module - Trust token is proposed for server-centric trust establishment in virtual enterprise environment. * User-Centric Anonymous Authorisation Module - One-task authorisation key and anonymous attribute certificate are developed for anonymous authorisation in a multi-organisational setting; * Agent-Based Privilege Negotiation Module - Privilege negotiation agents are proposed to provide dynamic authorisation services with secure client agent environment for hosting these agents on user's platform
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Security tokens"

1

Smart cards, tokens, security and applications. New York: Springer, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Mayes, Keith, and Konstantinos Markantonakis, eds. Smart Cards, Tokens, Security and Applications. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-50500-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Mayes, Keith E., and Konstantinos Markantonakis. Smart Cards, Tokens, Security and Applications. Boston, MA: Springer US, 2008. http://dx.doi.org/10.1007/978-0-387-72198-9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Turner, Sean H. Implementing email security and tokens: Current standards, tools, and practices. Indianapolis, IN: Wiley, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Kenkyūjo, Nihon Kokusai Mondai. Asia (tokuni Minami Shinakai, Indoyō) ni okeru anzen hoshō chitsujo. [Tōkyō-to Chiyoda-ku]: Nihon Kokusai Mondai Kenkyūjo, 2013.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Institute Of Electrical and Electronics Engineers. IEEE standards for local and metropolitan area networks: Supplement to token-passing bus access methods and physical layer specifications -- enhancements for physical layer diversity (redundant media control unit). New York, NY: Institute of Electrical and Electronics Engineers, 1992.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Rupo Kyōto Chōsen Gakkō Shūgeki Jiken: "heito kuraimu" ni kōshite. Tōkyō: Iwanami Shoten, 2014.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Implementing Email and Security Tokens. New York: John Wiley & Sons, Ltd., 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Mayes, Keith, and Konstantinos Markantonakis. Smart Cards, Tokens, Security and Applications. Springer, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Mayes, Keith, and Konstantinos Markantonakis. Smart Cards, Tokens, Security and Applications. Springer, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Security tokens"

1

Lakshmiraghavan, Badrinarayanan. "Web Tokens." In Pro ASP.NET Web API Security, 191–225. Berkeley, CA: Apress, 2013. http://dx.doi.org/10.1007/978-1-4302-5783-7_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Ivanov, Nikolay, Hanqing Guo, and Qiben Yan. "Rectifying Administrated ERC20 Tokens." In Information and Communications Security, 22–37. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-86890-1_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Tunstall, Michael. "Smart Card Security." In Smart Cards, Tokens, Security and Applications, 195–228. Boston, MA: Springer US, 2008. http://dx.doi.org/10.1007/978-0-387-72198-9_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Tunstall, Michael. "Smart Card Security." In Smart Cards, Tokens, Security and Applications, 217–51. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-50500-8_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Vuillaume, Camille, Katsuyuki Okeya, Erik Dahmen, and Johannes Buchmann. "Public Key Authentication with Memory Tokens." In Information Security Applications, 84–98. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-00306-6_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Tomlinson, Allan. "Security For Video Broadcasting." In Smart Cards, Tokens, Security and Applications, 139–54. Boston, MA: Springer US, 2008. http://dx.doi.org/10.1007/978-0-387-72198-9_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Tomlinson, Allan, and Sheila Cobourne. "Security for Video Broadcasting." In Smart Cards, Tokens, Security and Applications, 155–71. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-50500-8_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Schlegel, Roman, and Serge Vaudenay. "Enforcing Email Addresses Privacy Using Tokens." In Information Security and Cryptology, 91–100. Berlin, Heidelberg: Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11599548_8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Mayes, Keith, and Tim Evans. "Smart Cards and Security for Mobile Communications." In Smart Cards, Tokens, Security and Applications, 93–128. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-50500-8_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Kwon, Taekyoung. "Virtual Software Tokens - A Practical Way to Secure PKI Roaming." In Infrastructure Security, 288–302. Berlin, Heidelberg: Springer Berlin Heidelberg, 2002. http://dx.doi.org/10.1007/3-540-45831-x_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Security tokens"

1

Carmichael, Peter, Charles Morisset, and Thomas Groß. "Influence tokens." In STAST '16: Socio-Technical Aspects in Security and Trust. New York, NY, USA: ACM, 2016. http://dx.doi.org/10.1145/3046055.3046061.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Mogire, Nancy. "Tokens of interaction." In HotSoS '20: Hot Topics in the Science of Security. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3384217.3384226.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Bartoletti, Massimo, Stefano Lande, and Roberto Zunino. "Computationally sound Bitcoin tokens." In 2021 IEEE 34th Computer Security Foundations Symposium (CSF). IEEE, 2021. http://dx.doi.org/10.1109/csf51468.2021.00022.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Dauterman, Emma, Henry Corrigan-Gibbs, David Mazieres, Dan Boneh, and Dominic Rizzo. "True2F: Backdoor-Resistant Authentication Tokens." In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 2019. http://dx.doi.org/10.1109/sp.2019.00048.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Bortolozzo, Matteo, Matteo Centenaro, Riccardo Focardi, and Graham Steel. "Attacking and fixing PKCS#11 security tokens." In the 17th ACM conference. New York, New York, USA: ACM Press, 2010. http://dx.doi.org/10.1145/1866307.1866337.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Angelo, Monika di, and Gernot Salzer. "Towards the Identification of Security Tokens on Ethereum." In 2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS). IEEE, 2021. http://dx.doi.org/10.1109/ntms49979.2021.9432663.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Fotiou, Nikos, Iakovos Pittaras, Vasilios A. Siris, Spyros Voulgaris, and George C. Polyzos. "OAuth 2.0 Authorization using Blockchain-based Tokens." In Workshop on Decentralized IoT Systems and Security. Reston, VA: Internet Society, 2020. http://dx.doi.org/10.14722/diss.2020.23002.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Bhuvani, R., D. Priyanka, S. Rajeshwari, and P. Kausalyadevi. "Life saving alert for wearing helmets using security tokens." In 2014 International Conference on Smart Structures and Systems (ICSSS). IEEE, 2014. http://dx.doi.org/10.1109/icsss.2014.7006178.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Payne, Jeunese, Graeme Jenkinson, Frank Stajano, M. Angela Sasse, and Max Spencer. "Responsibility and Tangible Security: Towards a Theory of User Acceptance of Security Tokens." In Workshop on Usable Security. Reston, VA: Internet Society, 2016. http://dx.doi.org/10.14722/usec.2016.23003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Marforio, Claudio, Nikolaos Karapanos, Claudio Soriente, Kari Kostiainen, and Srdjan Čapkun. "Smartphones as Practical and Secure Location Verification Tokens for Payments." In Network and Distributed System Security Symposium. Reston, VA: Internet Society, 2014. http://dx.doi.org/10.14722/ndss.2014.23165.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Security tokens"

1

Jones, M., W. Denniss, and M. Ansari. Security Event Token (SET). Edited by P. Hunt. RFC Editor, July 2018. http://dx.doi.org/10.17487/rfc8417.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Scurtescu, M., M. Ansari, and A. Nadalin. Push-Based Security Event Token (SET) Delivery Using HTTP. Edited by A. Backman and M. Jones. RFC Editor, November 2020. http://dx.doi.org/10.17487/rfc8935.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Scurtescu, M., M. Ansari, and A. Nadalin. Poll-Based Security Event Token (SET) Delivery Using HTTP. Edited by A. Backman and M. Jones. RFC Editor, November 2020. http://dx.doi.org/10.17487/rfc8936.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Nystroem, M., and D. Balfanz. Transport Layer Security (TLS) Extension for Token Binding Protocol Negotiation. Edited by A. Popov. RFC Editor, October 2018. http://dx.doi.org/10.17487/rfc8472.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Josefsson, S., and L. Hornquist. Context Token Encapsulate/Decapsulate and OID Comparison Functions for the Generic Security Service Application Program Interface (GSS-API). RFC Editor, August 2011. http://dx.doi.org/10.17487/rfc6339.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Group Security Policy Token v1. RFC Editor, June 2006. http://dx.doi.org/10.17487/rfc4534.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Security tokens' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography