Emerging Technologies for Authorization and Authentication: 5th International Workshop, ETAA 2022, Copenhagen, Denmark, September 30, 2022, Revised ... (Lecture Notes in Computer Science, 13782) 9783031254666, 9783031254673, 303125466X
This volume constitutes the refereed proceedings of the 5th International Workshop on Emerging Technologies for Authoriz
120 97 3MB
English Pages 152 [153]
Table of contents :
Preface
Organization
Contents
An Ontology-Based Approach for Setting Security Policies in Smart Homes
1 Introduction
2 Related Work
2.1 End-User Development in the IoT
2.2 Rule Modeling and Analysis
3 The Policy Translation Point System
3.1 Adopted Models and Formalisms
3.2 User Interface
3.3 Implementation
4 Conclusions
References
ClapAuth: A Gesture-Based User-Friendly Authentication Scheme to Access a Secure Infrastructure
1 Introduction
2 Related Work
2.1 Behavioral-Biometric-Based Smartwatch User Authentication
2.2 Biometric-Based Access Control
3 Approach
4 Experimental Validation
4.1 Dataset
4.2 Features
4.3 Feature Fusion
4.4 Classifier Selection
4.5 Feature Selection
4.6 Experimental Settings
4.7 Performance Evaluation
4.8 Experimental Results
5 Discussion
6 Conclusion and Future Work
References
User Authentication on Headset-Like Devices by Bioacoustic Signals
1 Introduction
2 Notations
3 Acronyms
4 Literature Review
5 Proposed Solution
6 Experiments
7 Conclusion
References
The Measurable Environment as Nonintrusive Authentication Factor on the Example of WiFi Beacon Frames
1 Introduction
2 The Measurable Environment (ME)
2.1 Illustration of the ME
2.2 Fingerprinting the ME
2.3 Classifying Fingerprints of MEs
3 Instantiation Using WiFi Beacon Frames
3.1 Dataset
3.2 Feasibility
3.3 Fingerprinting the ME
3.4 Similarity of Fingerprints and Templates
3.5 Determining the Similarity Threshold
3.6 Classifying Fingerprints
4 Performance
4.1 Classification
4.2 Validation
4.3 Results
5 Use Case: Nonintrusive Authentication
5.1 Augmenting Existing Schemes
5.2 Factor Strength
5.3 Adversary Model and Security Analysis
6 Comparison with Related Work
7 Discussion and Future Work
8 Conclusion
References
Protecting FIDO Extensions Against Man-in-the-Middle Attacks
1 Introduction
2 Background
2.1 FIDO Authentication
2.2 COSE
3 Related Work
4 Attacker Model
4.1 Vulnerable Web Intermediaries
4.2 Compromised Client Application
4.3 Malware on the Client Device
4.4 MitM Between Client Device and Authenticator
5 Protocol Design
5.1 Authenticated Encryption
5.2 Key Exchange
5.3 Data Format
5.4 Displaying User Information
6 Security Evaluation
6.1 Key Exchange
6.2 Encrypted Assertion Extensions
7 Implementation
8 Discussion
8.1 Security
8.2 Implementation
8.3 Usability
9 Conclusion and Outlook
References
Authentication, Authorization, and Selective Disclosure for IoT Data Sharing Using Verifiable Credentials and Zero-Knowledge Proofs
1 Introduction
2 Background and Related Work
2.1 Verifiable Credentials
2.2 BBS+ Digital Signatures
2.3 Related Work
3 Architecture
3.1 Data Encoding and Signing
3.2 Authentication and Authorization Request
3.3 Data Access Request
3.4 Data Access Response
4 Implementation and Evaluation
4.1 Security Properties
5 Conclusions
References
Privacy-Preserving Speaker Verification and Speech Recognition
1 Introduction
2 Related Work
3 Reference Scenario
4 Proposed Methodology
4.1 Privacy Mechanisms Enforcement
4.2 Speaker Verification Model
4.3 Speech Recognition Model
4.4 Text to Speech Model
5 Experiments
5.1 Speaker Verification Experiments
5.2 Speech Recognition Experiments
5.3 Results Discussion
6 Conclusion and Future Work
References
An E-Voting System Based on Tornado Cash*-4pt
1 Introduction
2 Background
2.1 Ethereum
2.2 The ERC20 Standard
2.3 Important Voting Properties
2.4 Tornado Cash
3 The E-Voting Model
3.1 Satisfied Properties
3.2 Cost Estimation
4 Related Work
5 Conclusion
References
Linking Contexts from Distinct Data Sources in Zero Trust Federation
1 Introduction
2 Related Research
3 The Method of Linking Context
3.1 Definition of Context Collector(CtxC)
3.2 Linking Context
4 An Example of CtxC and CAP Implementation
5 Concluding Remarks
References
Author Index
Preface
Organization
Contents
An Ontology-Based Approach for Setting Security Policies in Smart Homes
1 Introduction
2 Related Work
2.1 End-User Development in the IoT
2.2 Rule Modeling and Analysis
3 The Policy Translation Point System
3.1 Adopted Models and Formalisms
3.2 User Interface
3.3 Implementation
4 Conclusions
References
ClapAuth: A Gesture-Based User-Friendly Authentication Scheme to Access a Secure Infrastructure
1 Introduction
2 Related Work
2.1 Behavioral-Biometric-Based Smartwatch User Authentication
2.2 Biometric-Based Access Control
3 Approach
4 Experimental Validation
4.1 Dataset
4.2 Features
4.3 Feature Fusion
4.4 Classifier Selection
4.5 Feature Selection
4.6 Experimental Settings
4.7 Performance Evaluation
4.8 Experimental Results
5 Discussion
6 Conclusion and Future Work
References
User Authentication on Headset-Like Devices by Bioacoustic Signals
1 Introduction
2 Notations
3 Acronyms
4 Literature Review
5 Proposed Solution
6 Experiments
7 Conclusion
References
The Measurable Environment as Nonintrusive Authentication Factor on the Example of WiFi Beacon Frames
1 Introduction
2 The Measurable Environment (ME)
2.1 Illustration of the ME
2.2 Fingerprinting the ME
2.3 Classifying Fingerprints of MEs
3 Instantiation Using WiFi Beacon Frames
3.1 Dataset
3.2 Feasibility
3.3 Fingerprinting the ME
3.4 Similarity of Fingerprints and Templates
3.5 Determining the Similarity Threshold
3.6 Classifying Fingerprints
4 Performance
4.1 Classification
4.2 Validation
4.3 Results
5 Use Case: Nonintrusive Authentication
5.1 Augmenting Existing Schemes
5.2 Factor Strength
5.3 Adversary Model and Security Analysis
6 Comparison with Related Work
7 Discussion and Future Work
8 Conclusion
References
Protecting FIDO Extensions Against Man-in-the-Middle Attacks
1 Introduction
2 Background
2.1 FIDO Authentication
2.2 COSE
3 Related Work
4 Attacker Model
4.1 Vulnerable Web Intermediaries
4.2 Compromised Client Application
4.3 Malware on the Client Device
4.4 MitM Between Client Device and Authenticator
5 Protocol Design
5.1 Authenticated Encryption
5.2 Key Exchange
5.3 Data Format
5.4 Displaying User Information
6 Security Evaluation
6.1 Key Exchange
6.2 Encrypted Assertion Extensions
7 Implementation
8 Discussion
8.1 Security
8.2 Implementation
8.3 Usability
9 Conclusion and Outlook
References
Authentication, Authorization, and Selective Disclosure for IoT Data Sharing Using Verifiable Credentials and Zero-Knowledge Proofs
1 Introduction
2 Background and Related Work
2.1 Verifiable Credentials
2.2 BBS+ Digital Signatures
2.3 Related Work
3 Architecture
3.1 Data Encoding and Signing
3.2 Authentication and Authorization Request
3.3 Data Access Request
3.4 Data Access Response
4 Implementation and Evaluation
4.1 Security Properties
5 Conclusions
References
Privacy-Preserving Speaker Verification and Speech Recognition
1 Introduction
2 Related Work
3 Reference Scenario
4 Proposed Methodology
4.1 Privacy Mechanisms Enforcement
4.2 Speaker Verification Model
4.3 Speech Recognition Model
4.4 Text to Speech Model
5 Experiments
5.1 Speaker Verification Experiments
5.2 Speech Recognition Experiments
5.3 Results Discussion
6 Conclusion and Future Work
References
An E-Voting System Based on Tornado Cash*-4pt
1 Introduction
2 Background
2.1 Ethereum
2.2 The ERC20 Standard
2.3 Important Voting Properties
2.4 Tornado Cash
3 The E-Voting Model
3.1 Satisfied Properties
3.2 Cost Estimation
4 Related Work
5 Conclusion
References
Linking Contexts from Distinct Data Sources in Zero Trust Federation
1 Introduction
2 Related Research
3 The Method of Linking Context
3.1 Definition of Context Collector(CtxC)
3.2 Linking Context
4 An Example of CtxC and CAP Implementation
5 Concluding Remarks
References
Author Index
- Author / Uploaded
- Andrea Saracino (editor)
- Paolo Mori (editor)
![Optimization and Applications: 13th International Conference, OPTIMA 2022, Petrovac, Montenegro, September 26–30, 2022, Revised Selected Papers (Lecture Notes in Computer Science) [1st ed. 2022]
3031225422, 9783031225420](https://ebin.pub/img/200x200/optimization-and-applications-13th-international-conference-optima-2022-petrovac-montenegro-september-2630-2022-revised-selected-papers-lecture-notes-in-computer-science-1st-ed-2022-3031225422-9783031225420.jpg)
![Emerging Technologies for Authorization and Authentication: Third International Workshop, ETAA 2020, Guildford, UK, September 18, 2020, Proceedings [1st ed.]
9783030644543, 9783030644550](https://ebin.pub/img/200x200/emerging-technologies-for-authorization-and-authentication-third-international-workshop-etaa-2020-guildford-uk-september-18-2020-proceedings-1st-ed-9783030644543-9783030644550.jpg)
