Authorization Research Papers - Academia.edu (original) (raw)

• Top Papers

• Most Cited Papers

• Most Downloaded Papers

• Newest Papers

• People

• • by
  • •
  • Computational Modeling, Resource Management, Authorization
• • by Gabriel Lopez
  • •
  • Information Systems, Distributed Computing, Authentication, Identity management

Internet of Things (IoT) has a huge attention recently due to its new emergence, benefits, and contribution to improving the quality of human lives. Securing IoT poses an open area of research, as it is the base of allowing people to use... more

Internet of Things (IoT) has a huge attention recently due to its new emergence, benefits, and contribution to improving the quality of human lives. Securing IoT poses an open area of research, as it is the base of allowing people to use the technology and embrace this development in their daily activities. Authentication is one of the influencing security element of Information Assurance (IA), which includes confidentiality, integrity, and availability, non repudiation, and authentication. Therefore, there is a need to enhance security in the current authentication mechanisms. In this report, some of the authentication mechanisms proposed in recent years have been presented and reviewed. Specifically, the study focuses on enhancement of security in CoAP protocol due to its relevance to the characteristics of IoT devices and its need to enhance its security by using the symmetric key with biometric features in the authentication. This study will help in providing secure authentication technology for IoT data, device, and users.

• • by Computer Science & Information Technology (CS & IT) Computer Science Conference Proceedings (CSCP)
  • •
  • Wireless Sensor Networks, Biometrics, Anonymity, Authentication

A secure, scalable, fine grained and flexible access control is extremely important for the digital society. The approaches used until now (RBAC, Groups in an LDAP Directory, XACML) alone may not be able to deliver to this challenge.... more

A secure, scalable, fine grained and flexible access control is extremely important for the digital society. The approaches used until now (RBAC, Groups in an LDAP Directory, XACML) alone may not be able to deliver to this challenge. Building from past experiences in the Industry, we propose an Access Management Framework where the central role is played by a token containing all the information needed to implement fine grained access control. This Authorization Token should be signed by the approver and sent inside a "claim" to the application at session time. The application, after checking the validity of the token will control access to the desired resource. In this way we can achieve fine granular access control, scalability and independence from network topologies.

• • by Giovanni Baruzzi
  • •
  • Access Control, Role-Based Access Control, Authorization, Role Based Access Control
• • by Rajni Yadav
  • •
  • Distributed Computing, Computer Networks, Security, Computer Security
• • by Nazim Madhavji
  • •
  • Business, Aerospace Engineering, Computer Networks, Contract

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is... more

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is an open standard for authorization and gives a process for third-party applications to obtain users' resources on the resource servers without sharing their login credentials. Single sign-on (SSO) is an identification method that makes allowance for websites to use other, rely on sites to confirm users. OAuth 2.0 is broadly used in Single Sign-On (SSO) service because of its simple implementation and coherence with a diversity of the third-party applications. It has been proved secure in different formal methods, but some vulnerabilities are revealed in practice. In this paper, we mention a general approach to improve the security of OAuth based SSO service for packaged web app. This paper proposes a modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.

• • by Hasan Imam Sohag
  • •
  • Computer Science, Authentication, SSO, Single Sign On

Unifying the idea of allowing third party to let the user sign in after authentication we have developed an Open Authentication system in C# over .Net framework. Book is giving a brief description of each phase of system development. It... more

Unifying the idea of allowing third party to let the user sign in after authentication we have developed an Open Authentication system in C# over .Net framework. Book is giving a brief description of each phase of system development. It also elongates the core concept of data retrieval from database for every user. Author has reduced the cost of accessing database by implementing the authentication in web.config file. It reduces the cost of accessing database again and again. Authentication has been done for the users, where credentials will be matched with database. Here authentication is performed with web.config file. Authentication is followed by authorization. Authorized users are the category of users those have full access of the system while only authenticated users are those have partial access of a portion of the system. ‘Optimized C# Open Authentication System in .Net’ also gives brief guidelines for how to develop a Registration Form, Login Form and Password Reset Form along with handling all possible exceptions and error proactively. Code related to the developments is given in the appendix section of the book.

• • by Shubham Dubey
  • •
  • C Sharp Programming, Authorization, Dot Net Developer, Open System Authentication
• • by Domenico Rotondi
  • •
  • Internet of Things, Authorization
• • by Pushpendra Bhandari
  • •
  • Access Control, Distributed System, Language Policy, Policy Management
• • by osama faragallah
  • •
  • Computer Science, Network Security, Access Control, Computer Network

The increasing advantages of automated systems now are at the highest position as a result many manual processes are automated. Since the automated system is in demand nowadays, educational infrastructures like colleges are making their... more

The increasing advantages of automated systems now are at the highest position as a result many manual processes are automated. Since the automated system is in demand nowadays, educational infrastructures like colleges are making their manual or semi-automated system to function completely on a computer. One such system that concerns a college is the placement system's automation. The project aims at developing a web application for the placement cell. Placement Management System provides two distinct modules for students and placement officers. It enables students to register online and upload their academic and personal details. They will have their portals to update information as necessary and can view recent and upcoming job postings on their dashboard. Whereas, the Placement Officers will be able to utilize it to manage the student data as well as the hiring company's data concerning the available jobs. The benefits of the system will be to provide enhanced facilities and assemble all the placement related tasks carried out on various platforms to a single application. This will give both the location officer and students an accurate channel and reduces repetitious work that has got to be administered. Additionally, email alerts can be provided to students in case if any new activity takes place which ensures that no important announcement is missed.

• • by IJRASET Publication
  • •
  • Public Administration, Management Control Systems, File Systems, Automation

— The smart grid, as the next generation of the power grid, is characterized by employing many different types of intelligent devices, such as intelligent electronic devices located at substations, smart meters positioned in the home area... more

— The smart grid, as the next generation of the power grid, is characterized by employing many different types of intelligent devices, such as intelligent electronic devices located at substations, smart meters positioned in the home area network, and outdoor field equipment deployed in the fields. In addition, there are various users in the smart grid network, including customers, operators, maintenance personnel, and so on, who use these devices for various purposes. Therefore, a secure and efficient mutual authentication and authorization scheme is needed in the smart grid to prevent various insider and outsider attacks on many different devices. In this paper, we propose an authentication and authorization scheme for mitigating outsider and insider threats in the smart grid by verifying the user authorization and performing the user authentication together whenever a user accesses the devices. The proposed scheme computes each user role dynamically using an attribute-based access control and verifies the identity of the user together with the device. Security and performance analysis show that the proposed scheme resists various insider as well as outsider attacks, and is more efficient in terms of communication and computation costs in comparison with the existing schemes. The correctness of the proposed scheme is also proved using BAN-Logic and Proverif.

• • by Neetesh Saxena
  • •
  • Smart Grid, Authentication, Hashing, Authorization

2 nd International Conference on Cloud Computing, Security and Blockchain (CLSB 2021) will act as a major forum for the presentation of innovative ideas, approaches, developments, and research projects in the areas of Cloud computing,... more

2
nd International Conference on Cloud Computing, Security and Blockchain (CLSB 2021) will
act as a major forum for the presentation of innovative ideas, approaches, developments, and research
projects in the areas of Cloud computing, Security and Blockchain. It will also serve to facilitate the
exchange of information between researchers and industry professionals to discuss the latest issues
and advancement in the area of Cloud Computing, Security and Blockchain.

• • by International Journal of Software Engineering & Applications (IJSEA)-ERA Indexed
  • •
  • Algorithms, Grid Computing, Social Networks, Information Security
• • by Fa'Chris Ar'Syah
  • •
  • Database Systems, Events, Databases, Translation
• • by Edu Andreu
  • •
  • Computer Security And Reliability, Auditing, Computer Security, Cisco Security

Mobile applications are too handy and easy to use. They are used as an option to the traditional process. Applications developed have users which through proper authentication can access the system. Teacher and students both have their... more

Mobile applications are too handy and easy to use. They are used as an option to the traditional process. Applications developed have users which through proper authentication can access the system. Teacher and students both have their own apps and have username and password to log in and so anyone cannot log in. Students can view all the details like attendance percentage, defaulter list, and internal marks, practical submitted using this app interface. Teachers can take attendance, enter marks, keep track of each student who has submitted the practical, and generate automatic defaulter and critical defaulter list. The project also adds mobility and automation of the information.

• • by Ijariit Journal
  • •
  • Computer Science, Information Technology, Computer Engineering, Interaction

With the simplicity of transmission of data over the web increasing, there has more prominent need for adequate security mechanisms. Trust management is essential to the security framework of any network. In most traditional networks both... more

With the simplicity of transmission of data over the web increasing, there has more prominent need for adequate security mechanisms. Trust management is essential to the security framework of any network. In most traditional networks both wired and wireless centralized entities play pivotal roles in trust management. The International Journal of Security, Privacy and Trust Management ( IJSPTM ) is an open access peer reviewed journal that provides a platform for exchanging ideas in new emerging trends that needs more focus and exposure and will attempt to publish proposals that strengthen our goals.

• • by International Journal of Security, Privacy and Trust Management (IJSPTM)
  • •
  • Information Security, Privacy, Trust, Network Security
• • by Simon Fong
  • •
  • Computer Architecture, Digital Signature, Web Services, Smart Cards

The field of Biometrics is an ever-expanding research area formed of different perceptions and theories from identity to verification. This can be fascinating with numerous aspects usually leading to authentication and security. Biometric... more

The field of Biometrics is an ever-expanding research area formed of different perceptions and theories from identity to verification. This can be fascinating with numerous aspects usually leading to authentication and security. Biometric identification involves capturing a physical element of an individual, which can be later used for verification by running multiple checks against stored data. It uses different methods to pattern match an individual and has always proven difficult to replicate. This is because each individual has a unique set of characteristics and no matching traits even in the case of identical twins. This research report presents an overview of various authorization and authentication techniques currently making use of biometrics technology. Moreover, a brief overview of biometric history is discussed to give an insight where it all began and how the use of technology has advanced its development. There is a variety of biometric authentication technologies used in today’s society, which are explored. One aspect to consider when deliberating about the use of biometric systems and how each application method has evolved is; at what point does the matter of security become an invasion of privacy?

• • by Brian Ricky
  • •
  • Biometrics, Authentication (RFID), Biometrics And Identity, Identity and Identification

It may seem intuitive to clinicians like myself, but prior authorization (PA), in its current state, signifi-cantly affects clinical decision making. If used as originally intended, PA can have a positive effect, including maximizing... more

It may seem intuitive to clinicians like myself, but prior authorization (PA), in its current state, signifi-cantly affects clinical decision making. If used as originally intended, PA can have a positive effect, including maximizing therapeutic value, ensuring safe prescribing, and containing costs [1]. PA can, for instance, steer a provider to a less expensive but equally effective medication or alert them to a signi-ficant contraindication. Both scenarios benefit the patient by improving their likelihood of treatment adherence and improved health. However, prior authorization requirements can also have a detrimen-tal effect on clinical decisions and patient health [2].
A 2021 NIH-funded nationwide survey of over 1100 providers revealed several ways prior authorization can negatively impact clinical decision. The findings of this survey will be submitted for publication this year.

• • by Fortune Journals
  • •
  • Authorization

In the current scenario, there are problems during travelling like too heavy to drive the luggage, chances of missing and unauthorized accessing and charging mobile or laptop .So, the self-driving luggage helps their owner during... more

In the current scenario, there are problems during travelling like too heavy to drive the luggage, chances of missing and unauthorized accessing and charging mobile or laptop .So, the self-driving luggage helps their owner during travelling or help to overcome from the problems during travelling such solutions are the luggage follow their owner, tracking system, digital locking system and charging port in the luggage.

• • by IJRASET Publication
  • •
  • Vehicle Tracking Systems, Authorization

Due to crucial requirements of electrical power and noticeably increasing amount of the electronic devices day after day, this paper discusses the application of charging portable devices (e.g. cell phones, microbots and laptops) using... more

Due to crucial requirements of electrical power and noticeably increasing amount of the electronic devices day after day, this paper discusses the application of charging portable devices (e.g. cell phones, microbots and laptops) using wireless power transfer concept. The paper navigates through different techniques that are used to transfer power wirelessly and comes up with the suitable one for this application. In order to be more applicable and handy for users and to improve the transmitted power and the distance of transmission, some modifications are suggested on the chosen technique. The paper took into consideration the mobility of the devices to be charged. The other contribution of this paper is adding a control-ability for delivering power to specific devices rather that others using authentication technique.

• • by Mohammed Elbtity
  • •
  • Control Systems Engineering, DNP, Wireless Power Transmission, wireless power transmission using RF

In this note we will explore ways to secure APIs after explosion of internet and the large amount of sensitive data and applications exist in the web today, we focus on OAuth 2.0, that is a modern standard protocol based on delegated... more

In this note we will explore ways to secure APIs after explosion of internet and the large amount of sensitive data and applications exist in the web today, we focus on OAuth 2.0, that is a modern standard protocol based on delegated authorizations, highlighting its mechanism, features, the different methods of authorizations and when and how to use them. We built an API server with OAuth integrated in, and a client application that demonstrate the most common authorization grant type, in order to simulate the data consuming case and how it affects by OAuth.

• • by Atallah Khedrane
  • •
  • Information Security, Web Design, Security, API Design
• • by Eleanna Kafeza
  • •
  • Law, Intelligent Agent, Legislation, Conceptual Model
• • by Raghav AV
  • •
  • Information Systems, Computer Science, Translation, SAP
• • by Edgar Straehle
  • •
  • Roman History, Legitimacy and Authority, Education, Violence
• • by Muhammad Alam
  • •
  • Service Oriented Architecture, XML, Web Services, Network Availability and Reliability
• • by Mustafa Khalaf
  • •
  • Mobile Ad Hoc Networks, Biometrics, Wireless networks, Routing protocols
• • by Ali E. Abdallah
  • •
  • Access Control, Formal Specification, Formal method, Authorisation
• • by Rao Mikkilineni
  • •
  • Business, Computer Architecture, Distributed Computing, Computational Modeling
• • by Salvatore Piccione and +1
  • •
  • Privacy, Internet of Things, Distributed Systems, Delegation
• • by Oscar H Polanco
  • •
  • Accounting, Authentication, Authorization
• • by Giuliano Laccetti
  • •
  • Resource sharing, Computer Security, Distributed System, Authentication
• • by Yash Sharma
  • •
  • Social Networking, Modeling Language, Protocols, Formal Verification
• • by Larry Gong
  • •
  • Access Control, Authentication, Authorisation, Authorization
• • by IOSR Journals
  • •
  • Computer Science, Authentication, Android, GPS

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is... more

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is an open standard for authorization and gives a process for third-party applications to obtain users' resources on the resource servers without sharing their login credentials. Single sign-on (SSO) is an identification method that makes allowance for websites to use other, rely on sites to confirm users. OAuth 2.0 is broadly used in Single Sign-On (SSO) service because of its simple implementation and coherence with a diversity of the third-party applications. It has been proved secure in different formal methods, but some vulnerabilities are revealed in practice. In this paper, we mention a general approach to improve the security of OAuth based SSO service for packaged web app. This paper proposes a modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.

• • by Nazmul Hossain and +1
  • •
  • Authentication, SSO, Authorization, OAuth 2.0 Security
• • by Marcin Paprzycki
  • •
  • Computer Science, Access Control, Watermarking, Cryptography
• • by Paulo Ferreira
  • •
  • Control Systems, Quality of Service, Application development, Authorisation
• • by Antorweep Chakravorty
  • •
  • Authorization
• • by jaswinder bhatia
  • •
  • Law, Regulation, City, Regional

Within the literature, we have witnessed in the healthcare sector, the growing demand for and adoption of software development in the cloud environment to cope with and fulfill current and future demands in healthcare services. In this... more

Within the literature, we have witnessed in the healthcare sector, the growing demand for and adoption of software development in the cloud environment to cope with and fulfill current and future demands in healthcare services. In this paper, we propose a flexible, secure, cost-effective, and privacy-preserved cloud-based framework for the healthcare environment. We propose a secure and efficient framework for the government EHR system, in which fine-grained access control can be afforded based on multi-authority ciphertext-policy attribute-based encryption (CP-ABE), together with a hierarchical structure, to enforce access control policies. The proposed framework will allow decision-makers in Saudi Arabia to develop the healthcare sector and to benefit from the existing e-government cloud computing platform ''Yasser,'' which is responsible for delivering shared services through a highly efficient, reliable, and safe environment. This framework aims to provide health...

• • by Nidal Shilbayeh
  • •
  • Security, Cloud Computing, Authentication, Electronic Health Record

Data storage on personal computers is inherently insecure as authentication and file access control are handled by the host operating system. These security provisions can be bypassed if another operating system is used on the same... more

Data storage on personal computers is inherently insecure as authentication and file access control are handled by the host operating system. These security provisions can be bypassed if another operating system is used on the same personal computer. To address this problem, file encryptors, disk encryptors and file system encryptors were developed, each with its drawbacks. By combining the strengths of file encryptors and file system encryptors, these drawbacks can be overcome. To achieve this, a user space file system library must be used. The file system must also have its own authentication and authorization routines to provide uniform access across multiple operating systems. This paper describes the design and development of such a file system for Linux using the FUSE library and the OpenSSL library. The design for this file system was mathematically modelled and formally verified using Alloy analyser. The file system requires the user to provide user name and password for authentication. Each file is encrypted using a separate key to provide security against cryptanalysis. This key is encrypted using the owner's private key to allow for change of ownership. The password is used to decrypt the user's private key. The developed file system was tested for authentication and access control successfully. The optimal performance of the file system was perceived at file sizes between 1 kilobyte and 256 megabytes. The performance degradation due to encryption was also measured and found to be within usable limits. This stackable file system can be used on all Unix clones that have FUSE and OpenSSL libraries.

• • by Prof. N D Gangadhar
  • •
  • Authentication, Cyber Security, File System, Authorization