Development of the web security system using a cryptographic token.

Token-based authentication method or system is used to provide secure user access to server using a token, like smart cards. ... In today's communications, the main challenging facet is Security of LTE systems in terms of various areas such as mutual authentication, key management, forward and backward secrecy, use of efficient ... Security tokens may be in the form of authentication tokens, cryptographic tokens, hardware or software tokens, USB tokens, or key fobs [4] . ...

doi:10.47392/irjash.2020.42 fatcat:3ahlv4rfjrfvzdnac4cr75egvy

Author MIHBA performed the technical analysis, developed the main portion of the web based software. Author MRHM managed the literature searches and wrote the manuscript. ... Author MSA designed the study and led the discussions on the analysis and the implementation of the project. ... The authors would also like to give their sincere thanks to Delwar Hossain, Joydev Kumar Sana and Mir Abu Toraf of the same institute for their contribution in software development. ...

doi:10.9734/jsrr/2017/37178 fatcat:dqzb5hyaxjh5rchgreo4smzsbq

In our agent-based framework, domain-based security servers and authorisation tokens are used to complete the trust links between the client and various Web servers dynamically. ... We propose a novel agent workspace on the client side for hosting Web agents downloaded from different Web servers -the "Secure Client Agent Environment" (SCAE). ... Cryptographic methods are used to provide authentication, confidentiality and integrity in the delivery of tokens and agents between the Web server and the client workstation. ...

doi:10.1007/3-540-45705-4_25 fatcat:gbhd43c7vndszdqo4p5k4cphqy

There is an alternative solution to create a security system from SQL Injection attacks during data communication process, that is by applying the cryptographic algorithm to the name and value parameters ... The implementation of this security process makes the web service load time performance last longer by 31.26% with the file size of the web services being 95%, compared to not using the security process ... After that, the conclusion of the web service performance test results in Figure 9 , namely, the application of data communication security processes using a combination of AES-128 and Token-Base64 makes ...

doi:10.30534/ijatcse/2020/60932020 fatcat:aisqnf3hejdpjh5yzommdbeoei

Security protocols are integral to the protection of cyberspace against malicious attacks. Therefore, it is important to be confident in the security of a security protocol. ... Then, we presented the Security Analysis Scheme (SAS), a security analysis scheme that generates an abstract model of a security protocol server. ... [29] developed the PRE-Bin system to infer binary pieces of security protocols efficiently. ...

doi:10.3390/app8122543 fatcat:4ojrbx4iq5extmv5hlfikbkudq

DOAJ

The work presented in this paper is part of the cooperative project Security for Future Networks (SecFuNet 1 ), which aims to develop a security framework for Cloud Computing. ... A particularly innovative aspect of SecFuNet is related to the global Identity Management (IdM) system. The proposed scheme is important for the security of the entire framework. ... We also thank CAPES for the financial support with PhD scholarship. ...

doi:10.1109/cits.2014.6878954 dblp:conf/cits/Aissaoui-Mehrez14 fatcat:bq762mst7zbqvhkyfz2j3hrgkm

In this paper, we describe the common threats that can be identified when using security tokens such as smart cards in web applications. ... One can expect that within a few years, these smart cards will be used in a wide variety of applications. ... ACKNOWLEDGEMENTS This work reported in this paper was developed as part of the Designing Secure Applications (DeSecA) project, funded by Microsoft. ...

doi:10.1007/0-387-24486-7_14 fatcat:b5yzjefe6fg2xm2qvil7rdquoq

OWASP develop tools and best practices to support developers in the development and operation of secure web applications. ... The main objective of this paper is to create a secure web application that provide security when user is login or while user is logged on. ... The integration of security in the software development life cycle of web application, however, still requires a developer to possess a deep understanding of security vulnerabilities and attacks. ...

doi:10.17148/ijarcce.2014.31165 fatcat:dk34ro6dyjd7bfvvjjv6vcptgy

phones and justify the use of the proposed optimization techniques for implemented cryptographic algorithms. ... In the paper, we focus on possible optimization of cryptographic algorithms implemented in the secure Android mobile client application. ... The user irst sends a RequestSecurityToken message to the STS (Security Token Service) server by using a SAML protocol. A protection is done by using WS Security mechanisms. ...

doi:10.7251/jit1902080dj fatcat:wfex3nio2ndcnm5rwu2oj6ogbm

Open Access

The diversity of today's specifications and the many aspects to be considered, like e.g. privacy, system integrity and distribution in the Web, makes the construction of these architectures a very time-consuming ... We also present a configurable system that supports IAM solutions in Web-service-based applications. ... "The owner of this token, who signs messages with the cryptographic key A, has the identity B!"). In the case of Resource Security Token Services, they contain authorization statements (e.g. ...

doi:10.1007/11531371_29 fatcat:j7ofefuivjfjtbytlmv7x2pcxm

One way to secure data is to use the REst API and Auth Token. ... The authentication and authorization process is usually carried out using Single Sign On (SSO). Authentication and authorization methods are used to secure data in a system. ... The generated token uses a 60-character scramble for the alphabet, then the encryption process is carried out using the sha256 method for cryptographic security. ...

doi:10.30587/innovation.v1i2.1927 fatcat:kabjqvcpwfe77kde4jmiqvlv5q

Protecting sensitive and high-value data within a cloud system necessitates the use of cryptographic techniques and cryptographic keys. ... One of the main obstacles for its adoption is the sensitivity of insecurity and privacy violation. ... CONCLUSION Cloud Computing is one of the emerging and fast development technology, so security is one of the major problem in the development of cloud computing services. ...

doi:10.35940/ijeat.a9995.109119 fatcat:52ltt6teergajiqarr2wthbhhe

Open Access

The system uses Public Key Infrastructure (PKI), challenge/response protocol, mobile proxy servers, and Java cards with crypto capabilities used as a Secure Element. ... The system uses Application Programming Interfaces (APIs) to access Java cards functions and credentials that can be used as add-ons to enhance any mobile application with security features and services ... Sead Muftic for his great motivational counselling that impacted me technically and theoretically for completion of this task. ...

doi:10.25046/aj010505 fatcat:wsmacjmberei3gl45nlmcktg6q

DOAJ

This paper proposes a more accessible solution using a USB cryptographic token that can conceal from users all complexity entailed in access to certificate-based applications, while assuring the required ... This work, in cooperation with the Spanish Federation of Spinal-Cord Injury Victims and the Severely Disabled, includes the development of a portal specially oriented towards people with disabilities to ... Acknowledgment This paper has been developed within the framework of the ASTIC project (Accessibility in Intelligent Telematic Advances in Software Engineering 11 Services for Citizens, Accesibilidad en ...

doi:10.1155/2015/568087 fatcat:4wq3oqinyng7baug3qc5d6sch4

Open Access

The MD5 message-digest algorithm is widely used a cryptographic hash function producing Research Article Abstract Nowadays, the world is moving toward mobilized communities as the development of internet ... Hereby, we also will reveal two application instances of the secure login utility to implement the idea of SSO realized in the enterprise systems. ... Conflicts of interest The authors have no conflicts of interest to declare. ...

doi:10.19101/ijacr.2016.623031 fatcat:fxcb7kyowbctjgqoz4xszcmzgm

Open Access

Security Tools for Internet of Things: A Review

Preserved Fulltext

An Online Examination Management System for Geographically Dispersed Test Centres to Prevent Question Leakage: A Case Study of Bangladesh

Preserved Fulltext

Secure Client Agent Environment (SCAE) for World Wide Web [chapter]

Preserved Fulltext

Implementation of AES-128 and Token-Base64 to Prevent SQL Injection Attacks via HTTP

Preserved Fulltext

A Security Analysis Method for Security Protocol Implementations Based on Message Construction

Preserved Fulltext

Global identity management of virtual machines based on remote secure elements

Preserved Fulltext

Threat Modelling for Security Tokens in Web Applications [chapter]

Preserved Fulltext

Implimentation Appraoch for Secure Web Application by Different Prevention Stratergies IJARCCE - Computer and Communication Engineering

Preserved Fulltext

On Possible Cryptographic Optimization of Mobile Healthcare Application

Preserved Fulltext

Building Blocks for Identity Federations [chapter]

Preserved Fulltext

Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token

Preserved Fulltext

Key-Enforced Access Control and Performance Analysis of DES and RSA Cryptography in Cloud Computing

Preserved Fulltext

Strong Authentication Protocol based on Java Crypto Chip as a Secure Element

Preserved Fulltext

Breaking the Web Barriers of the e-Administration Using an Accessible Digital Certificate Based on a Cryptographic Token

Preserved Fulltext

The implementation and investigation of securing web applications upon multi-platform for a single sign-on functionality English

Preserved Fulltext

Implimentation Appraoch for Secure Web Application by Different Prevention Stratergies
IJARCCE - Computer and Communication Engineering

The implementation and investigation of securing web applications upon multi-platform for a single sign-on functionality
English