Yazar "Chen, Chien-Ming" seçeneğine göre listele

Listeleniyor 1 - 7 / 7
  • Küçük Resim
    Öğe
    Attacks and Solutions for a Two-Factor Authentication Protocol for Wireless Body Area Networks
    (WILEY-HINDAWI, ADAM HOUSE, 3RD FL, 1 FITZROY SQ, LONDON WIT 5HE, ENGLAND, 2021) Chen, Chien-Ming; Li, Zhen; Chaudhry, Shehzad Ashraf; Li, Long
    As an extension of the 4G system, 5G is a new generation of broadband mobile communication with high speed, low latency, and large connection characteristics. It solves the problem of human-to-thing and thing-to-thing communication to meet the needs of intelligent medical devices, automotive networking, smart homes, industrial control, environmental monitoring, and other IoT application needs. 'is has resulted in new research topics related to wireless body area networks. However, such networks are still subject to significant security and privacy threats. Recently, Fotouhi et al. proposed a lightweight and secure two-factor authentication protocol for wireless body area networks in medical IoT. However, in this study, we demonstrate that their proposed protocol is still vulnerable to sensor-capture attacks and the lack of authentication between users and mobile devices. In addition, we propose a new protocol to overcome the limitations mentioned above. A detailed comparison shows that our proposed protocol is better than the previous protocols in terms of security and performance.
  • Küçük Resim
    Öğe
    Designing secure and lightweight user access to drone for smart city surveillance
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2022) Hussain, Sajid; Mahmood, Khalid; Khan, Muhammad Khurram; Chen, Chien-Ming; Alzahrani, Bander A.; Chaudhry, Shehzad Ashraf
    The Internet of drones (IoD) is a very useful application of the Internet of things (IoT) and it can help the daily life comfort through various functions including the smart city surveillance. The IoD can enhance the comfort to reach inaccessible and hard to access sites and can save lot of effort, time and cost. However, in addition to traditional threats, the IoD may suffer from new threats and requires customized methods to combat the security weaknesses. Very recently, Wazid et al. proposed a security solution for securing IoD application scenario and claimed its security. However, in this paper we show that their scheme cannot resist stolen verifier and traceability attacks. Moreover, an attacker with access to the verifier, can impersonate any user, drone or server of the system. An enhanced scheme is then proposed to cope with these weaknesses. The security claims of proposed scheme are endorsed by formal and informal security analysis. Moreover, the performance and security comparisons show that proposed scheme completes a cycle of authentication with a slight increase in computation time, but it offers all the required security features as compared with the scheme of Wazid et al.
  • Küçük Resim
    Öğe
    An enhanced scheme for mutual authentication for healthcare services
    (KEAI PUBLISHING LTD, 16 DONGHUANGCHENGGEN NORTH ST, BEIJING, DONGCHENG DISTRICT 100717, PEOPLES R CHINA, 2022) Shamshad, Salman; Ayub, Muhammad Faizan; Mahmood, Khalid; Kumari, Saru; Chaudhry, Shehzad Ashraf; Chen, Chien-Ming
    With the advent of state-of-art technologies, the Telecare Medicine Information System (TMIS) now offers fast and convenient healthcare services to patients at their doorsteps. However, this architecture engenders new risks and challenges to patients' and the server's confidentiality, integrity and security. In order to avoid any resource abuse and malicious attack, employing an authentication scheme is widely considered as the most effective approach for the TMIS to verify the legitimacy of patients and the server. Therefore, several authentication protocols have been proposed to this end. Very recently, Chaudhry et al. identified that there are vulnerabilities of impersonation attacks in Islam et al.'s scheme. Therefore, they introduced an improved protocol to mitigate those security flaws. Later, Qiu et al. proved that these schemes are vulnerable to the man-in-the-middle, impersonation and offline password guessing attacks. Thus, they introduced an improved scheme based on the fuzzy verifier techniques, which overcome all the security flaws of Chaudhry et al.'s scheme. However, there are still some security flaws in Qiu et al.'s protocol. In this article, we prove that Qiu et al.'s protocol has an incorrect notion of perfect user anonymity and is vulnerable to user impersonation attacks. Therefore, we introduce an improved protocol for authentication, which reduces all the security flaws of Qiu et al.'s protocol. We also make a comparison of our protocol with related protocols, which shows that our introduced protocol is more secure and efficient than previous protocols.
  • Küçük Resim
    Öğe
    An Improved Authentication Scheme for Digital Rights Management System
    (WILEY-HINDAWI, ADAM HOUSE, 3RD FL, 1 FITZROY SQ, LONDON WIT 5HE, ENGLAND, 2022) Hussain, Sajid; Bin Zikria, Yousaf; Mallah, Ghulam Ali; Chen, Chien-Ming; Alshehri, Mohammad Dahman; Ishmanov, Farruh; Chaudhry, Shehzad Ashraf
    With the increasing number and popularity of digital content, the management of digital access rights has become an utmost important field. Through digital rights management systems (DRM-S), access to digital contents can be defined and for this, an efficient and secure authentication scheme is required. The DRM authentication schemes can be used to give access or restrict access to digital content. Very recently in 2020, Yu et al. proposed a symmetric hash and xor-based DRM and termed their system to achieve both security and performance efficiency. Contrarily, in this study, we argue that their scheme has several issues including nonresistance to privileged insider and impersonation attacks. Moreover, it is also to show in this study that their scheme has an incorrect authentication phase and due to this incorrectness, the scheme of Yu et al. lacks user scalability. An improved scheme is then proposed to counter the insecurities and incorrectness of the scheme of Yu et al. We prove the security of the proposed scheme using BAN logic. For a clear picture of the security properties, we also provide a textual discussion on the robustness of the proposed scheme. Moreover, due to the usage of symmetric key-based hash functions, the proposed scheme has a comparable performance efficiency.
  • Küçük Resim
    Öğe
    A Lightweight and Robust User Authentication Protocol with User Anonymity for IoT-Based Healthcare
    (TECH SCIENCE PRESS, 871 CORONADO CENTER DR, SUTE 200, HENDERSON, NV 89052, 2022) Chen, Chien-Ming; Liu, Shuangshuang; Chaudhry, Shehzad Ashraf; Chen, Yeh-Cheng; Khan, Muhammad Asghar
    With the rise of the Internet of Things (IoT), the word “intelligent medical care” has increasingly become a major vision. Intelligent medicine adopts the most advanced IoT technology to realize the interaction between patients and people, medical institutions, and medical equipment. However, with the openness of network transmission, the security and privacy of information transmission have become a major problem. Recently, Masud et al. proposed a lightweight anonymous user authentication protocol for IoT medical treatment, claiming that their method can resist various attacks. However, through analysis of the protocol, we observed that their protocol cannot effectively resist privileged internal attacks, sensor node capture attacks, and stolen authentication attacks, and their protocol does not have perfect forward security. Therefore, we propose a new protocol to resolve the security vulnerabilities in Masud’s protocol and remove some redundant parameters, so as to make the protocol more compact and secure. In addition, we evaluate the security and performance of the new protocol and prove that the overall performance of the new protocol is better than that of other related protocols.
  • Küçük Resim
    Öğe
    A provably secure and lightweight mutual authentication protocol in fog-enabled social Internet of vehicles
    (SAGE PUBLICATIONS INC, 2455 TELLER RD, THOUSAND OAKS, CA 91320, 2022) Li, Zhen; Miao, Qingkai; Chaudhry, Shehzad Ashraf; Chen, Chien-Ming
    The Internet of vehicles technology has developed rapidly in recent years and has become increasingly important. The social Internet of vehicles provides better resources and services for the development of the Internet of vehicles and provides better experience for users. However, there are still many security problems in social vehicle networking environments. Once the vehicle is networked, the biggest problem is data security according to the three levels of data collection, intelligent analysis, and decision control of the Internet of vehicles. Recently, Wu et al. proposed a lightweight vehicle social network security authentication protocol based on fog nodes. They claimed that their security authentication protocol could resist various attacks. However, we found that their authentication protocols are vulnerable to internal attacks, smart card theft attacks, and lack perfect forward security. In this study, we propose a new protocol to overcome these limitations. Finally, security and performance analyses show that our protocol perfectly overcomes these limitations and exhibits excellent performance and efficiency.
  • Küçük Resim
    Öğe
    Security, Trust and Privacy for Cloud, Fog and Internet of Things
    (WILEY-HINDAWI, ADAM HOUSE, 3RD FL, 1 FITZROY SQ, LONDON WIT 5HE, ENGLAND, 2022) Chen, Chien-Ming; Chaudhry, Shehzad Ashraf; Yeh, Kuo-Hui; Aman, Muhammad Naveed
    Internet of !ings (IoT) is a promising networking scenario in the cyber world, bridging physical devices and virtual objects. By considering the limited capacity of smart things, cloud computing is generally applied to store and process the massive data collected by the IoT. Furthermore, fog computing is described as an extension and a complement to cloud computing. It utilizes fog nodes to perform storage, computation, and communication locally. !e merging of cloud/fog computing and IoT can be seen as the best of two worlds by concurrently offering ubiquitous sensing services and powerful processing capabilities.