Concept: Physical security
This paper presents an innovative access control system, based on human detection and path analysis, to reduce false automatic door system actions while increasing the added values for security applications. The proposed system can first identify a person from the scene, and track his trajectory to predict his intention for accessing the entrance, and finally activate the door accordingly. The experimental results show that the proposed system has the advantages of high precision, safety, reliability, and can be responsive to demands, while preserving the benefits of being low cost and high added value.
Recently, Chen et al. have proposed a novel tamper resistant prescription RFID access control system, published in the Journal of Medical Systems. In this paper we consider the security of the proposed protocol and identify some existing weaknesses. The main attack is a reader impersonation attack which allows an active adversary to impersonate a legitimate doctor, e.g. the patient’s doctor, to access the patient’s tag and change the patient prescription. The presented attack is quite efficient. To impersonate a doctor, the adversary should eavesdrop one session between the doctor and the patient’s tag and then she can impersonate the doctor with the success probability of ‘1’. In addition, we present efficient reader-tag to back-end database impersonation, de-synchronization and traceability attacks against the protocol. Finally, we propose an improved version of protocol which is more efficient compared to the original protocol while provides the desired security against the presented attacks.
With the development of Internet, patients could enjoy health-care delivery services through telecare medicine information systems (TMIS) in their home. To control the access to remote medical servers' resources, many authentication schemes using smart cards have been proposed. However, the performance of these schemes is not satisfactory since modular exponential operations are used in these schemes. In the paper, we propose a chaotic map-based authentication scheme for telecare medicine information systems. The security and performance analysis shows our scheme is more suitable for TMIS.
Computer keyboard is one of the most common, reliable, accessible and effective approaches used for human-machine interfacing and information exchange. Although keyboard has been used for hundreds of years for advancing human civilization, studying human behavior by keystroke dynamics using smart keyboard remains a great challenge. Here we report a self-powered, non-mechanical-punching keyboard enabled by contact electrification between human fingers and keys, which converts mechanical stimuli applied onto the keyboard into local electronic signals without applying an external power. The intelligent keyboard (IKB) can not only sensitively trigger a wireless alarm system once gentle finger tapping occurs but also be capable of tracing and recording typing contents by detecting both the dynamic time intervals between and during inputting letters and the force used for each typing action. Such features promise its use as a smart security system that can realize detection, alert, recording, and identification. Moreover, the IKB is able to identify personal characteristics from different individuals if assisted by behavioral biometric of keystroke dynamics. Furthermore, the IKB can effectively harness typing motions for electricity to charge commercial electronics at arbitrary typing speed larger than 100 characters per min. Given the above features, the IKB can be potentially applied not only to self-powered electronics but also to artificial intelligence, cyber security, and computer or network access control.
BACKGROUND: Fear of crime is associated with negative health and wellbeing outcomes, and may mediate some impacts of the built environment on public health. A range of environmental interventions have been hypothesized to reduce the fear of crime. METHODS: This review aimed to synthesize the literature on the effectiveness of interventions in the built environment to reduce the fear of crime. Systematic review methodology, following Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidance, was used. Studies of environmental interventions which reported a fear of crime outcome and used any prospective evaluation design (randomized controlled trial (RCT), trial or uncontrolled before-and-after study) were included. Eighteen databases were searched. The Hamilton tool was used to assess quality. A narrative synthesis of findings was undertaken. RESULTS: A total of 47 studies were included, 22 controlled and 25 uncontrolled, with total sample sizes ranging from n = 52 to approximately n = 23,000. Thirty-six studies were conducted in the UK, ten studies in the USA and one study in the Netherlands. The quality of the evidence overall is low. There are some indications that home security improvements and non-crime-related environmental improvements may be effective for some fear of crime outcomes. There is little evidence that the following reduce fear of crime: street lighting improvements, closed-circuit television (CCTV), multi-component environmental crime prevention programs or regeneration programs. CONCLUSIONS: There is some evidence for the effectiveness of specific environmental interventions in reducing some indicators of fear of crime, but more attention on the context and possible confounders is needed in future evaluations of complex social interventions such as these.
Closed Circuit Television (CCTV) operators are responsible for maintaining security in various applied settings. However, research has largely ignored human factors that may contribute to CCTV operator error. One important source of error is inattentional blindness - the failure to detect unexpected but clearly visible stimuli when attending to a scene. We compared inattentional blindness rates for experienced (84 infantry personnel) and naïve (87 civilians) operators in a CCTV monitoring task. The task-relevance of the unexpected stimulus and the length of the monitoring period were manipulated between participants. Inattentional blindness rates were measured using typical post-event questionnaires, and participants' real-time descriptions of the monitored event. Based on the post-event measure, 66% of the participants failed to detect salient, ongoing stimuli appearing in the spatial field of their attentional focus. The unexpected task-irrelevant stimulus was significantly more likely to go undetected (79%) than the unexpected task-relevant stimulus (55%). Prior task experience did not inoculate operators against inattentional blindness effects. Participants' real-time descriptions revealed similar patterns, ruling out inattentional amnesia accounts.
The problem of securing biological research data is a difficult and complicated one. Our ability to secure data on computers is not robust enough to ensure the security of existing data sets. Lessons from cryptography illustrate that neither secrecy measures, such as deleting technical details, nor national solutions, such as export controls, will work.
The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash’s protocol. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure.
The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or “things” to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes.
Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.