Related papers: SALVE: Server Authentication with Location VErific…
Over the past couple of years, the extent of the services provided on the mobile devices has increased rapidly. A special class of service among them is the Location Based Service(LBS) which depends on the geographical position of the user…
The rapid advancements in wireless technology have significantly increased the demand for communication resources, leading to the development of Spectrum Access Systems (SAS). However, network regulations require disclosing sensitive user…
TLS uses X.509 certificates for server authentication. A X.509 certificate is a complex document and various innocent errors may occur while creating/ using it. Also, many certificates belong to malicious websites and should be rejected by…
Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as a comprehensible additional trust factor. In this work, we…
Location based services (LBS) are one of the most promising and innovative directions of convergence technologies resulting of emergence of several fields including database systems, mobile communication, Internet technology, and…
In many web applications, such as Content Delivery Networks (CDNs), TLS credentials are shared, e.g., between the website's TLS origin server and the CDN's edge servers, which can be distributed around the globe. To enhance the security and…
Mutual TLS (mTLS) provides strong, certificate-based authentication for both clients and servers, yet its adoption for user-facing websites remains rare. This paper presents a longitudinal study of mTLS usability, tracking 46 senior and…
National or international maritime authorities are used to handle requests for licenses for all kinds of marine activities. These licenses constitute authorizations limited in time and space, but there is no technical security service to…
Traditional user authentication involves entering a username and password into a system. Strong authentication security demands, among other requirements, long, frequently hard-to-remember passwords. Two-factor authentication aids in the…
Network traffic inspection, including TLS traffic, in enterprise environments is widely practiced. Reasons for doing so are primarily related to improving enterprise security (e.g., malware detection) and meeting legal requirements. To…
Applications providing location-based services (LBS) have gained much attention and importance with the notion of the internet of things (IoT). Users are utilizing LBS by providing their location information to third-party service…
The current cybersecurity landscape is increasingly complex, with traditional Static Application Security Testing (SAST) tools struggling to capture complex and emerging vulnerabilities due to their reliance on rule-based matching.…
Cloud-based services have become part of our day-to-day software solutions. The identity authentication process is considered to be the main gateway to these services. As such, these gates have become increasingly susceptible to aggressive…
With the rise of location-based service (LBS) applications that rely on terrestrial and satellite infrastructures (e.g., GNSS and crowd-sourced Wi-Fi, Bluetooth, cellular, and IP databases) for positioning, ensuring their integrity and…
With the prevalence of location-based services (LBSs) supported by advanced positioning technology, there is a dramatic increase in the transmission of high-precision personal geographical data. Malicious use of these sensitive data will…
The paper presents a step forward in the design and implementation of a Transport Layer Security (TLS) handshake protocol that enables the use of Verifiable Credential (VC) while maintaining full compliance with RFC-8446 and preserving all…
Authentication in TLS is predominately carried out with X.509 digital certificates issued by certificate authorities (CA). The centralized nature of current public key infrastructures, however, comes along with severe risks, such as single…
The burgeoning technology of Mobile Edge Computing is attracting the traditional LBS and LS to deploy due to its nature characters such as low latency and location awareness. Although this transplant will avoid the location privacy threat…
Smart devices have accentuated the importance of geolocation information. Geolocation identification using smart devices has paved the path for incentive-based location-based services (LBS). A location proof is a digital certificate of the…
Today, location-based applications and services such as friend finders and geo-social networks are very popular. However, storing private position information on third-party location servers leads to privacy problems. In our previous work,…