| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Search the digital library catalog Help

Query: search in
search in
search in
search in
* old and bologna study programme


1 - 4 / 4
First pagePrevious page1Next pageLast page
Comparison of JWT and OAuth 2.0 for authorisation and authentication in rest services
Vid Visočnik, 2018, master's thesis

Abstract: The thesis addresses the area of using token authentication and authorisation for software products that, for synchronization and communication purposes, take advantage of underlying REST services. Given that REST service focuses on the use of HTTP protocols, and that REST in its own principle requires being stateless, developers need to address issues regarding user identification, authentication, and authorisation in a stateless manner. In the thesis, we will also show the proper use of security protocols that are part of the HTTP specification, and how to transmit and encrypt sensitive data properly between two endpoints. We will do so by implementing a server and client and, furthermore, present the communication flow needed for ensuring a strong security policy that prevents system vulnerabilities and security flaws by implementing REST service that is stateless and, for the purpose of user identification, uses two of the most common token authentication implementations, OAuth 2.0 and JWT. Furthermore, we will compare the basic principles and concepts of the two user identification frameworks and analyse the benefits of both structurally and what to use in which given situation.
Keywords: REST services, OAuth 2.0, JWT, token authentication, communication security, authorisation, authentication
Published: 17.07.2018; Views: 638; Downloads: 154
.pdf Full text (3,43 MB)

A biometric authentication model using hand gesture images
Simon Fong, Yan Zhuang, Iztok Fister, Iztok Fister, 2013, original scientific article

Abstract: A novel hand biometric authentication method based on measurements of the user's stationary hand gesture of hand sign language is proposed. The measurement of hand gestures could be sequentially acquired by a low-cost video camera. There could possibly be another level of contextual information,associated with these hand signs to be used in biometric authentication. As an analogue, instead of typing a password 'iloveu' in text which is relatively vulnerable over a communication network, a signer can encode a biometric password using a sequence of hand signs, 'i', 'l', 'o', 'v', 'e', and 'u'. Subsequently the features from the hand gesture images are extracted which are integrally fuzzy in nature, to be recognized by a classification model for telling if this signer is who he claimed himself to be, by examining over his hand shape and the postures in doing those signs. Itis believed that everybody has certain slight but unique behavioral characteristics in sign language, so are the different hand shape compositions. Simple and efficient image processing algorithms are used in hand sign recognition, including intensity profiling, color histogram and dimensionality analysis, coupled with several popular machine learning algorithms. Computer simulation is conducted for investigating the efficacy ofthis novel biometric authentication model which shows up to 93.75% recognition accuracy.
Keywords: biometric authentication, hand gesture, hand sign recognition, machine learning
Published: 28.06.2017; Views: 871; Downloads: 384
.pdf Full text (1,83 MB)
This document has many files! More...

Characterization of Slovenian wines using multidimensional data analysis from simple enological descriptors
Adriána Bednárová, Roman Kranvogl, Darinka Brodnjak-Vončina, Tjaša Jug, Ernest Beinrohr, 2013, original scientific article

Abstract: Determination of the product's origin is one of the primary requirements when certifying a wine's authenticity. Significant research has described the possibilities of predicting a wine's origin using efficient methods of wine components' analyses connected with multivariate data analysis. The main goal of this study was to examine the discrimination ability of simple enological descriptors for the classification of Slovenian red and white wine samples according to their varieties and geographical origins. Another task was to investigate the inter-relations available among descriptors such as relative density, content of total acids, non-volatile acids and volatile acids, ash, reducing sugars, sugar-free extract, $SO_2$, ethanol, pH, and an important additional variable - the sensorial quality of the wine, using correlation analysis, principal component analysis (PCA), and cluster analysis (CLU). 739 red and white wine samples were scanned on a Wine Scan FT 120, from wave numbers 926 $cm^{–1}$ to 5012 $cm^{–1}$. The applied methods of linear discriminant analysis (LDA), general discriminant analysis (GDA), and artificial neural networks (ANN), demonstrated their power for authentication purposes.
Keywords: wine authentication, enological descriptors, classification techniques, ANN
Published: 10.07.2015; Views: 1478; Downloads: 37
.pdf Full text (261,13 KB)
This document has many files! More...

Improvement of the Peyravian-Jeffries`s user authentication protocol and password change protocol
Marko Hölbl, Tatjana Welzer-Družovec, Boštjan Brumen, 2008, original scientific article

Abstract: Remote authentication of users supported by passwords is a broadly adopted method of authentication within insecure network environments. Such protocols typically rely on pre-established secure cryptographic keys or public key infrastructure. Recently, Peyravian and Jeffries [M. Peyravian, C. Jeffries, Secure remote user access over insecure networks, Computer Communications 29 (5-6) (2006) 660-667] proposed a protocol for secure remote user access over insecure networks. Shortly after the protocol was published Shim [K.A. Shim, Security flaws of remote user access over insecure networks, Computer Communications 30 (1) (2006) 117-121] and Munilla et al. [J. Munilla, A. Peinado, Off-line password-guessing attack to Peyravian-Jeffries`s remote user authentication protocol, Computer Communications 30 (1) (2006) 52-54] independently presented an off-line guessing attack on the protocol. Based on their findings we present an improved secure password-based protocol for remote user authentication, password change, and session key establishment over insecure networks, which is immune against the attack.
Keywords: networks, user authentication, remote user access, password-based protocol, security
Published: 31.05.2012; Views: 1408; Downloads: 65
URL Link to full text

Search done in 0.09 sec.
Back to top
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica