-
Unified Singular Protocol Flow for OAuth (USPFO) Ecosystem
Authors:
Jaimandeep Singh,
Naveen Kumar Chaudhary
Abstract:
OAuth 2.0 is a popular authorization framework that allows third-party clients such as websites and mobile apps to request limited access to a user's account on another application. The specification classifies clients into different types based on their ability to keep client credentials confidential. It also describes different grant types for obtaining access to the protected resources, with th…
▽ More
OAuth 2.0 is a popular authorization framework that allows third-party clients such as websites and mobile apps to request limited access to a user's account on another application. The specification classifies clients into different types based on their ability to keep client credentials confidential. It also describes different grant types for obtaining access to the protected resources, with the authorization code and implicit grants being the most commonly used. Each client type and associated grant type have their unique security and usability considerations. In this paper, we propose a new approach for OAuth ecosystem that combines different client and grant types into a unified singular protocol flow for OAuth (USPFO), which can be used by both confidential and public clients. This approach aims to reduce the vulnerabilities associated with implementing and configuring different client types and grant types. Additionally, it provides built-in protections against known OAuth 2.0 vulnerabilities such as client impersonation, token (or code) thefts and replay attacks through integrity, authenticity, and audience binding. The proposed USPFO is largely compatible with existing Internet Engineering Task Force (IETF) Proposed Standard Request for Comments (RFCs), OAuth 2.0 extensions and active internet drafts.
△ Less
Submitted 2 August, 2023; v1 submitted 29 January, 2023;
originally announced January 2023.
-
Resilient Risk based Adaptive Authentication and Authorization (RAD-AA) Framework
Authors:
Jaimandeep Singh,
Chintan Patel,
Naveen Kumar Chaudhary
Abstract:
In recent cyber attacks, credential theft has emerged as one of the primary vectors of gaining entry into the system. Once attacker(s) have a foothold in the system, they use various techniques including token manipulation to elevate the privileges and access protected resources. This makes authentication and token based authorization a critical component for a secure and resilient cyber system. I…
▽ More
In recent cyber attacks, credential theft has emerged as one of the primary vectors of gaining entry into the system. Once attacker(s) have a foothold in the system, they use various techniques including token manipulation to elevate the privileges and access protected resources. This makes authentication and token based authorization a critical component for a secure and resilient cyber system. In this paper we discuss the design considerations for such a secure and resilient authentication and authorization framework capable of self-adapting based on the risk scores and trust profiles. We compare this design with the existing standards such as OAuth 2.0, OpenID Connect and SAML 2.0. We then study popular threat models such as STRIDE and PASTA and summarize the resilience of the proposed architecture against common and relevant threat vectors. We call this framework as Resilient Risk based Adaptive Authentication and Authorization (RAD-AA). The proposed framework excessively increases the cost for an adversary to launch and sustain any cyber attack and provides much-needed strength to critical infrastructure. We also discuss the machine learning (ML) approach for the adaptive engine to accurately classify transactions and arrive at risk scores.
△ Less
Submitted 29 November, 2022; v1 submitted 4 August, 2022;
originally announced August 2022.
-
Deep 3D Convolutional Neural Network for Automated Lung Cancer Diagnosis
Authors:
Sumita Mishra,
Naresh Kumar Chaudhary,
Pallavi Asthana,
Anil Kumar
Abstract:
Computer Aided Diagnosis has emerged as an indispensible technique for validating the opinion of radiologists in CT interpretation. This paper presents a deep 3D Convolutional Neural Network (CNN) architecture for automated CT scan-based lung cancer detection system. It utilizes three dimensional spatial information to learn highly discriminative 3 dimensional features instead of 2D features like…
▽ More
Computer Aided Diagnosis has emerged as an indispensible technique for validating the opinion of radiologists in CT interpretation. This paper presents a deep 3D Convolutional Neural Network (CNN) architecture for automated CT scan-based lung cancer detection system. It utilizes three dimensional spatial information to learn highly discriminative 3 dimensional features instead of 2D features like texture or geometric shape whick need to be generated manually. The proposed deep learning method automatically extracts the 3D features on the basis of spatio-temporal statistics.The developed model is end-to-end and is able to predict malignancy of each voxel for given input scan. Simulation results demonstrate the effectiveness of proposed 3D CNN network for classification of lung nodule in-spite of limited computational capabilities.
△ Less
Submitted 4 May, 2019;
originally announced June 2019.
-
Speaker Identification From Youtube Obtained Data
Authors:
Nitesh Kumar Chaudhary
Abstract:
An efficient, and intuitive algorithm is presented for the identification of speakers from a long dataset (like YouTube long discussion, Cocktail party recorded audio or video).The goal of automatic speaker identification is to identify the number of different speakers and prepare a model for that speaker by extraction, characterization and speaker-specific information contained in the speech sign…
▽ More
An efficient, and intuitive algorithm is presented for the identification of speakers from a long dataset (like YouTube long discussion, Cocktail party recorded audio or video).The goal of automatic speaker identification is to identify the number of different speakers and prepare a model for that speaker by extraction, characterization and speaker-specific information contained in the speech signal. It has many diverse application specially in the field of Surveillance, Immigrations at Airport, cyber security, transcription in multi-source of similar sound source, where it is difficult to assign transcription arbitrary. The most commonly speech parametrization used in speaker verification, K-mean, cepstral analysis, is detailed. Gaussian mixture modeling, which is the speaker modeling technique is then explained. Gaussian mixture models (GMM), perhaps the most robust machine learning algorithm has been introduced examine and judge carefully speaker identification in text independent. The application or employment of Gaussian mixture models for monitoring & Analysing speaker identity is encouraged by the familiarity, awareness, or understanding gained through experience that Gaussian spectrum depict the characteristics of speaker's spectral conformational pattern and remarkable ability of GMM to construct capricious densities after that we illustrate 'Expectation maximization' an iterative algorithm which takes some arbitrary value in initial estimation and carry on the iterative process until the convergence of value is observed,so by doing various number of experiments we are able to obtain 79 ~ 82% of identification rate using Vector quantization and 85 ~ 92.6% of identification rate using GMM modeling by Expectation maximization parameter estimation depending on variation of parameter.
△ Less
Submitted 11 November, 2014;
originally announced November 2014.
-
Overview of Optical Interconnect Technology
Authors:
Sumita Mishra,
Naresh K Chaudhary,
Kalyan Singh
Abstract:
Optical interconnect is seen as a potential solution to meet the performance requirements of current and future generation of data processors. Optical interconnects have negligible frequency dependent loss, low cross talk and high band width. Optical interconnects are not much used commercially since optical interconnects technology is incompatible with manufacturing processes and assembly methods…
▽ More
Optical interconnect is seen as a potential solution to meet the performance requirements of current and future generation of data processors. Optical interconnects have negligible frequency dependent loss, low cross talk and high band width. Optical interconnects are not much used commercially since optical interconnects technology is incompatible with manufacturing processes and assembly methods that are currently used in the semiconductor industry. There are many promising optical interconnect technologies and this paper presents a brief analysis of current state of optical interconnect technology.
△ Less
Submitted 16 March, 2013;
originally announced March 2013.
-
Simulation and Optimization of MQW based optical modulator for on chip optical interconnect
Authors:
Sumita Mishra,
Naresh K. Chaudhary,
Kalyan Singh
Abstract:
Optical interconnects are foreseen as a potential solution to improve the performance of data transmission in high speed integrated circuits since electrical interconnects operating at high bit rates have several limitations which creates a bottleneck at the interconnect level. The objective of the work is to model and then simulate the MQWM based optical interconnect transmitter. The power output…
▽ More
Optical interconnects are foreseen as a potential solution to improve the performance of data transmission in high speed integrated circuits since electrical interconnects operating at high bit rates have several limitations which creates a bottleneck at the interconnect level. The objective of the work is to model and then simulate the MQWM based optical interconnect transmitter. The power output of the simulated modulator is then optimized with respect to various parameters namely contrast ratio, insertion loss and bias current. The methodology presented here is suitable for investigation of both analog and digital modulation performance but it primarily deals with digital modulation. We have not included the effect of carrier charge density in multiple quantum well simulation.
△ Less
Submitted 29 September, 2011;
originally announced September 2011.
