- Browse by Author
Browsing by Author "Goyal, Shreya"
Now showing 1 - 3 of 3
Results Per Page
Sort Options
Item AuthN-AuthZ: Integrated, User-Friendly and Privacy-Preserving Authentication and Authorization(IEEE, 2020-10) Phillips, Tyler; Yu, Xiaoyuan; Haakenson, Brandon; Goyal, Shreya; Zou, Xukai; Purkayastha, Saptarshi; Wu, Huanmei; BioHealth Informatics, School of Informatics and ComputingIn this paper, we propose a novel, privacy-preserving, and integrated authentication and authorization scheme (dubbed as AuthN-AuthZ). The proposed scheme can address both the usability and privacy issues often posed by authentication through use of privacy-preserving Biometric-Capsule-based authentication. Each Biometric-Capsule encapsulates a user's biometric template as well as their role within a hierarchical Role-based Access Control model. As a result, AuthN-AuthZ provides novel efficiency by performing both authentication and authorization simultaneously in a single operation. To the best of our knowledge, our scheme's integrated AuthN-AuthZ operation is the first of its kind. The proposed scheme is flexible in design and allows for the secure use of robust deep learning techniques, such as the recently proposed and current state-of-the-art facial feature representation method, ArcFace. We conduct extensive experiments to demonstrate the robust performance of the proposed scheme and its AuthN-AuthZ operation.Item Enabling Secure and Effective Biomedical Data Sharing through Cyberinfrastructure Gateways(arXiv, 2020) Goyal, Shreya; Purkayastha, Saptarshi; Phillips, Tyler; Quick, Robert; Britt, Alexis; BioHealth Informatics, School of Informatics and ComputingScientific cyberinfrastructures promise solutions to computational challenges with rich resources; they embrace collaborative workflows in which users can access and share scientific data and computing resources to perform research and education tasks, which catalyze scientific discovery. The Dynaswap project reports on developing a coherently integrated and trustworthy holistic secure workflow protection architecture for cyberinfrastructures which can be used on virtual machines deployed through cyberinfrastructure (CI) services such as JetStream. This service creates a user-friendly cloud environment designed to give researchers access to interactive computing and data analysis resources on demand. The Dynaswap cybersecurity architecture supports roles, role hierarchies, and data hierarchies, as well as dynamic changes of roles and hierarchical relations within the scientific infrastructure. Dynaswap combines existing cutting-edge security frameworks (including an Authentication Authorization-Accounting framework, Multi-Factor Authentication, Secure Digital Provenance, and Blockchain) with advanced security tools (e.g., Biometric-Capsule, Cryptography-based Hierarchical Access Control, and Dual-level Key Management). The security technologies have been developed and integrated with the Open Medical Record System for enhanced security purposes and delivering a secure scientific infrastructure, which allows researchers, educators, practitioners, and students to remotely access and share sensitive data, computing resources, and workflows with flexibility and convenience while also having the highest security and privacy protection. The CI is being validated in life-science research environments and in the education settings of Health Informatics.Item Usability and Security of Different Authentication Methods for an Electronic Health Records System(arXiv, 2021) Purkayastha, Saptarshi; Goyal, Shreya; Oluwalade, Bolu; Phillips, Tyler; Wu, Huanmei; Zou, Xukai; BioHealth Informatics, School of Informatics and ComputingWe conducted a survey of 67 graduate students enrolled in the Privacy and Security in Healthcare course at Indiana University Purdue University Indianapolis. This was done to measure user preference and their understanding of usability and security of three different Electronic Health Records authentication methods: single authentication method (username and password), Single sign-on with Central Authentication Service (CAS) authentication method, and a bio-capsule facial authentication method. This research aims to explore the relationship between security and usability, and measure the effect of perceived security on usability in these three aforementioned authentication methods. We developed a formative-formative Partial Least Square Structural Equation Modeling (PLS-SEM) model to measure the relationship between the latent variables of Usability, and Security. The measurement model was developed using five observed variables (measures). - Efficiency and Effectiveness, Satisfaction, Preference, Concerns, and Confidence. The results obtained highlight the importance and impact of these measures on the latent variables and the relationship among the latent variables. From the PLS-SEM analysis, it was found that security has a positive impact on usability for Single sign-on and bio-capsule facial authentication methods. We conclude that the facial authentication method was the most secure and usable among the three authentication methods. Further, descriptive analysis was done to draw out the interesting findings from the survey regarding the observed variables.