Galoh Rashidah Haron

  • Citations Per Year
Learn More
Majority of web authentication is implemented using username and password mechanism. How about leveraging the Shibboleth authentication advantages as an alternative to username and password based authentication to access a live web site? This challenge is trivial if, the codes that built the external web sites are permissible to be modified. In a case where(More)
Authentication is a mechanism to establish proof of identities. Common practise for authentication is to challenge user to present authentication credential. User who can present the valid credential is considered as authenticated identity. Traditional authentication systems have a static security requirement which does not consider the change of user(More)
Authentication is a mechanism to verify identity of users. Those who can present valid credential are considered as authenticated identities. In this paper, we introduce an adaptive authentication system called Unified Authentication Platform (UAP) which incorporates adaptive control to identify high-risk and suspicious illegitimate login attempts. The(More)
The paper presents a technical solution to issue proxy certificate for grid end users using hardware and software token in grid systems. These tokens consist of user identity certificate and keys associated with the certificate. The discussion is initiated with the adoption of current solution; MyProxy as a generator of proxy certificate and credential(More)
This paper presents the mechanisms on integrating security related activities to an established software process in an organization. The main challenge is to attain a security model that is fit to the organization's security objectives and environment. We quest for an adapted security model that is lightweight yet provides an optimized security impacts in(More)
This paper discusses user behaviour and interactions for multimodal authentication system. Multimodal means, multiple authentication methods are provided for user to access a web application. The supported methods are password, digital certificate, and one-time password (OTP). Users are able to select any methods based on user's preference; personalizing(More)
  • 1