Certificate Verification Research Articles (Page 10)

The objective of this work is to design and implement an enhanced wed-based certificate verification system that will assist schools and co-operate organizations to confirm the originality of students’ certificate by displaying certificate details, and format with owner’s image. This work was motivated by the level of certificate forgery, time wastage and the stress encountered while processing this manually. The system adopted the object oriented and design methodology (OOADM) while the programming language used for the front-end design was Hypertext Markup Language (HTML5), Cascading Style Sheet (CSS3), Bootstrap Frame work and Back end design was achieved with Hypertext Preprocessor (PHP5) and My-Structural Query Language (MySQL). The result after design was an enhanced web-based certificate verification system that was able to verify and authenticate students’ certificates and display certificate image after verification process, which could be used to reduce the high rate of certificate forgery not only within the educational system but in other co-operate organizations.

The faster proliferation of software-defined cloud environments across the world for efficiently hosting enterprise-grade applications has led many organisations to embrace the cloud paradigm in a significant way. The cloud storage opportunities and possibilities are consistently expanding, wherein multimedia storage occupies the entire stage in the cloud. An essential emphasis on security owing to the nature of multiuser access to cloud credentials in many situations is necessary. The security and safety of data, while in transit, in rest, and while being used by applications, have to be guaranteed through proven technology solutions. Typically, image encryption is the standard way of securing and safeguarding images. The proposed three-layer image encryption scheme uses DNA coding along with chaotic logistic and tent maps for confusion and diffusion operations. Upon verification of user credentials, the storage of encrypted image is accomplished in Amazon S3 web services. The strength of encryption has been evaluated based on the parameters namely brute force attack, statistical, encryption quality, occlusion attack and computational complexity analyses which have proved the suitability of proposed scheme to secure cloud storage of images.

The fake certificate is a special global problem in today's digital age. Thousands of universities and educational institutions around the world do not exist but can release hundreds of millions of fake degrees. Verifying the integrity of qualifications is a real challenge for today's employers. Applying the anti-data modifying properties of blockchain technology, this study proposes a solution issuing and verifying digital certificates called EUniCert to solve this problem. By changing the design and integrating new consensus algorithm used in Ethereum platform into the Unicoin network that was used to verify and store the information related to the issued digital certificate, the EUniCert improves the latency to validate transactions as well as the number of verified blocks in the blockchain network compared to the previous solution that we have proposed. We implement a simple blockchain system to illustrate the management operation of the digital certificates on the ethereum platform. Besides, we conduct a simulation to evaluate the performance of our proposal compared with the previous system. The result is that the average latency decreases by 3.27 times as well as the number of verified blocks increases by 11% compared with the previous system.

Nowadays, various online education platforms (such as MOOCs, Coursera, XuetangX and so on) not only provide a broad Internet environment for sharing multimedia learning resources, but also bring a series of challenges in digital rights management, such as the infringement of digital copyrights of multimedia learning resources, the insecurity of digital education certificates, and the low degree of openness of multimedia learning resources. To sovle these issues, we propose a blockchain-enabled digital rights management system, which includes an entirely new network architecture for sharing and managing multimedia resources of online education on the basis of the combination of the public and private blockchains, as well as three specific smart contract schemes for the realization of the recording of multimedia digital rights, the secure storage and the unmediated verification of digital certificates, respectively. The proposed blockchain-enabled digital rights management system has been demonstrated as a promising candidate solution to the blockchain-based multimedia data protection in an online education environment.

This paper analyzes the interactions between the European Union’s Forest Law Enforcement, Governance and Trade (FLEGT) initiative and other components of the emerging transnational timber legality regime, both public and private. It examines how far, and through what institutional channels and mechanisms, these interactions are producing a joined-up transnational regime, based on a shared normative commitment to combat illegal logging and cooperative efforts to implement and enforce it. The paper argues that the experimentalist architecture of the EU FLEGT initiative has fostered productive, mutually reinforcing interactions both with public timber legality regulation in other consumer countries and with private certification schemes. But this emerging regime remains highly polyarchic, with broad scope for autonomous initatives by NGOs and private service providers, along with national governments, international organizations, and multi-donor partnerships. Hence horizontal integration and coordination within it depend on a series of institutional mechanisms, some of which are distinctively experimentalist, while others can also be found in more conventional regimes. These mechanisms include cross-referencing and reciprocal endorsement of rules and standards; mutual learning and peer review through information pooling and comparison of enforcement approaches; public oversight and joint assessment of private certification and legality verification schemes; and the “penalty default” effect of public regulation in consumer countries, which have pushed both exporting countries and transnational firms to comply with the norms and procedures of the emerging transnational regime. The findings of this paper thus provide robust new evidence for the claim advanced in previous work that a joined-up transnational regime can be assembled piece-by-piece under polyarchic conditions through coordinated learning from decentralized experimentation, without a hegemonic power to impose common global rules.

Institutions generally seek for a network infrastructure solution that intelligently combines voice and data networks. To compete globally, It has become necessary for the Faculty of Engineering to build and setup a secured enterprise network solution to drive the rapid engineering and technological advancement of the University. The aim of this study is to develop a secured, scalable, available, and manageable enterprise network for the Faculty of Engineering, Rivers State University, Port Harcourt, Nigeria. In this article the various services that comprise the enterprise network as a unit have been put together using the Hierarchical Network Model. The physical and logical network topology was designed for the Faculty of Engineering infrastructures and the results from the simulation showed that any user who tried to connect to the network and initiated http traffic were redirected to the authentication server for verification of credentials, before being allowed on the network. The result also shows that the Cisco Adaptive Security Appliance, the Core Router, the distribution switches and the integrated service routers were properly configured. The design reduced network device load and the time to identify network issues to resolve them. The configured network security provided availability, integrity, and confidentiality. This design also enhanced rapid connectivity, and the inclusion of new devices did not affect the transfer of packets. Finally, the specifications and commands used in this study is a model that could be modified and deployed for other Faculties or Universities. Keywords : Configuration,design, enterprise network, topology, security, Cisco ASA. DOI : 10.7176/CEIS/10-5-04 Publication date :June 30 th 2019

State medical licensing boards ask program directors (PDs) to complete verification of training (VOT) forms for licensure. While residency programs use Accreditation Council for Graduate Medical Education core competencies, there is no uniform process or set of metrics that licensing boards use to ascertain if academic competency was achieved. We determined the performance metrics PDs are required to disclose on state licensing VOT forms. VOT forms for allopathic medical licensing boards for all 50 states, Washington, DC, and 5 US territories were obtained via online search and reviewed. Questions were categorized by disciplinary action (investigated, disciplined, placed on probation, expelled, terminated); documents placed on file; resident actions (leave of absence, request for transfer, unexcused absences); and non-disciplinary actions (remediation, partial or no credit, non-renewal, non-promotion, extra training required). Three individuals reviewed all forms independently, compared results, and jointly resolved discrepancies. A fourth independent reviewer confirmed all results. Most states and territories (45 of 56) accept the Federation Credentials Verification Service (FCVS), but 33 states have their own VOT forms. Ten states require FCVS use. Most states ask questions regarding probation (43), disciplinary action (41), and investigation (37). Thirty-four states and territories ask about documents placed on file, 36 ask about resident actions, and 7 ask about non-disciplinary actions. Eight states' VOT forms ask no questions regarding resident performance. Among the states and territories, there is great variability in VOT forms required for allopathic physicians. These forms focus on disciplinary actions and do not ask questions PDs use to assess resident performance.

A certificate is a document stating that someone has fulfilled certain requirements and can practice in a field. The certificate verification procedure in universities is still a lot done manually and sometimes does not verify the certificate. This results in many fake certificates. To overcome this problem, a website is created that utilizes the QR Code with the aim of quickly accessing data verification of a certificate. With QR Code scanning technology, paper-based document fraud can be easily carried out without high costs. Therefore, the design of information systems or the creation of web-based applications is a solution to provide convenience to users in the process of data processing, data retrieval to report generation. In making this application the author uses the Agile Software Development model with the Global Extreme Programming process model. While the tools used are UML (Unified Modeling Language) and ERD (Entity Relationship Diagram).

Graduation certificates issued by universities and other educational institutions are one of the most important documents for a graduate. It is a proof of graduate’s qualifications and can be used to advance forward in one’s career and life. However, due to advances in software, printing and photocopying technologies, forgery of those certificates is made easy and as good as the original, making them difficult to detect. Several universities and educational institutions as well as businesses started to dedicate resources for verifying certificates however that is usually a tedious and quite costly process and there isn't a clear model that can be adopted by those institutions that could minimize cost and speed up the process. There are many techniques proposed for paper based document verification and this paper analyzes and expatiate the issues on those techniques. Most of the verification techniques require change in the process of certificate generation either by changing template, changing paper, changing printers, adding hardware or even adding extra information. This change may mean that the university or verifier needs the proper knowledge to execute and run the proposed technique. This also means that older certificates may not work with the newly introduced techniques. To also add some proposed techniques require a change that is not always easy or cheap like in creating a third body to verify certificates.

The modified SHA-1 algorithm was applied in the data integrity verification process of certificates with QR code technology. This paper identified the requirements needed in the certificate verification that uses the modified SHA-1. The application was tested using legitimate and fraudulent certificates. Based on the results, the application successfully generated QR codes, printed certificates, and verified certificates with 100% accuracy. During the trial run of the app, four test cases were seen which involves correct names and QR codes, and three other possible test cases of faking certificates such as modification of the name, regeneration of QR codes using valid hash and a fake name, and modification of the QR code. Although these cases exist, the app successfully verified all thirty certificates correctly. Also, it is noticed that during the scanning, the smartphone camera should be in focus to capture the QR code clearly.

The modified SHA-1 algorithm was applied in the data integrity verification process of certificates with QR code technology. This paper identified the requirements needed in the certificate verification that uses the modified SHA-1. The application was tested using legitimate and fraudulent certificates. Based on the results, the application successfully generated QR codes, printed certificates, and verified certificates with 100% accuracy. During the trial run of the app, four test cases were seen which involves correct names and QR codes, and three other possible test cases of faking certificates such as modification of the name, regeneration of QR codes using valid hash and a fake name, and modification of the QR code. Although these cases exist, the app successfully verified all thirty certificates correctly. Also, it is noticed that during the scanning, the smartphone camera should be in focus to capture the QR code clearly.

Routing services in Mobile Ad hoc Network (MANET) are the goal of denial of service (DoS) attack forms, such as: Blackhole, Sinkhole, Grayhole, Wormhole, Flooding and Whirlwind. There are some related researches to improve of security performance of routing services, such as H(AODV), OTP_AODV, SAODV and ARAN. They require hypothetical conditions that public key infrastructure (PKI) is available. TAMAN routing protocol supported a digital certificate verification service adaptively and quickly to the dynamic topology of the network without relying on any certification authorities (CA). However, node's digital certificate is installed manually and TAMAN has not digital certificate provision and revocation mechanisms. Hence, it is restricted to operate on MANET where nodes move randomly. In this article, we propose a Digital Certification Management Mechanisms (DCMM) based on X.509 standard which supports storing digital certificate, provision and revocation without any PKI. We have implemented DCMM on TAMAN protocol and simulated with NS2 using static and mobility scenarios with speed 30m/s. Simulation results show that digital certificates providing process completely after 70 seconds for 100 member nodes using static scenario and 270 seconds using mobility scenario, and TAMAN performance using DCMM is reduced slightly in terms of packet delivery ratio, end-to-end delay and routing load.

Every year lakhs of students graduating from different university, after passing from university different students have different plans. All students who graduated will have different certificate such as marksheets, degree certificate, best performance certificate and etc. Some students have plans to get employed in companies or to do higher studies. Wherever students go they need submit the certificate for important reference. Due to lack of anti-forge mechanism some started to forge the certificate to get the employed or for further steps. In the digital certificate verification based on blockchain done only for the degree certificates. In the proposing system along with the degree certificate entire personality and behaviour activities of the person using personal id will be uploaded in blockchain. Because of unmodifiable property it is stored in block chain. Initially the student request for the e-certificate by uploading certificate or personal id to electronic certificate system. If requesting for e-cert then the system will review certificate from the university or schools or from organization and get the assurance and store the serial number and e-certificate to the block chain. The system will be generating the QR code and send it to the user. when applying for company user will send only the certificate serial number and QR code received from the e-certificate company.

Cloud storage has attracted more and more concern since it permits cloud users to save and employ the corresponding outsourced files at arbitrary time, with arbitrary facility and from arbitrary place. To make sure data integrality, numerous public auditing constructions have been presented. However, existing constructions mainly have built on the PKI. In these constructions, to achieve data integrality, the auditor first must authenticate the legality of PKC, which leads to a great burden for the auditor. To eliminate the verification of time-consuming certificate, in this work, we present an efficient identity-based public auditing proposal. Our construction is an identity-based data auditing system in the true sense in that the algorithm to calculate authentication signature is an identity-based signature algorithm. By extensive security evaluation and experimental testing, the consequences demonstrate that our proposal is safe and effective; it can efficiently hold back forgery attack and replay attack. Finally, compared with the two identity-based public auditing proposals, our proposal outperforms the two proposals under the condition of overall considering computational cost, communication overhead, and security strength.

ABSTRACT Indonesian small-scale forest holders are facing a dilemma due to the implementation of a mandatory national timber-legality verification scheme and an internationally popular forest certification scheme. The problems arise from limited financial, technical, and administrative information concerning the most preferred scheme and the “imperfection of such a scheme” for long-term business needs. Using the Forest Certification Assessment Guide (FCAG) this paper identifies the characteristics of four third-party forest certification schemes currently working in Indonesia, namely FSC, PEFC, LEI, and SVLK. An online questionnaire was used to survey a wide range of respondents about the future development of contested schemes and those preferred by small-scale forest holders. Our findings show that although FSC scheme obtained the highest score and is considered the best scheme according to the FCAG, small-scale forest holders prefer SVLK scheme, which had the lowest FCAG score because of its mandatory nature and available subsidies. Statements by the four schemes’ proponents, which delegitimize other schemes, reveal they are in competition especially in winning market acceptance and local adaptability. Finally, we suggest proponents enhance aspects where their schemes are lacking and contrive a comparable certification scheme in order to induce willingness to be certified.

ABSTRACTPublic key cryptography is widely used for secure data transfer in various applications. The Public key infrastructure provides a foundation that supports public key cryptography, and it is required to deliver the public keys to existing systems or users securely. The public key is exchanged digitally in the form of digital certificates having a certain period of validity. Circumstances may arise under which the validity of the certificates should be ceased, and they need to be revoked. The fast growth of e-commerce demands verification and data transfers to be done in minimum time to maintain high efficiency of communication. In this paper, a new method of developing certificate revocation lists is proposed. The formal model of enhanced PKI for mobile commerce security is put forward. The performance of NTRU is compared with the RSA algorithm and the ElGamal algorithm. The paper also sets forth a comparative analysis of the proposed method with other existing techniques. The results show that the proposed technology has the upper hand over the current methods.

Authenticated key exchange (AKE) scheme is one of the most widely used cryptographic primitives in practice, even in the Internet-of-Things (IoT) environments. In order to resist side-channel attacks, several works have been proposed for defining leakage-resilient (LR) security models and constructing LR-AKE protocols. However, all these LR-AKE schemes employed the traditional X.509 certificate-based public-key infrastructure authentication framework, where the online transmission and verification of the public-key certificate are the major drawbacks. In this paper, we first propose a general framework for constructing identity-based AKE protocols in the bounded after-the-fact LR extended-Canetti–Krawczyk security model, and show a formal proof in the standard model. Our proposed scheme offers a flexible approach to simplify the certificate management. Moreover, our result could be extended to the bounded-retrieval model, yielding the first LR-AKE protocol in this model.

Primary aim of current paper is for reducing the certificate duplication and how can we maintain the certificates in a secured form. These two things can be done through a unique certification identification number (UCIN) as a smart card. This card will be validating using the luhn and damm algorithm. To create a paperless atmosphere fraud can also be reduced using the technology of Smart card it decreases certificate maintaining efforts. This technique can also utilize for introducing new technologically in field of Educational by using present trend. with the help of this handling of our documents can be done in an easy manner with that single card.

Blockchain for Corporate Renewable Energy Procurement-Potential for Verification of Renewable Energy Certificates

Aiming at the problems of the WPKI certificate verification schemes based on online certificate status protocol (OCSP), this paper proposes a WPKI certificate verification scheme based on the certificate digest signature-online certificate status protocol (CDS_OCSP). Compared with the existing schemes, the proposed scheme optimizes the number of communication connections between the communication entities and the network, reduces the consumption of the wireless network bandwidth in the certificate verification process, and uses the elliptic curves cipher- (ECC-) based encrypting/decrypting functions to sign and verify the certificate digest, which ensures the consistency of the verified certificates among the communication entities. The proposed scheme makes the certificate verification process more efficient and secure. The experimental results show that the proposed scheme effectively reduces the communication consumption of the wireless network and saves the storage space of the wireless entities.