[Show abstract][Hide abstract] ABSTRACT: In recent years, Voice over Internet Protocol (VoIP) has gained more and more popularity as an application of the Internet technology. For various IP applications including VoIP, the topic of Session Initiation Protocol (SIP) has attracted major concern from researchers. SIP is an advanced signaling protocol operating on Internet Telephony. SIP uses digest authentication protocols such as Simple Mail Transport Protocol (SMTP) and Hyper Text Transport Protocol (HTTP). When a user seeks SIP services, authentication plays an important role in providing secure access to the server only to the authorized access seekers. Being an insecure-channel-based protocol, a SIP authentication protocol is susceptible to adversarial threats. Therefore, security is a big concern in SIP authentication mechanisms. This paper reveals the security vulnerabilities of two recently proposed SIP authentication schemes for VoIP, Irshad et al.’s scheme [Multimed. Tools. Appl. doi:10. 1007/ s11042-013-1807-z] and Arshad and Nikooghadam’s scheme [Multimed. Tools. Appl. DOI 10. 1007/ s11042-014-2282-x], the later scheme is based on the former scheme. Irshad et al.’s scheme suffers from password guessing, user impersonation and server spoofing attacks. Arshad and Nikooghadam’s scheme can be threatened with server spoofing and stolen verifier attack. None of these two schemes achieve mutual authentication. It also fails to follow the single round-trip authentication design of Irshad et al.’s scheme. To overcome these weaknesses, we propose a provable secure single round-trip SIP authentication scheme for VoIP using smart card. We formally prove the security of the scheme in random oracle and demonstrate through discussion its resistance to various attacks. The comparative analysis shows that the proposed SIP authentication scheme offers superior performance with a little extra computational cost.
Multimedia Tools and Applications 11/2015; DOI:10.1007/s11042-015-2988-4 · 1.35 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: With the rapid growth of the Internet, a lot of electronic patient records (EPRs) have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password-based authenticated key agreement protocol for the integrated EPR information system (SGPAKE). However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.
[Show abstract][Hide abstract] ABSTRACT: Background & objectives:
Overweight and obesity are rapidly increasing in countries like India. This study was aimed at determining the prevalence of generalized, abdominal and combined obesity in urban and rural India.
Phase I of the ICMR-INDIAB study was conducted in a representative population of three s0 tates [Tamil Nadu (TN), Maharashtra (MH) and Jharkhand (JH)] and one Union Territory (UT)[Chandigarh (CH)] of India. A stratified multi-stage sampling design was adopted and individuals ≥20 yr of age were included. WHO Asia Pacific guidelines were used to define overweight [body mass index (BMI) ≥23 kg/m  but <25 kg/m ], generalized obesity (GO, BMI≥25kg/m  , abdominal obesity (AO, waist circumference ≥90 cm for men and ≥80cm for women) and combined obesity (CO, GO plus AO). Of the 14,277 participants, 13,800 subjects (response rate, 96.7%) were included for the analysis (urban: n=4,063; rural: n=9737).
The prevalence of GO was 24.6, 16.6, 11.8 and 31.3 per cent among residents of TN, MH, JH and CH, while the prevalence of AO was 26.6, 18.7, 16.9 and 36.1 per cent, respectively. CO was present in 19.3, 13.0, 9.8 and 26.6 per cent of the TN, MH, JH and CH population. The prevalence of GO, AO and CO were significantly higher among urban residents compared to rural residents in all the four regions studied. The prevalence of overweight was 15.2, 11.3, 7.8 and 15.9 per cent among residents of TN, MH, JH and CH, respectively. Multiple logistic regression analysis showed that female gender, hypertension, diabetes, higher socio-economic status, physical inactivity and urban residence were significantly associated with GO, AO and CO in all the four regions studied. Age was significantly associated with AO and CO, but not with GO.
Interpretation & conclusions:
Prevalence of AO as well as of GO were high in India. Extrapolated to the whole country, 135, 153 and 107 million individuals will have GO, AO and CO, respectively. However, these figures have been estimated from three States and one UT of India and the results may be viewed in this light.
The Indian Journal of Medical Research 09/2015; 142(2):139-50. DOI:10.4103/0971-5916.164234 · 1.40 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to other related schemes. As a result, our scheme is very appropriate for practical applications in TMIS.
Journal of Medical Systems 09/2015; 39(9):276. DOI:10.1007/s10916-015-0276-5 · 2.21 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Recently, in 2014, He and Wang proposed a robust and efficient multi-server authentication scheme using biometrics-based smart card and elliptic curve cryptography (ECC). In this paper, we first analyze He-Wang’s scheme and show that their scheme is vulnerable to a known session-specific temporary information attack and impersonation attack. In addition, we show that their scheme does not provide strong user’s anonymity. Furthermore, He-Wang’s scheme cannot provide the user revocation facility when the smart card is lost/stolen or user’s authentication parameter is revealed. Apart from these, He- Wang’s scheme has some design flaws, such as wrong password login and its consequences, and wrong password update during password change phase. We then propose a new secure multiserver authentication protocol using biometric-based smart card and ECC with more security functionalities. Using the Burrows- Abadi-Needham (BAN) logic, we show that our scheme provides secure authentication. In addition, we simulate our scheme for the formal security verification using the widely-accepted and used AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, and show that our scheme is secure against passive and active attacks. Our scheme provides high security along with low communication cost, computational cost, and variety of security features. As a result, our scheme is very suitable for battery-limited mobile devices as compared to He- Wang’s scheme.
IEEE Transactions on Information Forensics and Security 09/2015; 10(9):1-1. DOI:10.1109/TIFS.2015.2439964 · 2.41 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Traditional association rule mining based on the support–confidence framework provides the objective measure of the rules that are of interest to users. However, it does not reflect the semantic measure among the items. The semantic measure of an itemset is characterized with utility values that are typically associated with transaction items, where a user will be interested to an itemset only if it satisfies a given utility constraint. In this paper, we first define the problem of finding association rules using utility-confidence framework, which is a generalization of the amount-confidence measure. Using this semantic concept of rules, we then propose a compressed representation for association rules having minimal antecedent and maximal consequent. This representation is generated with the help of high utility closed itemsets (HUCI) and their generators. We propose the algorithms to generate the utility based non-redundant association rules and methods for reconstructing all association rules. Furthermore, we describe the algorithms which generate high utility itemsets (HUI) and high utility closed itemsets with their generators. These proposed algorithms are implemented using both synthetic and real datasets. The results demonstrate better efficiency and effectiveness of the proposed HUCI-Miner algorithm compared to other well-known existing algorithms. In addition, the experimental results show better quality in the compressed representation of the entire rule set under the considered framework.
Expert Systems with Applications 08/2015; 42(13). DOI:10.1016/j.eswa.2015.02.051 · 2.24 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Authentication schemes present a user-friendly and scalable mechanism to establish the secure and authorized communication between the remote entities over the insecure public network. Later, several authentication schemes have proposed in the literature. However, most of the existing schemes do not satisfy the desirable attributes, such as resistance against known attacks and user anonymity. In 2012, Chen et al. designed a robust authentication scheme to erase the weaknesses of Sood et al.'s scheme. In 2013, Jiang et al. showed that Chen et al.'s scheme is vulnerable to password guessing attack. Furthermore, Jiang et al. presented an efficient solution to overcome the shortcoming of Chen et al.'s scheme. We demonstrate that Jiang et al.'s scheme does not withstand insider attack, on-line and off-line password guessing attacks, and user impersonation attack. Their scheme also fails to provide user's anonymity. To overcome these drawbacks, we aim to propose an enhanced scheme, which reduces the computation overhead and satisfies all desirable security attributes, while retaining the original merits of Jiang et al.'s scheme. The proposed scheme is also comparable in terms of the communication and computational overheads with Jiang et al.'s scheme and other existing schemes. Furthermore, we simulate the enhanced scheme for the formal security analysis utilizing the widely-accepted AVISPA tool and show that the proposed scheme is resistant against active and passive attacks.
[Show abstract][Hide abstract] ABSTRACT: A proper interval bigraph is a bigraph where to each vertex we can assign a closed interval such that the intervals can be chosen to be inclusion free and vertices in the opposite partite sets are adjacent when the corresponding intervals intersect. In this paper, we introduce the notion of astral triple of edges and along the lines of characterization of interval graphs via the absence of asteroidal triple of vertices we characterize proper interval bigraphs via the absence of astral triple of edges. We also characterize proper interval bigraphs in terms of dominating pair of vertices as defined by Corneil et al. Tucker characterized proper circular arc graphs in terms of circularly compatible 1’s of adjacency matrices. Sen and Sanyal characterized adjacency matrices of proper interval bigraphs in terms of monotone consecutive arrangement. We have shown an interrelation between these two concepts.
AKCE International Journal of Graphs and Combinatorics 07/2015; 13(1). DOI:10.1016/j.akcej.2015.06.007
[Show abstract][Hide abstract] ABSTRACT: The survival of patients with hypopharyngeal cancer is low amongst head and neck cancer cases. The incidence rates of hypopharyngeal cancers in our population are amongst the highest in the world and there are limited data available on the literature on varied responses to first course of treatment with radiotherapy (RT) and concurrent chemo-radiotherapy (CRT) in our population.
Clinical characteristics and initial responses to treatment in patients who had received radiotherapy and chemo-radiotherapy in a regional cancer center from January 2010 to December 2013 were evaluated. The data were obtained from the hospital cancer registry, and analysis was carried using descriptive statistics. Pearson's chi-square was used to test for differences in the variables and p<0.05 was considered statistically significant.
A total of 554 patients were included in the analysis, 411 (74.2%) receiving RT and 143 (25.8%) being given CRT. There was significantly lower number of patients above 70 years with a higher proportion of patients below 50 years who had received CRT (p<0.05). Some 79.3% and 84.6% of patients in the RT and CRT groups respectively presented with a favorable performance status, and in the RT group 240 (58.4%) showed complete response (CR), and in the CRT group 103 (72.0%) showed CR at the first follow-up (p<0.05).
Concurrent chemo-radiotherapy gives better short term response to treatment in locally advanced hypopharyngeal cancers.
Asian Pacific journal of cancer prevention: APJCP 06/2015; 16(11):4723-6. DOI:10.7314/APJCP.2015.16.11.4723 · 2.51 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Patient delay can contribute to a poor outcome in the management of head and neck cancers (HNC). The main objective of the present study was to investigate the factors associated with patient delay in our population.
Patients with cancers of the head and neck attending a regional cancer center of North East India were consecutively interviewed during the period from June 2014 to November 2014. The participation of patients was voluntary. The questionnaire included information on age, gender, residential status, educational qualification, monthly family income, any family history of cancer, and history of prior awareness on cancer from television (TV) program and awareness program.
Of 311 (n) patients, with an age range of 14-88 years (mean 55.4 years), 81.7% were males and 18.3% females (M:F=4.4). The overall median delay was 90 days (range=7 days-365 days), in illiterate patients the median delay was 90 days and 60 days in literate patients (P=0.002), the median delay in patients who had watched cancer awareness program on TV was 60 days and in patients who were unaware about cancer information from TV program had a median delay of 90 days (p=0.00021) and delay of <10 weeks was seen in 139 (44.6%) patients, a delay of 10-20 weeks in 98 (31.5%) patients, and a delay of 20-30 weeks in 63 (20.2%) patients.
Education and awareness had a significant impact in reduction of median patient delay in our HNC cases.
Asian Pacific journal of cancer prevention: APJCP 06/2015; 16(11):4715-8. DOI:10.7314/APJCP.2015.16.11.4715 · 2.51 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Critical applications in wireless sensor network (WSN) are real-time based applications. Therefore, users are generally interested in accessing real-time information. This is possible, if the users (called the external parties) are allowed to access the real-time data directly from the sensor nodes inside WSN and not from the base station. The sensory information from nodes are gathered periodically by the base station and so, the gathered information may not be real-time. In order to get the real-time information from the sensor nodes, the user needs to be first authorized to the sensor nodes as well as the base station so that the illegal access to nodes do not happen. In this paper, we propose a novel three-factor user authentication scheme suited for distributed WSNs. Our scheme is light-weight, because it only requires the efficient cryptographic hash function, and symmetric key encryption and decryption operations. Further, our scheme is secure against different known attacks which are proved through the rigorous informal and formal security analysis. In addition, we simulate our scheme for the formal security verification using Automated Validation of Internet Security Protocols and Applications tool. The simulation results clearly demonstrate that our scheme is secure against passive and active adversaries.
Wireless Personal Communications 06/2015; 82(3). DOI:10.1007/s11277-015-2288-3 · 0.65 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: The present study is focused to see the performance of real-time extended range forecast (2–3 week forecast) of monsoon during the 2011 flood event over the eastern state of Odisha in India. The usefulness of such forecast in the management of reservoir flow in a way to reduce the risk of flood conditions is also discussed. This case study is carried out over the Mahanadi River basin situated in eastern region of India, which witnessed severe flood conditions during the late August and early part of September 2011 due to abnormally high rainfall over the Mahanadi River basins leading to simultaneous release of huge volume of water from the Hirakud reservoir. The forecasts are prepared based on the Bi-model average (BMA) of two coupled model outputs viz., the European Centre for Medium-Range Weather Forecasting (ECMWF) monthly forecast model and the National Centre for Environmental Prediction (NCEP) Climate Forecast System (CFS) coupled model. The synoptic analysis of the observed rainfall patterns demonstrated that the heavy rainfall is associated with active monsoon circulation during late August and early September, 2011 with the presence of low-pressure systems and anomalous cyclonic circulations at lower level. The extended range BMA forecast based on the initial condition of 25 August, 2011 valid for week 1 (days 5–11) and week 2 (days 12–18) indicate strong monsoon conditions associated with heavy rainfall over the Mahanadi River basins during the period from 29 August to 11 September 2011. With respect to individual model, the ECMWF model is better compared to NCEP CFS in capturing this rainfall episode, although it is much less compared to observed rainfall departure during the period. A mechanism to use such climate forecast along with the use of latest climatological information in the decision making process will be very useful for effective management of reservoir operation particularly during this difficult period.
[Show abstract][Hide abstract] ABSTRACT: Authentication protocol in wireless communication systems is important to protect the sensitive information against a malicious adversary by means of providing a variety of services, such as user credentials’ privacy, session key security (we call it as SK-security), mutual authentication, and user revocation facility when a user’s credentials are unexpectedly revealed. Thus, understanding the security failures of authentication schemes is a key for both patching to the existing schemes and designing the future schemes. Recently, Li et al. showed security drawbacks of Chen et al.’s scheme and proposed an improvement. Later, Islam identified various security flaws in Li et al.’s scheme and proposed further enhancement to remedy these flaws. However, in this paper, we show that Islam’s enhancement has still some security pitfalls. In addition, all these schemes suffer from the time-synchronization problem. We then present a more secure and robust remote user authenticated key agreement scheme in order to remedy the security flaws found in Islam’s scheme. Through the formal security analysis using the widely-accepted Burrows-Abadi-Needham logic (BAN logic), we show that our scheme provides secure mutual authentication. Furthermore, the formal and informal security analysis show that our scheme is secure against various known attacks including the offline password guessing attack when smart card of a user is lost/stolen, and our scheme also provides SK-security, user anonymity, and avoids the time-synchronization problem. We further simulate our scheme for the formal security verification using the widely-accepted and widely-used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results clearly indicate that the proposed scheme is safe. Thus, our scheme provides high security along with more functionality features as compared to Li et al.’s scheme and Islam’s scheme. As a result, our scheme is very suitable for practical applications.
Wireless Personal Communications 05/2015; 84(4). DOI:10.1007/s11277-015-2721-7 · 0.65 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: In real-life applications, ensuring secure transmission of data over public network channels to prevent malicious eavesdropping of the data is an important issue in distributed network environment. There are several potential security risks in protecting data and providing access control over the data. It is a challenging problem to manage dynamically the access rights to the resources and protect them from unauthorized access. Several migration access control mechanisms have been proposed in the literature using hierarchical structure to manage the cryptographic keys to prevent from unauthorized access of resources. However, most of them suffer from some known attacks and they do not efficiently support all required dynamic properties for mobile agent environment. Since, in practical scenarios, from time to time changing of decryption key of a confidential file provides maximum security for the system, it affects significantly the performance of the key management mechanism. In this paper, we propose a novel dynamic migration access control mechanism for the mobile agents (DMAMA) in a distributed network environment using symmetric-key cryptosystem. Further, we provide an elliptic curve cryptography based signature (El-Gamal type) on the decryption key assigned to the confidential file to avoid unauthorized modifications by an attacker. Moreover, DMAMA provides an efficient solution to the dynamic property such as changing decryption key of a confidential file, whereas other schemes do not provide. In addition, DMAMA is efficient in computation and storage overheads as compared to the other related existing schemes. Through the informal and formal security analysis, we show that DMAMA is secure against possible known attacks including man-in-the-middle attack as well as DMAMA provides backward secrecy to the decryption key of a confidential file when adding a new node or creating a new relationship in the existing hierarchy. As a result, higher security, low computational and storage overheads along with efficient access control properties make DMAMA more suitable for practical applications compared to the other related schemes.
Wireless Personal Communications 05/2015; 84(1). DOI:10.1007/s11277-015-2604-y · 0.65 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Type 1 diabetes mellitus (T1DM) is also on increase like type 2 diabetes, even though not in the same proportion, but still with a trend of 3-5% increase/year. India has three new cases of T1DM/100,000 children of 0-14 years. Three sets of prevalence data shows 17.93 cases/100,000 children in Karnataka, 3.2 cases/100,000 children in Chennai, and 10.2 cases/100,000 children in Karnal (Haryana). T1DM may be autoimmune or idiopathic in nature and is present in 9% cases of insulin deficiency. T1DM is primarily caused by genetic factors, environmental factors, and disorder of the immune regulatory mechanism. A combination of all these three factors causes autoimmune disease, which may ultimately result in the destruction of pancreatic beta cells leading to hyperglycemia, ketoacidosis and potentially death, if not treated with insulin. Prediabetes is the phase before the onset of T1DM, which provides a window of opportunity for early intervention. All available interventions including steroids, immunosuppressants, and cyclosporins can be possibly applied during the prediabetes phase. The treatment goals for T1DM are simple and include maintaining near normal blood glucose levels and avoiding long-term complications, which is a constant juggle between insulin and maintaining an appropriate lifestyle. The Indian Council of Medical Research funded Registry of People with diabetes in India with young age at onset (YDR) was started in the year 2006 with 10 collaborating centres across India. This registry is focusing on to provide an overview of diabetes in the young.