Nagarani, C and Kousalya, R (2019) Round Trip Latency Based Authentication Scheme in Fog-Enabled Cloud Computing System. International Journal of Recent Technology and Engineering, 8 (2). ISSN 2277-3878
B1887078219.pdf - Published Version
Download (768kB)
Abstract
In fog-enabled cloud computing framework, one of
the most challenges is security promises due to the compromised passwords. To overcome this issue, different multifactor authentication schemes have been developed that requires additional authentication credentials along with the standard password to authenticate the login. Among those schemes, Communication Latency-based Authentication Scheme (CLAS) increases the protection of conventional web authentication schemes by leveraging the Round Trip network communication Latency (RTL) between clients and authenticators together with standard password. It uses RTL of clients to secure against password compromise. On the other hand, it can support compromise of either the password or the profiled location of a user. This makes it susceptible to same location attacks. As a result, an integration of additional profiling features is needed to
attain more robust and flexible defense against password
compromise. Hence in this paper, an extended CLAS is proposed that mainly investigates the mobility and same location challenges in CLAS. Initially, the legitimate login failures are solved by handling both selective and arbitrary mobility of users. For selective mobility case, CLAS generates an individual profile
for each location and the user may be granted access if his/her
real-time login profile matches any of the stored reference
profiles. For arbitrary mobility case, CLAS is integrated with
two-factor authentication mechanism to authenticate the user. In
addition, the defense against Mimic attacks is improved by utility
metric-based location anonymization and obfuscation of RTL
algorithms. By using these algorithms, the user’s locations are
anonymized and the values of RTL are obfuscated to defend
against user compromise attempts for impersonating the RTL by
getting nearer to the user location. Moreover, a keystroke
dynamics measure is introduced with obfuscated RTL measures
to effectively defend the same location attacks. This technique
alleviates the potential impacts of network instabilities on RTL
measurements. As well, it increases the authentication sample
space and so improves the security guarantee of CLAS. Finally,
the simulation outcomes illustrate that an extended CLAS has the
ability to reduce both false positive and false negative rates
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Fog computing, Cloud computing, CLAS, Dummy-based location anonymization, Two-factor authentication, Keystroke dynamics |
Divisions: | PSG College of Arts and Science > Department of Computer Science |
Depositing User: | Mr Team Mosys |
Date Deposited: | 12 Jul 2022 09:11 |
Last Modified: | 12 Jul 2022 09:11 |
URI: | http://ir.psgcas.ac.in/id/eprint/1305 |