Abstract
In our data-driven culture, the need for remote data storage and computing services has grown exponentially, requiring secure access to such data and services. This study proposes a new biometric-based authentication system for secure access to remote (cloud) servers. The proposed approach treats the user's biometrics as confidential credentials. It then uses the user’s biometric data to generate a unique ID and uses it to generate the user's private key. In addition, we present an efficient way to generate session keys for secure messaging between two interlocutors using two biometric templates. That is, you don't have to store your private and session keys somewhere. The proposed approach follows formal security analysis using detailed RealorRandom (ROR) model-based formal security analysis, informal (unmathematical) security analysis, and widely accepted automated Internet security verification., Can withstand multiple known attacks against (passive / active) attackers. Protocol and application (AVISPA) tools. Finally, numerous and comparative studies have shown the effectiveness and usefulness of the proposed approach.
Keywrods: Authentication, biometric-based security, cloud service access, session key.
References
1. Dr. V. Senthil kumar, Mr. P. Jeevanantham, Dr. A. Viswanathan, Dr. Vignesh Janarthanan, Dr. M. Umamaheswari and Dr. S. Sivaprakash” Improve Design and Analysis of Friend-to-Friend Content Dissemination System”Vol 3 Issue No 3 2021 DOI: http:// dx.doi.org/10.35338/EJASR.2021.3301
2. C. Neuman, S. Hartman, K. Raeburn, “The kerberos network authentication service (v5),” RFC 4120, 2005.
3. “OAuth Protocol.” [Online]. Available: http://www.oauth.net/
4. “OpenID Protocol.” [Online]. Available: http://openid.net/
5. G. Wettstein, J. Grosen, and E. Rodriguez, “IDFusion: An open architecture for Kerberos based authorization,” Proc. AFS and Kerberos Best Practices Workshop, June 2006.
6. A. Kehne, J. Schonwalder, and H. Langendorfer, “A nonce-based protocol for multiple authentications,” ACM SIGOPS Operating System Review, vol. 26, no. 4, pp. 84–89, 1992.
7. B. Neuman and S. Stubblebine, “A note on the use of timestamps as nonces,” Oper. Syst. Rev., vol. 27, no. 2, pp. 10–14, 1993.
8. J. Astorga, E. Jacob, M. Huarte, and M. Higuero, “Ladon :endto-end authorisation support for resource-deprived environments,” IET Infomration Security, vol. 6, no. 2, pp. 93–101, 2012.
9. S. Zhu, S. Setia, and S. Jajodia, “LEAP: efficient security mechanisms for large-scale distributed sensor networks,” Washington D.C., USA, October 2003, pp. 62–72.
10. A. Perrig, R. Szewczyk, D. Tygar, V. Wen, and D. Culler, “SPINS: security protocols for sensor networks,” ACM Wireless Networking, vol. 8, no. 5, pp. 521–534, 2002.
11. P. Kaijser, T. Parker, and D. Pinkas, “SESAME: The solution to security for open distributed systems,” Computer Communications, vol. 17, no. 7, pp. 501–518, 1994.
12. G. Wettstein, J. Grosen, and E. Rodriguez, “IDFusion: An open architecture for Kerberos based
authorization,” Proc. AFS and Kerberos Best Practices Workshop, June 2006.
13. M. Walla, “Kerberos explained,” Windows 2000 Advantage Magazine, 2000.
14. Q. Jiang, J. Ma, X. Lu, and Y. Tian, “An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks,” Peer-to-Peer Networking and Applications, vol. 8, no. 6, pp. 1070–1081, 2015.
15. O. Althobaiti, M. Al-Rodhaan, and A. Al-Dhelaan, “An efficient biometric authentication protocol for wireless sensor networks,” International Journal of Distributed Sensor Networks, vol. 2013, pp. 1–13, 2013, Article ID 407971, http://dx.doi.org/ 10.1155/2013/407971.
16. K. Xue, C. Ma, P. Hong, and R. Ding, “A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 316 – 323, 2013.
17. M. Turkanovic, B. Brumen, and M. Holbl, “A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion,” Ad Hoc Networks, vol. 20, pp. 96 – 112, 2014.
18. M. Park, H. Kim, and S. Lee, “Privacy Preserving Biometric-Based User Authentication Protocol Using Smart Cards,” in 17th International Conference on Computational Science and Engineering, Chengdu, China, 2014, pp. 1541–1544.
19. P. K. Dhillon and S. Kalra, “A lightweight biometrics based remote user authentication scheme for IoT services,” Journal of Information Security and Applications, vol. 34, pp. 255 – 270, 2017.
20. S. D. Kaul and A. K. Awasthi, “Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement,” Wireless Personal Communications, vol. 89, no. 2, pp. 621–637, 2016.
21. D. Kang, J. Jung, H. Kim, Y. Lee, and D. Won, “Efficient and Secure Biometric-Based User Authenticated Key Agreement Scheme with Anonymity,” Security and Communication Networks, vol. 2018, pp. 1–14, 2018, Article ID 9046064, https://doi.org/10.1155/2018/9046064.
22. Dr. V. Senthil kumar, Mr. P. Jeevanantham, Dr. A. Viswanathan, Dr. Vignesh Janarthanan, Dr. M. Umamaheswari, Dr. S. Sivaprakash Emperor Journal of Applied Scientific Research “Improve Design and Analysis of Friend-to-Friend Content Dissemination System ”Volume - 3 Issue - 3 2021
23. Jaganathan, M., Sabari, A. An heuristic cloud based segmentation technique using edge and texture based two dimensional entropy. Cluster Computing Vol 22, PP 12767–12776(2019). https://doi.org/10.1007/s10586-018-1757-3
24. Senthil kumar, V., Prasanth, K. Weighted Rendezvous Planning on Q-Learning Based Adaptive Zone Partition with PSO Based Optimal Path Selection. Wireless Personal Communications 110, 153–167 (2020). https://doi-org.libproxy.viko.lt /10.1007/s11277-019-06717-z.
25. Vignesh Janarthanan, A.Viswanathan, M. Umamaheswari, “Neural Network and Cuckoo Optimization Algorithm for Remote Sensing Image Classification ", International Journal of Recent Technology and Engineering., vol. 8, no. 4, pp. 1630-1634, Jun. 2019.
26. Dr. V. Senthil kumar, Mr. P. Jeevanantham, Dr. A. Viswanathan, Dr. Vignesh Janarthanan, Dr. M. Umamaheswari, Dr. S. Sivaprakash Emperor Journal of Applied Scientific Research “Improve Design and Analysis of Friend-to-Friend Content Dissemination System ”Volume - 3 Issue - 3 2021
27. V.Senthilkumar , K.Prashanth” A Survey of Rendezvous planning Algorithms for Wireless Sensor Networks International Journal of communication and computer Technologies, Vol 4 Issue No 1 (2016)
28. Dr.Vignesh Janarthanan, Dr.Venkata Reddy Medikonda,.Er.Dr.G.Manoj Someswar Proposal of a Novel Approach for Stabilization of the Image from Omni-Directional System in the case of Human Detection & Tracking “American Journal of Engineering Research (AJER)” vol 6 issue 11 2017
29. Sowmitha, V., and Mr V. Senthilkumar. "A Cluster Based Weighted Rendezvous Planning for Efficient Mobile-Sink Path Selection in WSN." International Journal for Scientific Research & Development Vol 2 Issue 11 2015
30. Viswanathan, A., Arunachalam, V. P., & Karthik, S. (2012). Geographical division traceback for distributed denial of service. Journal of Computer Science, 8(2), 216.
31. Anurekha, R., K. Duraiswamy, A. Viswanathan, V.P. Arunachalam and K.G. Kumar et al., 2012. Dynamic approach to defend against distributed denial of service attacks using an adaptive spin lock rate control mechanism. J. Comput. Sci., 8: 632-636.
32. Umamaheswari, M., & Rengarajan, N. (2020). Intelligent exhaustion rate and stability control on underwater wsn with fuzzy based clustering for efficient cost management strategies. Information Systems and e-Business Management, 18(3), 283-294.