In:
International Journal of Recent Technology and Engineering (IJRTE), Blue Eyes Intelligence Engineering and Sciences Engineering and Sciences Publication - BEIESP, Vol. 8, No. 2 ( 2019-07-30), p. 1270-1278
Abstract:
In fog-enabled cloud computing framework, one of the most challenges is security promises due to the compromised passwords. To overcome this issue, different multifactor authentication schemes have been developed that requires additional authentication credentials along with the standard password to authenticate the login. Among those schemes, Communication Latency-based Authentication Scheme (CLAS) increases the protection of conventional web authentication schemes by leveraging the Round Trip network communication Latency (RTL) between clients and authenticators together with standard password. It uses RTL of clients to secure against password compromise. On the other hand, it can support compromise of either the password or the profiled location of a user. This makes it susceptible to same location attacks. As a result, an integration of additional profiling features is needed to attain more robust and flexible defense against password compromise. Hence in this paper, an extended CLAS is proposed that mainly investigates the mobility and same location challenges in CLAS. Initially, the legitimate login failures are solved by handling both selective and arbitrary mobility of users. For selective mobility case, CLAS generates an individual profile for each location and the user may be granted access if his/her real-time login profile matches any of the stored reference profiles. For arbitrary mobility case, CLAS is integrated with two-factor authentication mechanism to authenticate the user. In addition, the defense against Mimic attacks is improved by utility metric-based location anonymization and obfuscation of RTL algorithms. By using these algorithms, the user’s locations are anonymized and the values of RTL are obfuscated to defend against user compromise attempts for impersonating the RTL by getting nearer to the user location. Moreover, a keystroke dynamics measure is introduced with obfuscated RTL measures to effectively defend the same location attacks. This technique alleviates the potential impacts of network instabilities on RTL measurements. As well, it increases the authentication sample space and so improves the security guarantee of CLAS. Finally, the simulation outcomes illustrate that an extended CLAS has the ability to reduce both false positive and false negative rates.
Type of Medium:
Online Resource
ISSN:
2277-3878
DOI:
10.35940/ijrte.2277-3878
DOI:
10.35940/ijrte.B1887.078219
Language:
Unknown
Publisher:
Blue Eyes Intelligence Engineering and Sciences Engineering and Sciences Publication - BEIESP
Publication Date:
2019
detail.hit.zdb_id:
2722057-6
Permalink
