scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Image based authentication with secure key exchange mechanism in cloud

TL;DR: This paper has combined Image based authentication along with proposed secure key exchange between user and CSP so that user will be authenticated by CSP using image based authentication and that key will change from session to session.
Abstract: In cloud infrastructure, key should be shared between user and cloud service provider (CSP) to access data in secure way To accessing data from cloud, user will only be authenticated by CSP but they are not exchanging key among each other In the same infrastructure to secure the communication lot of methodologies have been proposed which are basically using some methods like digital signature, homomorphic encryption, signature based encryption etc to secure data Even some methodologies have also been proposed to identify the intrusions over the cloud infrastructure In this paper, we have combined Image based authentication along with proposed secure key exchange between user and CSP Firstly user will be authenticated by CSP using Image based authentication after that key will be exchanged between user and CSP and that key will change from session to session
Citations
More filters
Journal ArticleDOI
TL;DR: Proposed scheme implements Elliptic Curve Cryptography (ECC) for secure key distribution and data exchange and proves a better security mechanism in case of WSNs for healthcare devices.

35 citations

Proceedings ArticleDOI
01 Feb 2016
TL;DR: The secure architecture for cloud is proposed which is going to map some cloud security issues that are authentication of user, confidentiality, privacy, access control and checking the integrity of data.
Abstract: Todays world is of cloud computing, cloud service provider (CSP) provides different resources and services to the user anytime anywhere over the internet. Due to this feature of cloud maintain security over cloud is complex. Cloud computing security issue are authentication of user, nonrepudiation, authority, confidentiality, privacy, availability, access control and checking the integrity of data. Here we have proposed the secure architecture for cloud which is going to map some cloud security issues that are authentication of user, confidentiality, privacy, access control and checking the integrity of data. For authentication of user system uses One Time Password (OTP), for data integrity check system uses modified SHA-2 hash function. This modified version of SHA-2 will provide better solution for PreImage attack and Collision attack and for encryption and decryption system uses standard Advanced Encryption Standards (AES) algorithm.

7 citations


Cites methods from "Image based authentication with sec..."

  • ...Ruchi Chaudhary [11], Proposed system in which user is authenticated by CSP using the image based authentication scheme....

    [...]

  • ...Author Mr. Anurag Singh Tomar, Mr. Garurav Kumar, Mrs. Ruchi Chaudhary [11], Proposed system in which user is authenticated by CSP using the image based authentication scheme....

    [...]

Book ChapterDOI
21 Sep 2016
TL;DR: Proposed scheme resolves existing issues of Image based Authentication with Secure key Exchange Mechanism and implements Captcha to detect machine user and Elliptic Curve Cryptography (ECC) for secure key exchange.
Abstract: Cloud computing is the most emerging trend in computing. It provides numerous services like IaaS, PaaS and AaaS. It is a form of pay-per-use based computing. Although it provides tremendous services but there are numerous security issues which need to be resolved. User authentication in cloud computing is the most important step intended towards data security. Image-based authentication is one of the best techniques for user authentication based on the order of selected images. However, key exchange and data encryption in such a complex environment is very difficult to implement. Proposed scheme resolves existing issues of Image based Authentication with Secure key Exchange Mechanism and implements Captcha to detect machine user and Elliptic Curve Cryptography (ECC) for secure key exchange. ECC is the best asymmetric cryptographic algorithm which involves very less key size and computing steps. Hence, it provides a secure layer to cloud computing which deals with user authentication, key exchange and data encryption.

4 citations

Proceedings ArticleDOI
01 Feb 2020
TL;DR: To reinforce security in authentication the authors offer a unique technique that has a tendency to use user specified cryptographic calculation for securing authentication and relies on random technique for data securing.
Abstract: Authentication is major among the foremost security criterion whereas subject to key of the cataloged services to the supposed end user. The participating choices of cloud computing umpteen institutions practices cloud storage for lock away their imperative data. End users hold on info remotely among the cloud through the end user and may well be accessed mistreatment patron as and once prescribed. Procuring these essence info from the unwarranted connection of the users is among in every of the dominant controversy that causes slash in the expansion of prescribed technology among the corporations. To reinforce security in authentication we offer a unique technique during this paper. During this technique we have a tendency to use user specified cryptographic calculation for securing authentication. This authentication relies on random technique for data securing.

1 citations

Journal ArticleDOI
TL;DR: Experimental results show that the proposed PBUA is strong enough against shoulder surfing attack, and the time taken for pattern matching is very less when compared to existing pattern matching mechanisms.
Abstract: Objectives: Authenticating the MobiCloud users using traditional passwords, biometrics is prone to shoulder surfing attack and need external device. Pattern Based User Authentication (PBUA) mechanism is introduced to identify and authenticate the users in MobiCloud environment. Methods/ Statistical Analysis: To authenticate the users, the whole process is divided into two phases namely, identification and authentication. Dynamic patterns are generated using random mathematical function to select the patterns from the Identity Management (IdM) Server. Pattern matching operation is done using the hash-based technique to match the image pattern sequences quickly with the actual pattern. Findings: Experimental results show that the proposed PBUA is strong enough against shoulder surfing attack. The time taken for pattern matching is very less when compared to existing pattern matching mechanisms. Application/Improvement: PBUA does not need any intermediate table as the patterns are matched directly with original patterns. The complexity of the algorithm is reduced by , thus the efficiency is improved n2 times. Pattern updation is not required which reduces the user’s burden.

1 citations


Additional excerpts

  • ...Pattern ID (j) (1) (2,4,6) (2) - – (0,3) (7) (0) (2,5) (5) Table 2....

    [...]

References
More filters
Proceedings ArticleDOI
08 Oct 2010
TL;DR: The approach is based on a flexible framework for supporting authentication decisions the authors call TrustCube and on a behavioral authentication approach referred to as implicit authentication that results in a new authentication paradigm for users of mobile technologies.
Abstract: Cloud computing is a natural fit for mobile security. Typical handsets have input constraints and practical computational and power limitations, which must be respected by mobile security technologies in order to be effective. We describe how cloud computing can address these issues. Our approach is based on a flexible framework for supporting authentication decisions we call TrustCube (to manage the authentication infrastructure) and on a behavioral authentication approach referred to as implicit authentication (to translate user behavior into authentication scores). The combination results in a new authentication paradigm for users of mobile technologies, one where an appropriate balance between usability and trust can be managed through flexible policies and dynamic tuning.

141 citations


"Image based authentication with sec..." refers methods in this paper

  • ...During accessing of web page from cloud or in online transaction the device will send query to Data authentication consumer, after that query will be forwarded to authentication engine [3] along with list of policy, authentication engine extract data and ask device to provide the value of parameters after that based on parameter value engine will respond to device about authentication....

    [...]

Proceedings ArticleDOI
27 May 2011
TL;DR: This paper shows that the SIP authentication scheme using Elliptic Curve Cryptography is still insecure, and an adversary can easily derive the session key from the intercepted messages.
Abstract: Recently SIP authentication scheme using Elliptic Curve Cryptography has been proposed and it was claimed that scheme is efficient and secure against replay attack, password guessing attack, Man-in-middle Attack, Modification attack, Denning-Sacco attacks and Stolen verifier attack. In addition, it provides mutual authentication between communicating parties and generates a session key agreed between them. This paper shows that the scheme is still insecure. An adversary can easily derive the session key from the intercepted messages.

21 citations

Journal ArticleDOI
TL;DR: This work describes the mitigation of evasion techniques by implementation of better PCRE based rules approach to prevent evasion techniques on cloud systems.
Abstract: With invention of new tools and technologies, the attackers are designing new methods to evade present security models. One of such security models is Intrusion detections. Intrusion detection systems work on signature based analysis and anomaly based detection, which makes it vulnerable for new evasion techniques. This work describes the mitigation of evasion techniques by implementation of better PCRE based rules approach.IN this paper we are designing improved PCRE based rules to prevent evasion techniques on cloud systems.

9 citations


"Image based authentication with sec..." refers background in this paper

  • ...Intrusion detection system [2] can be used to provide security while accessing data from cloud....

    [...]

Journal ArticleDOI
TL;DR: This paper presents a secure session key distribution technique for group communication in which any member in the group can generate and distribute the session key to all the group members securely.
Abstract:  Abstract—In order to provide confidentiality in group communication, data is encrypted using a session key. Group key generation, session key generation and their distribution are the most important issues in multicast. This paper presents a secure session key distribution technique for group communication. In this framework, any member in the group can generate and distribute the session key to all the group members securely.

7 citations


"Image based authentication with sec..." refers background in this paper

  • ...First user will generate key with help of primitive root [4,5,6] of group and by choosing some random value after that user will send some information related to key and with help of that service provider can compute the key....

    [...]

01 Jan 2014
TL;DR: A modified version which combines the features and merits of both Flexible Robust Group Key Agreement as well as Efficient Authentication Protocol for Virtual Subnet protocol is proposed.
Abstract: Group key is used to provide the confidentiality among the group members. Flexible Robust Group Key Agreement scheme has been proposed, in which users contribute to generate the group key. However, it doesn't authenticate the members of the group when data arrives. Previously Efficient Authentication Protocol for Virtual Subnet has been proposed. However, there is no group key agreement phase in it. In this paper, group key agreement with node authentication scheme has been proposed. It's a modified version which combines the features and merits of both Flexible Robust Group Key Agreement as well as Efficient Authentication Protocol for Virtual Subnet protocol. The main advantage of proposed scheme is that it eliminates the need to send the separate parameters for authentication as well as group key contribution.

4 citations


"Image based authentication with sec..." refers background in this paper

  • ...First user will generate key with help of primitive root [4,5,6] of group and by choosing some random value after that user will send some information related to key and with help of that service provider can compute the key....

    [...]