Sage Journals: Discover world-class research

Abstract

Currently, distributed systems are used to store information in remote sites. However, these systems are exposed to different types of security risks such as virus, Trojans or ramsomware, and security mechanisms are required to protect the access to these data and guarantee their privacy and integrity. Authentication plays an important role for security issues in a computer system. Authentication is used to prove the user identity, and it is strongly related with the access control to limits the actions and operations that an authenticated user can do in a computer system. However, authentication is a previously step to the access control, and it assumes that authentication of a user has been done successfully. Several cryptography methods can be integrated in an authentication mechanism in order to obtain robust authentication schemes. An authentication scheme based on Kerberos to access data in multiples domains is presented in this paper. A challenge in our authentication scheme is related with the authentication of Kerberos servers. To deal with this problem a keys distribution architecture is added to authentication scheme in order to authenticate the Kerberos servers in a secure way.

Keywords

Security authentication access control keys distribution kerberos

Get full access to this article

View all access options for this article.

References

Neumann

B.C.

and Ts’o

, Kerberos: An Authentication Service for Computer Networks, IEEE Communications Magazine 32(9) (1994)33–38.

López-Fuentes

F.A.

, Sistemas Distribuidos, UAM, Unidad Cuajimalpa (2015), pp. 1–203.

MIT Kerberos Consortium, The Role of Kerberos in Modern Information Systems (2008), pp. 1–53.

MIT Kerberos Consortium, Why is Kerberos a credible security solution? (2008), pp. 1–13.

Bishop

, Introduction to Computer Security, Pearson Education, Inc (2005), pp. 2–3, 97.

Symantec, Informe sobre las amenazas para la seguridad en Internet. URL: https://www.symantec.com/es/mx/security-center/threat-report. Last access: pp.30/06-2018.

Stallings

, Fundamentos de Seguridad en Redes Aplicaciones y Estándares, Pearson Educación (2004), pp. 28, 31–32, 35, 106, 109.

Wireshark, https://www.wireshark.org/download.html, last access 06/05-2018.

Hojabri

and Venkat

R.K.

, Innovation in cloud computing: Implementation of Kerberos version 5 in cloud computing in order to enhance the security issues, IEEE Int Conference on Information Communication and Embedded Systems (ICICES), 2013, India.

10.

Al-Ayed

and Liu

, Synopsis of Security: Using Kerberos Method to Secure File Transfer Sessions, IEEE Int Conference on Computational Science and Computational Intelligence, 2016, USA.

11.

Liu

, Li

and Sun

, Distributed Authentication in the Cloud Computing Environment, Springer International Publishing Switzerland, LNCS, 2015, Vol. 9532.

12.

Zhang

, Wu

, Yang

, Shen

and Cheng

, A lightweight authentication and authorization solution based on Kerberos, IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference, 2016, Xi’an, China.

13.

VanDyke Software Inc. Secure File Transfer with SSH, 2008.

14.

M. Arora, Howsecure isAESagainst brute force attacks, EE Times 5(7). URL: https://www.eetimes.com/document.asp? doc_id=1279619, last access 04/06-2018.

15.

Ibañez-Ramírez

J.A.

, Sistema de autenticación para acceso a datos distribuidos basado en Kerberos. UAM-Cuajimalpa, Technical Report (PT-III), 2018.

16.

Ibañez-Ramírez

J.A.

and López-Fuentes

F.A.

, Authentication mechanism to Access multiple-domain multimedia data, Int. Conf. on Multimedia and Network Information System (MISSI 2018), Wroclaw, Poland, 2018. pp. 552–561.

17.

Research Nester. Enterprise Video Conferencing Market: Global Demand Analysis Opportunity Outlook 2023. URL: http://www.researchnester.com/reports/enterprisevideo-conferencing-marketglobal-demand-analysis-opportunity-outlook-2023/164, last accessed on 05/01-2019.

18.

Zion

, Market Research, IPTV Market for Advertising and Marketing, Media and Entertainment, Gaming, E-Commerce, Healthcare and Medical, Telecommunication It and Others – Global Industry Perspective, Comprehensive Analysis, and Forecast, 2015 2021. URL: https://www.zionmarketresearch.com/Cisco (2006).

19.

Descripción del Kerberos un servicio de autenticación para los sistemas de red abierta. 07/11/2018, de Cisco Sitio web: https://www.cisco.com/c/esmx/support/docs/security-vpn/kerberos/16087-1.html, last access 11/07/2018.

20.

Neuman

, Yu

, Hartman

and Raeburn

, The Kerberos Network Authentication Service (V5), 2005, RFC, 4120.

21.

, Zhu

and Ma

, An Improved Kerberos Protocol based on Diffie-Hellman-DSA Key Exchange, 18th IEEE International Conference on Networks, (2012), pp. 400–404, Singapore, Singapore.

22.

Pérez-Méndez

, Pereñíguez-García

, Marín-López

and López-Millán

, Out-of-band federated authentication for Kerberos based on PANA, Computer Communications 36(14) (2013), pp. 1527–1538.

23.

Alshamari

, A Review of Gaps between Usability and Security/Privacy, Int, J. Communications, Network and System Sciences 9(10) (2016), 413–429.

24.

Yee

K.-P.

, Aligning Security and Usability, IEEE Security and Privacy 2(5) (2004), 48–55.

25.

Garfinkel

, Design principles and patterns for computer systems that are simultaneously secure and usable PhD Thesis, Massachusetts Institute of Technology, 2005.

Distributed authentication system to access data in multiple secure domains

Abstract

Keywords

Get full access to this article

References