Upload
georgiana-townsend
View
222
Download
2
Embed Size (px)
Citation preview
TRIGON BASED AUTHENTICATION, AUTHORIZATION AND
DISTRIBUTION OF ENCRYPTED KEYS WITH GLOBUS MIDDLEWARE
Anitha Kumari K08MW01
II ME – Software Engineering
CONTENTS
Introduction Work Done Problem Definition Existing System Proposed Methodology Feasibility Analysis and System Requirements Scope Results Literature Survey Publications References Conclusion Timeline Chart
INTRODUCTION
Grid computing involves the formation of dynamic virtual organizations including groups of individuals as well as associated resources where security is an important criteria.
Proposed methodology mainly aims to provide more security based on trigon based authentication and authorization and then distribution of channels with key take place by hash algorithm using GLOBUS as middleware
In the distributed channel users join and communicate with other group members using this key.
Provides Secure communication and dynamic groups.
WORK DONE
KEY DISTRIBUTION
Whenever a user join the keys are generated dynamically and encoded using MD5 and each member communicates with the other group members using this key.
TRIGON BASED AUTHENTICATION
Proposed a dual trigon based authentication, which will authenticate the user by a combined mechanism of two files, namely, authentication file and backend file and then allows the user to authorize the resources.
PROBLEM DEFINITION
Taking the security as the main constraint in grid computing environment, we are proposing a trigon based authentication and authorization, and then distribution of channels by MD5 algorithm to reduce computational load using GLOBUS as middleware.
EXISTING SYSTEM
Separate authentication and authorization protocol is used.
Key Distribution is slow . No forward/backward secrecy. computational cost high – ‘n’ encryption and ‘n’
unicast
PROPOSED METHODOLOGY
Trigon based authentication and authorization is used to maintain strong security by splitting the password and storing in two files.
Distribution of channels by MD5 algorithm
MODULES1.Authentication2.Authorisation3.Distribution of Channels4.File transfer5.Formation of Virtual Organization
TRIGON BASED AUTHENTICATION ALGORITHM
REGISTRATION
User registers with username and password Authentication file generates the three sides of the trigon a, a’ and
a’’Determines variance and the product of the sides Vaa’ and Paa’
where Vaa’=a-a’ Paa’ = a * a’
Save α and username in authentication file and forwards username, Vaa’ and Paa’ to Backend file where
Backend file saves Vaa’ and Paa' for the corresponding username
α =2P aa '− a ''2
REGISTRATION – FLOW DIAGRAM
Contd…
AUTHENTICATIONUser LoginP AI is the ASCII-interpreted value of the given passwordCalculate pi and AI(i) where
P AI(i) / 10 pow n-2 ; if P AI (i) ≥ 180
Pi = {
P AI(i)/ 10 pow n-3 ; else
AI(i) = Pi/2;Authentication file sends αi and username to backend fileBackend File determines AT(i) and sends to authentication file where
AT(i) = αi + Vaa’i 2Paa‘i
If Sin AI(i) = ( 1- ATi / 2 ) ½ then token is issued for authorization
FLOW DIAGRAM - AUTHENTICATION
FEASIBILITY ANALYSIS AND SYSTEM REQUIREMENTS
The methods used here utilized the fundamental properties of the trigon and the trigon parameters, made the grid more secure as the alienated passwords had been derived from these trigon parameters
Key distribution using hash function provides more security
Operating system - Linux RHEL5
Programming language - Java
SCOPE
The implementation of dual authentication method provide effective performance , security and paying the way to valid users for access with the VO for resource sharing such as efficient computational channel distribution with help of MD5 algorithm
Forward/backward Secrecy maintained. Reduction of computation and communication cost. Dynamic rekey operations and no need of resources. Highly scalable Online chat groups
RESULTS
1.Usernames, Passwords and the trigon parameters based on the user passwords provided at the time of registration
2. The authentication parameters derived from the trigon parameters, the authentication code status and the outcome obtained from authentication of the user.
3. Number of Nodes and Distribution Time
in seconds
4.Graph-Number of nodes Vs Distribution time in seconds
5.SAMPLE OUTPUT
eff3.stdout User Name : sud Password : sudhiAlpha : -3.5455917266588135E10 Vp : -196944.0 Pp : 2.32466659417E11Token is : 0.0071645152852578735Pi : 90.4105Authentication token <At> 0.0071645152852578735User Token : 0.4964177423574 RegToken :0.4964177423574Valid User file length: 2hash: e44fea3bec53bcea3b7513ccef5857acNew channel discovered cse
JOB SUBMISSION
LITERATURE SURVEY
An Computation-Efficient Multicast Key Distribution. Key Establishment in Large Dynamic Groups Using
One-Way Function Trees - Centralized Hierarchical Methods - One-way function trees
A Simple User Authentication Scheme for Grid Computing
A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication
PUBLICATIONS
AUTHENTICATION PUBLICATION
"International Journal of Computer Science and Information Security" Dec 2009, vol 6, pp (064-072).
Accepted in National level Conference (NCSSS) in BIT.
REFERENCES
1.Rongxing Lu, Zhenfu Cao, Zhenchuan Chai, and Xiaohui Liang, "A Simple User Authentication Scheme for Grid Computing, International Journal of Network Security, vol.7, no.2, Pp.202–206, September 2008.2.J. Crampton, H.W.Lim, K.G.Paterson and G.Price, "A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication" In Proceedings of the 6th Annual PKI R&D Workshop 2007, pp. 103-118, Gaithersburg, Maryland, USA, 2007.3.Computation-Efficient Multicast Key Distribution
-Lihao Xu, Senior Member, IEEE, and Cheng Huang, Member, ieee transactions on parallel and distributed systems, vol. 19, no. 5, may 20084.Key Establishment in Large Dynamic Groups Using One-Way Function Trees
-Alan T. Sherman and David A. McGrew, Member, ieee transactions on software engineering, vol. 29, no. 5, may 2003
CONCLUSION
The implementation of our dual authentication protocol showed its effective performance in pinpointing the adversaries and paying the way to valid users for access with the VO for resource sharing such as efficient computational channel distribution with help of MD5 algorithm. So the utilization of this scheme will make the grid environment more secure
TIMELINE CHART
Jan Feb-March
Trigon based authentication
Trigon based authorization and distribution of
channels
TIME
MODULES
April-May 2010
File Transformation and Formation of Virtual
Organization
THANK YOU