SECURING DATA WITH AUTHENTICATION IN DISTRIBUTED
advertisement
SECURING DATA WITH AUTHENTICATION IN DISTRIBUTED SYSTEM 1 Snehal P.Kothawade, 2Dipali P.Bari, 3Vijaya S.Patil 1 B.E. Student of Computer Dept., SSBT COET, Bambhori, Jalgaon, MH-India, kothawadesnehal21@gmail.com 2 B.E. Student of Computer Dept., SSBT COET, Bambhori, Jalgaon, MH-India, dipalibari@gmail.com 3B.E. Student of Computer Dept., SSBT COET, Bambhori, Jalgaon, MH-India, patilvijaya072@gmail.com Abstract-Distributed system is an emerging by servers shown in following Fig 1. Individual technology system processes (clients) that desire access to resources integrates the advantages of the distributed direct service requests to the appropriate servers. system and security with multiple authentication Authentication scheme. It also carries necessary issues related identification of a valid user. Access control to Limited bandwidth Latency of network, venture to prevent unwanted tampering with data Heterogeneity, Privacy, Security, Data Access files and system resources. In an centralized, and Availability. The main obstacles is security isolated, single-user system, the place where the that obstruct in distributed from being widely system is stored , security is acheived by locking up adopted. These concerns are originated which the disks. Thus, room and disks may access the holds the sensitive data in which the data owner system resources and files only by that user who hesitates to trust. The core objective of this having the key that room. This is good for both system is to develop a system to provide strong authentication security to data with multifactor authentication, resources like files and printers distributed among which the hosts are shared across the network in the form for protect IT industry. the system This agenised the involves and the access verification control. and Various of network services provided by servers. In simple vulnerable attacks. terms, identification and verification makes Index Terms-Distributed System; Biometrics; authentication. In identification certain identity is One Time Password; Secret Key maintain, while verification is the process where that claim is checked. Thus the correctness of an I. INTRODUCTION authentication relies heavily on the verification A distributed system collection of hosts procedure employed[1][2]. interconnected by a network poses some intricate security problems. The main concern is authentication of local entities in the system. In a distributed system, the hosts communicate by sending and receiving messages over the network. Various resources (like files and printers) distributed among the hosts are shared across the network in the form of network services provided Introduction gives brief overview of the system. Literature survey describes about previous system and provide direction for further implementation. Problem definition identify the gap between existing state and a desired state. Proposed System describes about system going to developed and it’s technique. Conclusion and both the security and performance should be Future Scope describes the Conclusion to integrate maintained and improved. The solution for this the various issues, research etc. and the Future problem is Multifactor authentication. In this Scope for making new change requests considered technique to modify the project scope. Id/Password, Biometrics, One Time Pad (OTP), authentication medium such as Secret Key etc are used. III. Literature survey Literature survey is the most important step in software development process. It is necessary to determine the time factor and economy before developing the tools. Then next is for developing the tool is determined which operating system and language can be used. The programmers need lot of external support if he starts building the tools. Before building the system the above Fig 1: System Architecture consideration are taken into account for developing the proposed system. Kerberos and SESAME are II. Problem Definition two systems providing integrity protection and authentication in distributed computer systems. The The existing security mechanism in distributed system uses cryptographic technique, password authentication infrastructure in which weak passwords are shared by application servers and users. However, this security infrastructure is vulnerable to a number of attacks. One of the greatest challenges is device. Authentication ensures that communication between only intended goal of this system is to compare these two systems from the perspective of key management. This is an interesting subject because Kerberos and SESAME try to solve the same problems, but have chosen to different technologies on various different types of cryptographic primitives. Kerberos uses symmetric key technology while SESAME uses asymmetric cryptography. devices are carried out. Another way is ruling out the possibility that an unknown device or man-in- IV. Proposed system the-middle, intercepting the data. This challenge is dificult because devices in ubiquitous computing are not assumed to possess a priori knowledge of each other. However, this security infrastructure is vulnerable to a number of attacks. It is essential to develop a authentication scheme for the distributed system environment in which It is essential to develop an authentication scheme for the distributed system environment in which both the security and performance should be maintained and improved. Multiple authentications are commonly found in authentication of computer users, where basic authentication is the process of a requesting entity presenting multiple evidences of B. Biometrics its identity to a second entity. The regulatory definition of true multifactor authentication is satisfied by biometric These factors are shown in following Fig 2. 1. Something only the user knows (e.g., authentication. Users will get authenticated biometrically via their face, fingerprint, voiceprint, password, PIN) or iris scan using provided hardware and after they 2. Something only the user has (e.g., ATM can enter a PIN or password in order to open the credential card, smart card, mobile phone) and vault/dome. The actual biometric information is rendered into string or mathematic 3. Something only the user is (e.g., biometric information for many biometric identifiers. The physical characteristic of user scan by device, characteristic). select critical information, and then stores the result Multifactor authentication is the process of more than one authentication medium such as Id/Password, Biometrics, One Time Pad (OTP), Biometrics data strings collation and differentiation is made, and if sufficient commonality is achieved then pass is successful[3][4]. Secret Key etc. Log In in form of string of data. And then between two One Time Password Secret Key Wall C. One Time Password Server 1 A one-time password (OTP) is a password that is valid for only one login session or Server 2 transaction. OTPs avoid a number of short comings that are associated with traditional passwords. This means that a potential intruder who manages to Server 3 record an OTP that was already used to log into a service or to conduct a transaction will not be able to misemploy it, since it will be no longer valid [3]. Client Fig 2: Block Diagram of System D. Secret Key A. Password and PIN Based authentication Using password (a The secret or unique key is shared with authentication server, a secret share by user; secret word or string of characters that is used for unique key with an authentication server. user authentication) or Personal Identification randomly generated message encrypted by the Number (PIN which is a secret numeric password secret key is send to the authentication server. After and is typically used in ATMs) to login is the most this operation if the match is found by received common knowledge-based authentication method. encrypted message (the response) using its shared It is compulsory for the user to provide knowledge secret key, then user is authenticated and server of a secret in order to authenticate the process[3]. provides authorization to users and access to the system[3]. And their design. Distributed System is one of the most IV. Result and Discussion come out technology. This system provides the The previous system provide authentication method, various authentication authentication and access control only using single issues and models concerning to Distributed factor authentication i.e. Id/Password or simple System. biometric scheme. But this system provides the accessibility is one of the key issues is taking care. combination of Id/password, biometric, secret key In this system, various existing authentication and OTP. Due to this merging system gets more techniques have been discussed. Some uses the secured and protected from other attacks. And users open standards and even provisions the integration can securely store and retrieved data. In OTP, time of various authentication methods. From the is an important part of the password, so the literature study, it is essential to develop a generation of new passwords is based on the lightweight current time rather than, the previous password or distributed environment in which both the security a secret and performance should be maintained and key. This expression may be a proprietary device, or a mobile phone which runs Securing authentication Future the use of biometrics for identification. If a credit sensitive data scheme for and the improved. on software’s which are free There are several concerns surrounding users enhancement by providing additional functionality like more authentication mechanism can be added to provide more security. card or key is lost or stolen, the card can be VI. References cancelled; the locks can be changed and replaced. However, if biometric data is compromised, there are a finite number of replacements, as a person has only 10 fingers, two eyes, etc. Another concern is the possibility that sensors which require contact could be unsanitary. Ensuring the privacy and security of biometric data is also of concern, as [1] “Privacy-Preserving Distributed Mining of Association Rules on Horizontally Partitioned Data”, by Murat Kantarcioglu and Chris Clifton, in IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, SEPTEMBER 2004 users will be unlikely to accept the technology if information could potentially be tampered with, [2] “A Novel Approach for Secure Mining of Horizontally Distributed Databases”, by Wasudev. stolen or otherwise misused[4]. W. Pingle, Prof. S.S. Banait, in International Journal V. Conclusion Authentication, which of Computer Science and Mobile Computing. provides user [3] “Multi factor Authentication in Cloud revocation and prevents replay attacks. The Computing for data storage Security”, by Deepa distributed system does not identity of the user who Panse, P. Haritha, in International Journal of stores information or access the information, but Advanced Research in Computer science and only verifies the user credentials. Distribution of software key is done in a decentralized way. With the growth in scale of distributed systems, security has become a major concern and a limiting factor in Engineering, August 2014. [4] “An Introduction to Biometric Recognition”, by Anil K. Jain, Fellow, Arun Ross and Salil Prabhakar, CIRCUITS in IEEE TRANSACTIONS ON AND SYSTEMS TECHNOLOGY, January 2004 FOR VIDEO
