Probable Defense Representation for Session Transfer and Network Services Using OTP

Authors(1) :-A. Thamizhiniyal

Internet network security is a branch of computer sciences often involving browser security, network security, applications and operating systems to keep the internet as a secure channel to exchange information by reducing the risk and attacks. There are a number of studies that have been conducted in this field resulting in the development of various security models to achieve internet security. However, periodic security reports and previous studies prove that the most secure systems are not immune from risk and much effort is needed to improve internet security. This paper proposed a simple security model to improve internet applications security and services protections, specified access control, cryptographic, cookies and session managements, defense programming practices, care for security from early stage on development life cycle, use hardware authentication techniques in access control, then propose cryptographic approach by mix MD5 with Based64, consider session and cookies types and ways to keep it secure. Additionally, these practices discussed the most important web security vulnerability and access control weakness and how to overcome such weaknesses, proposed an approach to measure, analyze and evaluate security project according to software quality standard ISO 25010 by using Liker scale, finally ended by case study. The effort of this paper represents a set of techniques and tips that should be applied within each web application development process to maintain its security.

Authors and Affiliations

A. Thamizhiniyal
Assistant Professor, Department of Computer Science, Bon Secours College for Women, Thanjavur, Tamil Nadu, India

Combinationarial Optimization Identification, Public Key Infrastructure, Partial Forward Secrecy.

  1. Michel Abdalla, Pierre-Alain Fouque, and David Pointcheval, “Password-Based Authenticated Key Exchange in the Three-Party Setting”, IEEE Proceedings on InformationSecurity, Volume 153, number 1, March 2006 , pp. 27-39.
  2. Whitefield Diffie, Martin E. Hellman, “New directions in cryptography”, IEEE Transactions on Information Theory, pp. 644-654,1976.
  3. Behrouz A. Forouzan, Cryptography and network security, Tata McGraw-Hill, 2007.
  4. Hyun-SeokKim ,Jin-Young Choi, “Enhanced passwordbased simple three-party key exchange protocol”, Elsevier, Computers and Electrical Engineering, 35, pp.107–114,2009.
  5. Yuanhui Lin, MengboHou, Qiuliang Xu, “Strongly password based three party authenticated key exchange protocol”, Ninth International conference on Computational Intelligence and security, IEEE, pp. 555- 558,2013.
  6. Rongxing Lu, Zhenfu Cao, “Simple three-party key exchange protocol”, Elsevier, computers & security 26, pp. 94-97,2007.
  7. Chao Lv , MaodeMab, Hui Li, JianfengMaa, Yaoyu Zhang, “An novel three-party authenticated key exchange protocol using one-time key”, Elsevier, Journal of Network and Computer Applications (36), pp. 498–503,2013.
  8. Alfred Menezes, BerkantUstaoglu, “On reusing ephemeral keys in Diffie Hellman key agreement protocol”,International Journal of Applied Cryptography,ACM,pp. 154-158, 2010.

Publication Details

Published in : Volume 5 | Issue 2 | March-April 2019
Date of Publication : 2019-03-30
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 360-364
Manuscript Number : CSEIT1951126
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

A. Thamizhiniyal , "Probable Defense Representation for Session Transfer and Network Services Using OTP", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 5, Issue 2, pp.360-364, March-April-2019. Available at doi : https://doi.org/10.32628/CSEIT1951126
Journal URL : http://ijsrcseit.com/CSEIT1951126

Article Preview