Probable Defense Representation for Session Transfer and Network Services Using OTP

Authors

  • A. Thamizhiniyal   Assistant Professor, Department of Computer Science, Bon Secours College for Women, Thanjavur, Tamil Nadu, India

DOI:

https://doi.org//10.32628/CSEIT1951126

Keywords:

Combinationarial Optimization Identification, Public Key Infrastructure, Partial Forward Secrecy.

Abstract

Internet network security is a branch of computer sciences often involving browser security, network security, applications and operating systems to keep the internet as a secure channel to exchange information by reducing the risk and attacks. There are a number of studies that have been conducted in this field resulting in the development of various security models to achieve internet security. However, periodic security reports and previous studies prove that the most secure systems are not immune from risk and much effort is needed to improve internet security. This paper proposed a simple security model to improve internet applications security and services protections, specified access control, cryptographic, cookies and session managements, defense programming practices, care for security from early stage on development life cycle, use hardware authentication techniques in access control, then propose cryptographic approach by mix MD5 with Based64, consider session and cookies types and ways to keep it secure. Additionally, these practices discussed the most important web security vulnerability and access control weakness and how to overcome such weaknesses, proposed an approach to measure, analyze and evaluate security project according to software quality standard ISO 25010 by using Liker scale, finally ended by case study. The effort of this paper represents a set of techniques and tips that should be applied within each web application development process to maintain its security.

References

  1. Michel Abdalla, Pierre-Alain Fouque, and David Pointcheval, “Password-Based Authenticated Key Exchange in the Three-Party Setting”, IEEE Proceedings on InformationSecurity, Volume 153, number 1, March 2006 , pp. 27-39.
  2. Whitefield Diffie, Martin E. Hellman, “New directions in cryptography”, IEEE Transactions on Information Theory, pp. 644-654,1976.
  3. Behrouz A. Forouzan, Cryptography and network security, Tata McGraw-Hill, 2007.
  4. Hyun-SeokKim ,Jin-Young Choi, “Enhanced passwordbased simple three-party key exchange protocol”, Elsevier, Computers and Electrical Engineering, 35, pp.107–114,2009.
  5. Yuanhui Lin, MengboHou, Qiuliang Xu, “Strongly password based three party authenticated key exchange protocol”, Ninth International conference on Computational Intelligence and security, IEEE, pp. 555- 558,2013.
  6. Rongxing Lu, Zhenfu Cao, “Simple three-party key exchange protocol”, Elsevier, computers & security 26, pp. 94-97,2007.
  7. Chao Lv , MaodeMab, Hui Li, JianfengMaa, Yaoyu Zhang, “An novel three-party authenticated key exchange protocol using one-time key”, Elsevier, Journal of Network and Computer Applications (36), pp. 498–503,2013.
  8. Alfred Menezes, BerkantUstaoglu, “On reusing ephemeral keys in Diffie Hellman key agreement protocol”,International Journal of Applied Cryptography,ACM,pp. 154-158, 2010.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2019-03-30

Issue

Volume 5, Issue 2, March-April-2019

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
A. Thamizhiniyal , " Probable Defense Representation for Session Transfer and Network Services Using OTP, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 5, Issue 2, pp.360-364, March-April-2019. Available at doi : https://doi.org/10.32628/CSEIT1951126