trigon based authentication, authorization and distribution of encrypted keys with globus middleware...

TRIGON BASED AUTHENTICATION, AUTHORIZATION AND

DISTRIBUTION OF ENCRYPTED KEYS WITH GLOBUS MIDDLEWARE

Anitha Kumari K08MW01

II ME – Software Engineering

CONTENTS

Introduction Work Done Problem Definition Existing System Proposed Methodology Feasibility Analysis and System Requirements Scope Results Literature Survey Publications References Conclusion Timeline Chart

INTRODUCTION

Grid computing involves the formation of dynamic virtual organizations including groups of individuals as well as associated resources where security is an important criteria.

Proposed methodology mainly aims to provide more security based on trigon based authentication and authorization and then distribution of channels with key take place by hash algorithm using GLOBUS as middleware

In the distributed channel users join and communicate with other group members using this key.

Provides Secure communication and dynamic groups.

WORK DONE

KEY DISTRIBUTION

Whenever a user join the keys are generated dynamically and encoded using MD5 and each member communicates with the other group members using this key.

TRIGON BASED AUTHENTICATION

Proposed a dual trigon based authentication, which will authenticate the user by a combined mechanism of two files, namely, authentication file and backend file and then allows the user to authorize the resources.

PROBLEM DEFINITION

Taking the security as the main constraint in grid computing environment, we are proposing a trigon based authentication and authorization, and then distribution of channels by MD5 algorithm to reduce computational load using GLOBUS as middleware.

EXISTING SYSTEM

Separate authentication and authorization protocol is used.

Key Distribution is slow . No forward/backward secrecy. computational cost high – ‘n’ encryption and ‘n’

unicast

PROPOSED METHODOLOGY

Trigon based authentication and authorization is used to maintain strong security by splitting the password and storing in two files.

Distribution of channels by MD5 algorithm

MODULES1.Authentication2.Authorisation3.Distribution of Channels4.File transfer5.Formation of Virtual Organization

TRIGON BASED AUTHENTICATION ALGORITHM

REGISTRATION

User registers with username and password Authentication file generates the three sides of the trigon a, a’ and

a’’Determines variance and the product of the sides Vaa’ and Paa’

where Vaa’=a-a’ Paa’ = a * a’

Save α and username in authentication file and forwards username, Vaa’ and Paa’ to Backend file where

Backend file saves Vaa’ and Paa' for the corresponding username

α =2P aa '− a ''2

REGISTRATION – FLOW DIAGRAM

Contd…

AUTHENTICATIONUser LoginP AI is the ASCII-interpreted value of the given passwordCalculate pi and AI(i) where

P AI(i) / 10 pow n-2 ; if P AI (i) ≥ 180

Pi = {

P AI(i)/ 10 pow n-3 ; else

AI(i) = Pi/2;Authentication file sends αi and username to backend fileBackend File determines AT(i) and sends to authentication file where

AT(i) = αi + Vaa’i 2Paa‘i

If Sin AI(i) = ( 1- ATi / 2 ) ½ then token is issued for authorization

FLOW DIAGRAM - AUTHENTICATION

FEASIBILITY ANALYSIS AND SYSTEM REQUIREMENTS

The methods used here utilized the fundamental properties of the trigon and the trigon parameters, made the grid more secure as the alienated passwords had been derived from these trigon parameters

Key distribution using hash function provides more security

Operating system - Linux RHEL5

Programming language - Java

SCOPE

The implementation of dual authentication method provide effective performance , security and paying the way to valid users for access with the VO for resource sharing such as efficient computational channel distribution with help of MD5 algorithm

Forward/backward Secrecy maintained. Reduction of computation and communication cost. Dynamic rekey operations and no need of resources. Highly scalable Online chat groups

RESULTS

1.Usernames, Passwords and the trigon parameters based on the user passwords provided at the time of registration

2. The authentication parameters derived from the trigon parameters, the authentication code status and the outcome obtained from authentication of the user.

3. Number of Nodes and Distribution Time

in seconds

4.Graph-Number of nodes Vs Distribution time in seconds

5.SAMPLE OUTPUT

eff3.stdout User Name : sud Password : sudhiAlpha : -3.5455917266588135E10 Vp : -196944.0 Pp : 2.32466659417E11Token is : 0.0071645152852578735Pi : 90.4105Authentication token <At> 0.0071645152852578735User Token : 0.4964177423574 RegToken :0.4964177423574Valid User file length: 2hash: e44fea3bec53bcea3b7513ccef5857acNew channel discovered cse

JOB SUBMISSION

LITERATURE SURVEY

An Computation-Efficient Multicast Key Distribution. Key Establishment in Large Dynamic Groups Using

One-Way Function Trees - Centralized Hierarchical Methods - One-way function trees

A Simple User Authentication Scheme for Grid Computing

A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication

PUBLICATIONS

AUTHENTICATION PUBLICATION

"International Journal of Computer Science and Information Security" Dec 2009, vol 6, pp (064-072).

Accepted in National level Conference (NCSSS) in BIT.

REFERENCES

1.Rongxing Lu, Zhenfu Cao, Zhenchuan Chai, and Xiaohui Liang, "A Simple User Authentication Scheme for Grid Computing, International Journal of Network Security, vol.7, no.2, Pp.202–206, September 2008.2.J. Crampton, H.W.Lim, K.G.Paterson and G.Price, "A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication" In Proceedings of the 6th Annual PKI R&D Workshop 2007, pp. 103-118, Gaithersburg, Maryland, USA, 2007.3.Computation-Efficient Multicast Key Distribution

-Lihao Xu, Senior Member, IEEE, and Cheng Huang, Member, ieee transactions on parallel and distributed systems, vol. 19, no. 5, may 20084.Key Establishment in Large Dynamic Groups Using One-Way Function Trees

-Alan T. Sherman and David A. McGrew, Member, ieee transactions on software engineering, vol. 29, no. 5, may 2003

CONCLUSION

The implementation of our dual authentication protocol showed its effective performance in pinpointing the adversaries and paying the way to valid users for access with the VO for resource sharing such as efficient computational channel distribution with help of MD5 algorithm. So the utilization of this scheme will make the grid environment more secure

TIMELINE CHART

Jan Feb-March

Trigon based authentication

Trigon based authorization and distribution of

channels

TIME

MODULES

April-May 2010

File Transformation and Formation of Virtual

Organization

THANK YOU