Insider Attack Protection: Lightweight Password-Based Authentication Techniques Using ECC

The radical advancement in web services has drawn more attention toward intensifying the security of numerous applications that interact and serve the Internet users. In order to access the different applications on the web, users need to disclose their personal credentials such as username and pass...

Full description

Saved in:
Bibliographic Details
Published in:IEEE systems journal 2020-06, Vol.14 (2), p.1972-1983
Main Authors: Rajamanickam, Siranjeevi, Vollala, Satyanarayana, Amin, Ruhul, Ramasubramanian, N.
Format: Article
Language:English
Subjects:
Algorithms
Authentication
Cryptography
Elliptic curve cryptography (ECC)
Entropy
insider attacks
Organizations
Password
password-management server (PMS)
Passwords
Protocol
Protocol (computers)
Protocols
security
Web services
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The radical advancement in web services has drawn more attention toward intensifying the security of numerous applications that interact and serve the Internet users. In order to access the different applications on the web, users need to disclose their personal credentials such as username and password to the servers to get authenticated. This private information should be prevented from being exploited due to different security attacks that will result in illegal activities. Securing the systems from several attacks is vital. In comparison to all the security attacks, insider attacks are devastating due to the privilege the insiders of an organization possess to breach the information, which results in irrecoverable damage to both user and the organization. Numerous protocols were proposed to secure the system from insider attacks but proved to be inefficient. This article puts forward a novel authentication protocol for insider attacks based on a robust cryptographic algorithm, ECC. The informal security analysis of the protocol reveals that the proposed protocol is not only immune to insider attacks but also prevents several attacks. It shows that the protocol is relatively better than other existing protocols in terms of computational cost and communication overhead with high level of security.
ISSN:1932-8184
1937-9234
DOI:10.1109/JSYST.2019.2933464