Article Preview
TopIntroduction
There are number of techniques used to prevent from various attacks such as web proxy attack, insider attack, outsider attack, etc. First, insider attack includes access to resource such as data and computer systems, and services inside the organization networks as they are having valid credentials. Second, the actions of insiders initiate at a trusted network, subject to thorough security checks in the same way as external actions are. For instance, there is often no internal firewall within the organization network. Third, insiders are often highly trained computer experts, who have knowledge about the internal configuration of the network. For access control, authentication and authorization of users, they use various local passwords. Several passwords allow different user to access the device for various purposes. Researchers are interested with developing security techniques in several applications (Tchepnda et al.,2009; Bouchemal et al., 2013; Jain & Asawa, 2015; Solanki et al., 2016; Sawlikar et al., 2016; Dey, & Santhi, 2016; Pandey, &Rawat, 2016; Dey, 2017; Chakraborty et al., 2017; Shelke, & Prasad, 2017).
Proposed system works to ensure different user role along with smart device taken into account for authorization and authentication to have access to the system. In the distributed environment for application or data access control is more challenging task, as security management by a single central authority might not be possible or could be more resource overhead. To define problem correctly, author use a specific user role, i.e., user, auditor, scientist, etc. Proposed scheme motivates for a mutual authentication between the user and the application server, and a dynamic authorization for each user role by computing the attribute based hash code likewise digital signature. Every user-role is assigned dynamically based on attribute-based access control using different access policy with (mode of access, department, location, access behavior, device for using system) attributes provided by each user and attributes retrieved by system diagnosing.
Defeats different outsider attacks as well as insider attacks, including man in middle attacks, replay attacks, integrity breaking, attacks by customer, known key attacks, and repudiation attacks. It also prevents insider attacks where (i) a user accesses the device with the token information of his/her friend or family member without notifying them, and (ii) a rogue device is installed by a legitimate user in the network.
The user and device authorization is maintained so that each user can perform only those actions those are allowed under the access permissions granted to that particular user. Our scheme provides a two-factor authentication. First the authentication is performed by verifying the identity of each user as well as the device in a batch with the signature verification of each device at the server. Then, a one-time password (OTP) is sent to the user’s mobile phone in order to verify and authenticate the actual user who is accessing the device. A shared secret key is generated between the user and the device for secure and efficient communication using the bilinear pairing technique.
Main goal of our proposed work is to defining user role and attribute for the smart device which can be used to access the application resource. Better system performances by ensuring user identity to use application for data communication. Access behavior authentication based on user policy. User authorization towards the application device.
Objective is to design novel architecture for user and device authentication at application layer. Multilevel user authentication for application use. Smart device encryption for information security by ensuring device. User profiling and monitoring to restrict user access for system performance and security. Proxy server authentication to reduce authentication overhead at server. Problem statement is to proxy based user action authentication and authorization for system resource accessing along with device integrity authentication. To prevent from many well-known outsider attacks as well as insider attacks. To create digital signature for device authentication.