CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

A Framework for User Authentication and Authorization using Request based One Time Passkey and User Active Session Identification

by Boopathy D., M. Sundaresan
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 172 - Number 10
Year of Publication: 2017
Authors: Boopathy D., M. Sundaresan
10.5120/ijca2017915213

Boopathy D., M. Sundaresan . A Framework for User Authentication and Authorization using Request based One Time Passkey and User Active Session Identification. International Journal of Computer Applications. 172, 10 ( Aug 2017), 18-23. DOI=10.5120/ijca2017915213

@article{ 10.5120/ijca2017915213,
author = { Boopathy D., M. Sundaresan },
title = { A Framework for User Authentication and Authorization using Request based One Time Passkey and User Active Session Identification },
journal = { International Journal of Computer Applications },
issue_date = { Aug 2017 },
volume = { 172 },
number = { 10 },
month = { Aug },
year = { 2017 },
issn = { 0975-8887 },
pages = { 18-23 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume172/number10/28287-2017915213/ },
doi = { 10.5120/ijca2017915213 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:19:59.199952+05:30
%A Boopathy D.
%A M. Sundaresan
%T A Framework for User Authentication and Authorization using Request based One Time Passkey and User Active Session Identification
%J International Journal of Computer Applications
%@ 0975-8887
%V 172
%N 10
%P 18-23
%D 2017
%I Foundation of Computer Science (FCS), NY, USA
Abstract

One-time password is currently used as one of the user authentication mechanisms. To avoid the username and password vulnerability, the two-way authentication mechanism has come into being, to provide security to the user at the login time. Many online service providers are using the two-way authentication mechanism as a key to identify whether the login user or service request person is a right one or not. To add more security to the user session, the Session Identification (SID) has been used. The user authentication and the user authorization are important for online transactions and web-related transaction services. Existing OTP methods are widely used by many service providers as it is, or with a little modification. This paper proposes Request-based One-Time Password (ROTP) as a new type of OTP mechanism and in the SID, the ROTP value is used as Active Session Identification (ASID) value. Inside Data Ownership Country Access (IDOCA) and Outside Data Ownership Country Access (ODOCA) data access permission rights are assigned to authorize the users. The proposed method satisfies the evaluation parameter and gives the satisfied result in the testing level environment.

References
  1. http://blogs.forgerock.org/petermajor/2014/02/one-time-passwords-hotp-and-totp/
  2. https://en.wikipedia.org/wiki/One-time_password
  3. Aaron Halfaker, Oliver Keyes, Daniel Kluver, Jacob Thebault-Spieker, Tien Nguyen, Kenneth Shores, Anuradha Uduwage, Morten Warncke-Wang, “User Session Identification Based on Strong Regularities in Inter-activity Time”, International World Wide Web Conference Committee (IW3C2), WWW 2015, ACM 978-1-4503-3469-3/15/05, May 18–22, 2015, Florence, Italy pp- 410 – 418.
  4. http://searchsoftwarequality.techtarget.com/definition/session-ID
  5. C. E. Dinuca, D. Ciobanu, “Improving the Session Identification Using the Mean Time”, International Journal Of Mathematical Models and Methods in Applied Sciences, Issue 2, Volume 6, 2012, Pp-265 – 272.
  6. Vijay Kumar Padala, Sayeed Yasin, Durga Bhavani Alanka, “A Novel Method for Data Cleaning and User- Session Identification for Web Mining” International Journal of Modern Engineering Research (IJMER), Vol. 3, Issue. 5, Sep - Oct. 2013, pp-2816-2819.
  7. http://blogs.forgerock.org/petermajor/page/2/
  8. http://blogs.forgerock.org/aggregator/category/oath/
  9. https://en.wikipedia.org/wiki/Base64
  10. http://stackoverflow.com/questions/861911/whats-the-size-of-an-asp-net-3-5-session-id
  11. http://stackoverflow.com/questions/12240922/what-is-the-length-of-a-php-session-id-string
  12. https://www.owasp.org/index.php/Insufficient_Session-ID_Length
  13. Young-Hwa An, "Security improvements of dynamic ID-based remote user authentication scheme with session key agreement," 2013 15th International Conference on Advanced Communications Technology (ICACT), PyeongChang, 2013, pp. 1072-1076.
  14. S. M. Kim, Y. H. Goo, M. S. Kim, S. G. Choi and M. J. Choi, "A method for service identification of SSL/TLS encrypted traffic with the relation of session ID and Server IP," 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS), Busan, 2015, pp. 487-490.
  15. https://en.wikipedia.org/wiki/Session_ID
  16. Priyanka Patel, Mitixa Parmar, “Review on User Session Identification through Web Server Log”, International Journal of Computer Science and Information Technologies, Vol. 5 (1), 2014, pp-146-148.
  17. Priyanka Patel, Mitixa Parmar, “Improve Heuristics for User Session Identification through Web Server Log in Web Usage Mining”, International Journal of Computer Science and Information Technologies, Vol. 5 (3), 2014, pp-3562-3565.
  18. R. Tahir, H. Hu, D. Gu, K. McDonald-Maier and G. Howells, "A Scheme for the Generation of Strong ICMetrics Based Session Key Pairs for Secure Embedded System Applications," 2013 27th International Conference on Advanced Information Networking and Applications Workshops, Barcelona, 2013, pp. 689-696.
  19. X. Wang, M. J. Sheng, Y. Y. Lou, Y. Y. Shih and M. Chiang, "Internet of Things Session Management Over LTE—Balancing Signal Load, Power, and Delay," in IEEE Internet of Things Journal, vol. 3, no. 3, pp. 339-353, June 2016.
  20. Boopathy.D and Dr.M.Sundaresan, “Secured Cloud Data Storage – Prototype Trust Model for Public Cloud Storage”. Proceedings of International Conference on Information and Communication Technology for Sustainable Development – Volume I, Springer AISC, Volume 408, ISSN 2194-5357. Online ISBN 978-981-10-0129-1, ISBN 978-981-10-0127-7, DOI: 10.1007/978-981-10-0129-1_35, CSI Ahmadabad chapter and ACM Udaipur Chapter, The Pride Hotel, Ahmadabad, 03 – 04, Jul 2015, pp 329 - 337.
  21. Boopathy.D and Dr.M.Sundaresan, “Securing Public Data Storage in Cloud Environment”. ICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India – Volume I, Springer AISC, Volume 248, ISBN 978-3-319-03107-1, Visakhapatnam, 13 – 15, Dec 2013, pp 555 -562.
  22. Boopathy.D and Dr.M.Sundaresan, “Policy Based Data Encryption Mechanism Framework Model for Data Storage in Public Cloud Service Deployment Model”. Proceedings of 2013 Elsevier Fourth International Joint Conference on Advances in Computer Science (AET 2013), ISBN 978-93-5107-193-8. Haryana, India, 13 – 14, Dec 2013, pp 423 – 429.
  23. Boopathy.D and Dr.M.Sundaresan, “Enhanced Encryption and Decryption Gateway Model for Cloud Data Security in Cloud Storage”. Emerging ICT for Bridging the Future - Proceedings of the 49th Annual Convention of Computer Society of India – Volume II, Springer AISC, Volume 338, ISSN 2194-5357, ISBN 978-3-319-13730-8, DOI: 10.1007/978-3-319-13731-5_45, Hyderabad, 12 – 14, Dec 2014, pp 415 - 421.
  24. Boopathy.D and Dr.M.Sundaresan, “Data Encryption Framework Model with Watermark Security for Data Storage in Public Cloud Model”. Proceedings of 2014 IEEE Eighth International Conference on Computing for Sustainable Global Development (INDIACom - 2014), ISSN 0973-7529 ISBN 978-93-80544-11-3, Bharati Vidyapeeth’s Institute of Computer Applications and Management (BVICAM), New Delhi, 05 – 07, Mar 2014, pp 1040 – 1044.
  25. Boopathy.D and Dr.M.Sundaresan, “Framework Model and Algorithm of Request based One Time Passkey (ROTP) Mechanism to Authenticate Cloud Users in Secured Way”. In: 3rd International Conference on “Computing for Sustainable Global Development (INDIACom-2016)”, ISSN 0973-7529; ISBN 978-93-80544-20-5, Bharati Vidyapeeth’s Institute of Computer Applications and Management (BVICAM), New Delhi (INDIA), 16 – 18, Mar 2016, pp 5317 - 5322.
Index Terms

Computer Science
Information Sciences

Keywords

Session Identification One-Time Password User Authentication Web Services Cloud Security.

Powered by PhDFocusTM