Abstract
In this paper, we present the provenance based authentication (PRAN) model, and prototype that aims to strengthen password-based authentication of a system—ensuring legitimacy of a user’s identity by detecting anomalous user logins without the need for other obtrusive authentication factors. The PRAN model utilizes authentication provenance along with traditional methods. We evaluate the prototype with password stealing/sharing use cases. We observe that the PRAN prototype detects anomalous logins, and also legitimate logins thereby preventing applications from allowing anomalous user logins’.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Groth, P., Moreau, L.: PROV-overview. An overview of the PROV family of documents (2013)
Braun, U., Shinnar, A.: A security model for provenance (2006)
Hasan, R., Sion, R., Winslett, M.: The case of the fake Picasso: preventing history forgery with secure provenance. In: FAST, vol. 9, pp. 1–14 (2009)
Syalim, A., Nishide, T., Sakurai, K.: Preserving integrity and confidentiality of a directed acyclic graph model of provenance. In: IFIP Annual Conference on Data and Applications Security and Privacy, pp. 311–318. Springer, Heidelberg (2010)
Park, J., Nguyen, D., Sandhu, R.: A provenance-based access control model. In: 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST), pp. 137–144. IEEE (2012)
Nguyen, D., Park, J., Sandhu, R.: Dependency path patterns as the foundation of access control in provenance-aware systems. In: TaPP (2012)
Sun, L., Park, J., Sandhu, R.: Engineering access control policies for provenance-aware systems. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 285–292. ACM (2013)
Nguyen, D., Park, J., Sandhu, R.: A provenance-based access control model for dynamic separation of duties. In: 2013 Eleventh Annual International Conference on Privacy, Security and Trust (PST), pp. 247–256. IEEE (2013)
Sun, L., Park, J., Nguyen, D., Sandhu, R.: A provenance-aware access control framework with typed provenance. IEEE Trans. Dependable Secur. Comput. 13(4), 411–423 (2016)
Khan, H.Z.U., Zahid, H.: Comparative study of authentication techniques. Int. J. Video Image Process. Netw. Secur. (IJVIPNS) 10(4), 9–13 (2010)
Bonneau, J., Herley, C., Van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: 2012 IEEE Symposium on Security and Privacy, pp. 553–567. IEEE (2012)
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A language for provenance access control. In: Proceedings of the First ACM Conference on Data and Application Security and Privacy, pp. 133–144. ACM (2011)
Miles, S., Groth, P., Munroe, S., Moreau, L.: PrIMe: a methodology for developing provenance-aware applications. ACM Trans. Softw. Eng. Methodol. (TOSEM) 20(3), 8 (2011)
Al-Karkhi, A., Al-Yasiri, A., Linge, N.: Discreet verification of user identity in pervasive computing environments using a non-intrusive technique. Comput. Electr. Eng. 41, 102–114 (2015)
Yampolskiy, R.V., Govindaraju, V.: Behavioural biometrics: a survey and classification. Int. J. Biom. 1(1), 81–113 (2008)
Prud, E., Seaborne, A.: SPARQL query language for RDF (2006)
Buriro, A.: Behavioral biometrics for smartphone user authentication. Ph.D. diss., University of Trento (2017)
Extensible Access Control Markup Language (XACML), version 3.0. Oasis Standard, 22 January 2013
Carroll, J.J., Klyne, G.: Resource Description Framework ({RDF}): Concepts and Abstract Syntax (2004)
Khan, W.Z., Aalsalem, M.Y., Xiang, Y.: A graphical password based system for small mobile devices (2011). arXiv preprint: arXiv:1110.3844
Ruoti, S., Andersen, J., Seamons, K.E.: Strengthening password-based authentication. In: Way@ Soups (2016)
Sun, H.-M., Chen, Y.-H., Lin, Y.-H.: oPass: a user authentication protocol resistant to password stealing and password reuse attacks. IEEE Trans. Inf. Forensics Secur. 7(2), 651–663 (2012)
Reddy, R.S.C., Gopu, S.R.: A dynamic delegation model and prototype for an enterprise context. In: 2017 IEEE Conference on Open Systems (ICOS), pp. 71–76. IEEE (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Reddy, R.S.C., Gopu, S.R. (2019). PRAN: A Provenance Based Model and Prototype to Strengthen Authentication. In: Barolli, L., Takizawa, M., Xhafa, F., Enokido, T. (eds) Web, Artificial Intelligence and Network Applications. WAINA 2019. Advances in Intelligent Systems and Computing, vol 927. Springer, Cham. https://doi.org/10.1007/978-3-030-15035-8_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-15035-8_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15034-1
Online ISBN: 978-3-030-15035-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)