Abstract
Port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports in order to prevent attackers from discovering and exploiting potentially vulnerable services on a network host while allowing authenticated users to access these services [19]. We extend the implementations of secure port knocking systems from traditional servers and desktop clients to mobile client/server applications as an authentication technique to securely protect resources hosted by mobile servers. More specifically, our research objective primarily focuses on developing a secure authentication framework, utilizing secure port knocking techniques coupled with Open Authorization (OAuth) standard, for accessing smart mobile devices while acting as Web service providers/hosts that are located behind and protected by the Internet Service Provider (ISP) perimeter firewall; that way the mobile clients have to be authenticated by two different authentication mechanisms/layers that are independent from each other before these clients are granted access to the protected resources.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Hadi, A., Al-Bahadili, H.: A hybrid port-knocking technique for host authentication. IGI-Global Knowledge Disseminator (2012)
Hadi, A., Al-Bahadili, H.: Network security using hybrid port knocking. IJCSNS Int. J. Comput. Sci. Netw. Secur. 10(8), 8–12 (2010)
Gibbons, K., O’Raw, J., Curran, K.: Security evaluation of the OAuth 2.0 framework. Inf. Manage. Comput. Secur. 22(3), December 2014. ISSN: 0968-5227
DeGraaf, R., Aycock, J., Jacobson, M.: Improved port knocking with strong authentication. Department of Computer Science, University of Calgary, Calgary, Alberta, Canada (2005)
ArchLinux: Port Knocking (2016). https://wiki.archlinux.org/index.php/Port_knocking. Accessed Dec 2016
Vasserman, E., Hopper, N., Tyra, J.: SilentKnock: practical, provably undetectable authentication. Int. J. Inf. Secur. 8, 121–135 (2009). Springer-Verlag (2008)
Fideloper: Managing the Iptables Firewall (2013). http://fideloper.com/iptables-tutorial. Accessed Nov 2016
Internet Engineering Task Force (IETF): The OAuth 2.0 Authorization Framework. Request for Comments: 6749 (2012). https://tools.ietf.org/html/rfc6749
Ellingwood, J.: How to choose an effective firewall policy to secure your servers (2015). https://www.digitalocean.com/community/tutorials/how-to-choose-an-effective-firewall-policy-to-secure-your-servers. Accessed Nov 2016
Boroumand, L., Shiraz, M., Gani, A., Khan, S., Shah, S.: A review on port-knocking authentication methods for mobile cloud computing. Center for Mobile Cloud Computing Research (C4MCCR), Faculty of Computer Science and Information Technology, University of Malaya, Kuala Lumpur, Malaysia (2014)
Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals. http://www.thegeekstuff.com/2011/01/iptables-fundamentals. Accessed Nov 2016
Demircioglu, M.: Analysis of port knocking mechanism. A master’s Thesis in Computer Engineering, Atilim University (2009)
Doyle, M.: Implementing a port knocking system in C. Physics Honor Thesis, The University of Arkansas (2004)
Krzywinski, M.: Port knocking: network authentication across closed ports. SysAdmin Magazine 12, 12–17 (2003). http://www.portknocking.org/docs/krzywinski-portknocking-sysadmin2003.pdf
Membrane OAuth Authentication. http://membrane-soa.org/service-proxy-doc/4.2/security/oauth2. Accessed Sept 2016
Shrestha, N.: Wireshark – network protocol analyzer tool for RHEL/CentOS/Fedora (2016). http://www.tecmint.com/wireshark-network-protocol-analyzer-tool-for-rhelcentosfedora. Accessed Nov 2016
Barham, P., Hand, S., Isaacs, R., Jardetzky, P., Mortier, R., Roscoe, T.: Techniques for lightweight concealment and authentication in IP networks. Intel Research, Technical report IRB-TR-02-009, 25 July 2002
Port Knocking: Port knocking implementations (2013). http://www.portknocking.org/view/implementations. Accessed June 2016
Port Knocking. https://en.wikipedia.org/wiki/Port_knocking. Accessed June 2016
Nelson, R.: Reverse proxy using NGINX Plus (2014). https://www.nginx.com/blog/reverse-proxy-using-nginx-plus. Accessed Nov 2016
TcpDump & LibPCap. http://www.tcpdump.org. Accessed Oct 2016
TCPWrite. http://tcpreplay.synfin.net/tcprewrite.html. Accessed Oct 2016
TCPReplay, PCap Editing & Replay Tools for *NIX. http://tcpreplay.synfin.net/wiki/tcprewrite. Accessed Oct 2016
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Mohamed, K., Wijesekera, D., Costa, P.C. (2017). An Authentication Mechanism for Accessing Mobile Web Services. In: Younas, M., Awan, I., Holubova, I. (eds) Mobile Web and Intelligent Information Systems. MobiWIS 2017. Lecture Notes in Computer Science(), vol 10486. Springer, Cham. https://doi.org/10.1007/978-3-319-65515-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-65515-4_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-65514-7
Online ISBN: 978-3-319-65515-4
eBook Packages: Computer ScienceComputer Science (R0)