Abstract
In the Internet and distributed systems, we can always access many application servers for gaining many information or electronic business processing, etc. Despite of those advantages of information technology, there have been also many security problems that many unauthorized users attack our network and computer systems for acquiring many information or destroying our resources. In this paper, we propose a client authentication model that uses two authentication server systems, duplicated authentication. Before a client requests information processing to application web servers, the user acquire session password from two authentication servers. The proposed client authentication model can be used making high quality of computer security using the two authentication procedures, user’s password and authentication password. The second password by two authentication servers is used in every request transaction without user’s input because of storing to client’s disc cache when a session is opened first. For more secure authentication we can close session between client and server if a request transaction is not created during a time interval. And then user will acquire authentication password again using logon to the authentication servers for requesting information processing. The client authentication procedure is needed to protect systems during user’s transaction by using duplicated password system. And we can detect intrusion during authorized client’s transaction using our two client authentication passwords because we can know immediately through stored client authentication password when a hackers attack our network or computer systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dhillon, G.: Information Security Management: Global Challenges in the New Millennium, Hershey, Pa. Idea Group Publishing (2001)
Oppliger, R.: Security Technologies for the World Wide Web, Boston. MA Artech House, Inc. (2000)
Stallings, W.: Network Security Essentials: Application and Standards. Prentice-Hall, Englewood Cliffs (1999)
Kaufman, C., Perlman, R., Speciner, M.: Network Security: Private Communication in a Public World. Prentice-Hall, Englewood Cliffs (1995)
Stallings, W.: Cryptography and Network Security: Principles and Practice. Prentice-Hall, Englewood Cliffs (1999)
Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
Bellovin, S.M., Merritt, M.: An Attack on the Interlock Protocol When Used for Authentication. IEEE Transactions on Information Theory 40(1), 273–275 (1994)
Halevi, S., Krawczyk, H.: Public-key Cryptography and Password Protocols. ACM Transactions on Information and System Security 2(3), 230–268 (1999)
Furuya, S.: Slide Attacks with a Known-Plaintext Cryptanalysis. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 214–225. Springer, Heidelberg (2002)
Giles, J., Sailer, R., Verma, D., Chari, S.: Authentication for Distributed Web Caches. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 126–145. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, JW. (2005). Client Authentication Model Using Duplicated Authentication Server Systems. In: Kim, T.G. (eds) Artificial Intelligence and Simulation. AIS 2004. Lecture Notes in Computer Science(), vol 3397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30583-5_69
Download citation
DOI: https://doi.org/10.1007/978-3-540-30583-5_69
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24476-9
Online ISBN: 978-3-540-30583-5
eBook Packages: Computer ScienceComputer Science (R0)