Skip to main content
Springer Nature Link
Log in

Enhancing Distributed Web Security Based on Kerberos Authentication Service

  • Conference paper
Web Information Systems and Mining (WISM 2010)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6318))

Included in the following conference series:

Abstract

The increasing popularity of distributed web has promoted the development of new techniques to support various kinds of applications. However, users are faced with insecurity due to its inherent untrustworthiness. An identity (ID) authentication mechanism was presented. Using Kerberos protocol, Local web and Remote web could authenticate the client. If mutual authentication was required, client could also authenticate Local web and Remote web. Moreover, encryption function in the authentication process adopted Rijndael encryption algorithm of AES (Advanced Encryption Standard). Security analysis proves that this authentication process is no-impersonating and has highly availability, and also shows it is transparent and scalable and resisting attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Seixas, N., Fonseca, J., Vieira, M.: Looking at Web Security Vulnerabilities from the Programming Language Perspective: A Field Study. Software Reliability Engineering 1, 129–135 (2009)

    Google Scholar 

  2. Vieira, M., Antunes, N., Madeira, H.: Using web security scanners to detect vulnerabilities in web services. In: IEEE/IFIP International Conference on dependable systems & networks, vol. 1, pp. 566–571 (2009)

    Google Scholar 

  3. Rehbock, S., Hunt, R.: Trustworthy clients: Extending TNC to web-based environments. Computer Communications 32(5), 1006–1013 (2009)

    Article  Google Scholar 

  4. Basso, A., Sicco, S.: Preventing massive automated access to web resources Computers & Security, vol. 28(3-4), pp. 174–188 (2009)

    Google Scholar 

  5. Yamany, H.F.E.L., Capretz, M.A.M., Allison, D.S.: Intelligent security and access control framework for service-oriented architecture. Information and Software Technology 52(2), 220–236 (2010)

    Article  Google Scholar 

  6. Han, S., Dillon, T., Chang, E.: Secure web services using two-way authentication and three-party key establishment for service delivery. Journal of Systems Architecture 55(4), 233–242 (2009)

    Article  Google Scholar 

  7. Steiner, J.G., Neuman, C., Schiller, J.I.: Kerberos: An Authentication Service for Open Network Systems. In: Proceedings of the 1988 Winter USENIX Conference, pp. 191–202 (February 1988)

    Google Scholar 

  8. Whitman, M.E., Mattord, H.J.: Principles of Information Security, 3rd edn. Thomson Course Technology (2006)

    Google Scholar 

  9. Muda, Z., Mahmod, R., Sulong, M.R.: Key transformation approach for Rijndael security, pp. 290-297 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer and Communication, Lanzhou University of Technology, Lanzhou, 730050, China

    Cao Lai-Cheng

Authors
  1. Cao Lai-Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Business Administration, Caritas Francis Hsu College, 18 Chui Ling Road, Tseung Kwan O, Hong Kong, China

    Fu Lee Wang

  2. Department of Computer and Inforamtion Science, University of Macau, Av. Padre Tomás Pereira, Taipa, Macau, SAR, China

    Zhiguo Gong

  3. School of Computer, Shanghai University, 99 Shangda Road, 200444, Shanghai, China

    Xiangfeng Luo

  4. School of Computer, Nanjing University of Posts and Telecommunications, 210003, Nanjing, China

    Jingsheng Lei

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lai-Cheng, C. (2010). Enhancing Distributed Web Security Based on Kerberos Authentication Service. In: Wang, F.L., Gong, Z., Luo, X., Lei, J. (eds) Web Information Systems and Mining. WISM 2010. Lecture Notes in Computer Science, vol 6318. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16515-3_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16515-3_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16514-6

  • Online ISBN: 978-3-642-16515-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics