Multi-Layer Token Based Authentication Through Honey Password in Fog Computing

Multi-Layer Token Based Authentication Through Honey Password in Fog Computing

Praveen Kumar Rayani (CSE Department, VEMU Institute of Technology, Tirupati, India), Bharath Bhushan (CSSE Department, Sree Vidyanikethan Engineering College (SVEC), Tirupati, India) and Vaishali Ravindra Thakare (CSE Department, Koneru Lakshmaiah Education Foundation (KLEF), Guntur, India)
Copyright: © 2018 |Pages: 13
DOI: 10.4018/IJFC.2018010104

Abstract

This article describes how fog computing empowers network resource utilization by providing services to low bandwidth users in cloud environment. Here, authentication mechanisms are used by fog nodes while providing services to end users. In cloud computing there are several types of authentication mechanisms, in which token based authentication takes less time for validating password. The proposed technique uses token based authentication mechanism with honey password. The aim of this article is to focus on multi-layer token based authentication for identifying the authorized user at fog node. In authentication phase end user instantaneously frame his user account password with honey password that makes illusion to shoulder surfers password has changed. The proposed mechanism avoids and detects shoulder surfing attacks, password guessing attacks, and application denial of service attacks.
Article Preview

1. Introduction

Past few years’ usage of IoT devices has increasing tremendously in almost all application areas. Cloud computing fail to meet requirements such as mobility support, geo-graphical distribution, location-awareness and low latency (Bonomi et al., 2012; Zhu et al., 2013; “Fog Computing,” 2016). It makes challenge to cloud computing platform through large data computations. If N number of devices directly communicate with cloud server leads to overload of the cloud server. It can solve by decentralizing the cloud architectures through edge computing at end users. The processing of received data is done at edge nodes, which helps in efficient utilization of bandwidth and significant reduction of load on the cloud servers. Edge computing enables computing operations directly at edge of the network, but security is the major concern in fog computing. List of security issues has shown in Figure 1.

Figure 1.

Fog computing security issues

In business applications, every bit of information also plays major role. It requires five-point methods to maintain business information in safe state. That is confidentiality, integrity, authentication, authorization, and non-repudiation (Maher Abdelshkour, 2015). If any point lost in five points method leads to unsafe state of information. If the information is moving from Machine to Machine, or Human to Machine requires authentication to validate human or device with valid credentials.

In user authentication, the selection and distribution of key is given as highest priority in information security field. Keys are divided into three types i.e.:

  • 1.

    Physical key: Physical key studies on biometrics those are finger print reorganization, face reorganization, iris, ear, hand-writing reorganization etc. Usages of physical key applications are banking organizations, defense organizations, and personal computers etc.;

  • 2.

    Logical key: Logical Key studies on text based passwords and picture based passwords. It requires some knowledge to human for remember the key. Usages of logical key applications are personal computers, mobile devices, web content delivery and so on;

  • 3.

    Mixed key: Mixed Key studies on both physical and logical keys. It requires some knowledge to human for remembering the key. Usages of mixed key applications are smart phones, personal computers, and ATM machines etc.

Either profitable or non-profitable organizations exchanging digital information between two parties requires authentication. If authentication has successful then only system checks authorization process of the user. If both authentication and authorization has successful then the user is allowed to access fog services like computing, storage, and networking. With the help of fog computing the fog nodes detect unauthorized, unlawful activities before reaching the cloud data center. Recent report says (Bradley, 2015) the insider attacks are increased to 31.5% and outsider attacks are increased to 45%, compare to outsider attacks; but the insider attacks are potentially dangerous.

The rest of the paper is organized as follows: Section 2 focuses on problem statement. In section 3 described about background work (about fog computing, cloud computing, and authentication). Section 4 described about threats on fog computing. Section 5 discusses on our proposed method on multi-layer passwords in token based authentication. Experimental results and discussion are presented in Section 6. We conclude our work in Section 7.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 2: 2 Issues (2019): Forthcoming, Available for Pre-Order
Volume 1: 2 Issues (2018)
View Complete Journal Contents Listing