Web-Proxy-Based Authentication and Authorization Mechanism Against Client-Based HTTP Attacks

Int. J. Synth. Emot. Pub Date : 1900-01-01 DOI:10.4018/IJSE.2017010105

Mrunali Bukkawar, Pathan Mohd. Shafi

{"title":"Web-Proxy-Based Authentication and Authorization Mechanism Against Client-Based HTTP Attacks","authors":"Mrunali Bukkawar, Pathan Mohd. Shafi","doi":"10.4018/IJSE.2017010105","DOIUrl":null,"url":null,"abstract":"Therehasbeenahugedevelopmentinhowtoreadadatafromsensordevicesuchasinfrared(IR) device, temperature device, etc. Sensor data collection has wide issues of information security. Informationsecurityisalsothecurrenttopicofdiscussionduetoitsuseinapplicationinvarious fields.Therearenumberofusershavingdifferentuserroleswithsmartdevices.Thesepersonneluse devicesforvariouspurposeslikeaccesstheinformationfromvariousdevicessuchaswirelesssensors sothatasecureandefficientmutualauthenticationandauthorizationschemeisusedinthesmartgrid networktopreventvariousinsiderandoutsiderattacksoninformationordata.Therefore,proposed workdesignnovelapproachtoovercomethatattack,malicioususeranddevicebyauthentication andauthorization.Thetechniqueofauthenticateauthenticateseachuserroledynamicallyusinga signaturebasedaccesscontrolandverifiestheidentityofusertogetherwiththedevice.Accesscontrol mechanismnotonlypreventsunauthorizedaccessbutalsopreventmisuseofdata.Existingsystem generatessharedkeyforeachsessionbutitgenerateshugeoverheadandnotsuitablefortherealworldapplicationssoinproposedsystemweusedpublickeycryptographytoreducetheoverhead. KEyWoRdS Anomaly Detection, Authentication, Authorization, DDoS Attack, SQL Injection","PeriodicalId":272943,"journal":{"name":"Int. J. Synth. Emot.","volume":"76 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Synth. Emot.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/IJSE.2017010105","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Therehasbeenahugedevelopmentinhowtoreadadatafromsensordevicesuchasinfrared(IR) device, temperature device, etc. Sensor data collection has wide issues of information security. Informationsecurityisalsothecurrenttopicofdiscussionduetoitsuseinapplicationinvarious fields.Therearenumberofusershavingdifferentuserroleswithsmartdevices.Thesepersonneluse devicesforvariouspurposeslikeaccesstheinformationfromvariousdevicessuchaswirelesssensors sothatasecureandefficientmutualauthenticationandauthorizationschemeisusedinthesmartgrid networktopreventvariousinsiderandoutsiderattacksoninformationordata.Therefore,proposed workdesignnovelapproachtoovercomethatattack,malicioususeranddevicebyauthentication andauthorization.Thetechniqueofauthenticateauthenticateseachuserroledynamicallyusinga signaturebasedaccesscontrolandverifiestheidentityofusertogetherwiththedevice.Accesscontrol mechanismnotonlypreventsunauthorizedaccessbutalsopreventmisuseofdata.Existingsystem generatessharedkeyforeachsessionbutitgenerateshugeoverheadandnotsuitablefortherealworldapplicationssoinproposedsystemweusedpublickeycryptographytoreducetheoverhead. KEyWoRdS Anomaly Detection, Authentication, Authorization, DDoS Attack, SQL Injection

查看原文本刊更多论文

针对客户端HTTP攻击的基于web代理的认证授权机制

Therehasbeenahugedevelopmentinhowtoreadadatafromsensordevicesuchasinfrared(IR)设备、温度设备等。传感器数据收集存在大量信息安全问题。Informationsecurityisalsothecurrenttopicofdiscussionduetoitsuseinapplicationinvarious fields.Therearenumberofusershavingdifferentuserroleswithsmartdevices。Thesepersonneluse devicesforvariouspurposeslikeaccesstheinformationfromvariousdevicessuchaswirelesssensors sothatasecureandefficientmutualauthenticationandauthorizationschemeisusedinthesmartgrid networktopreventvariousinsiderandoutsiderattacksoninformationordata。Therefore，proposed workdesignnovelapproachtoovercomethatattack，malicioususeranddevicebyauthentication andauthorization。Thetechniqueofauthenticateauthenticateseachuserroledynamicallyusinga signaturebasedaccesscontrolandverifiestheidentityofusertogetherwiththedevice。Accesscontrol mechanismnotonlypreventsunauthorizedaccessbutalsopreventmisuseofdata。Existingsystem generatessharedkeyforeachsessionbutitgenerateshugeoverheadandnotsuitablefortherealworldapplicationssoinproposedsystemweusedpublickeycryptographytoreducetheoverhead。关键词异常检测，认证，授权，DDoS攻击，SQL注入

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Int. J. Synth. Emot.

自引率

0.00%

发文量