Lightweight Technical Implementation of Single Sign-On Authentication and Key Agreement Mechanism for Multiserver Architecture-Based Systems

Authentication is the primary and mandatory process for any Information and Communication Technology (ICT) application to prove the legitimacy of the genuine user. It becomes more important and crucial for public platforms like e-governance platforms. +e Government of India is transforming the country into Digital India through various e-governance initiatives based on ICT. For authentication, National e-Authentication Framework (NeAF) was proposed by the Indian government which is a policy framework for authentication. +is framework does not provide any technical and unified solution for authentication systems while it is based on centralized verification data. In this paper, we proposed a solution for the authentication which provides the unified authentication solution for the Indian e-governance system with existing infrastructure. +is solution also provides the features such as scalability, security, and transparency based on distributed computing and working on multiserver architecture. +is solution also fulfills the need of the current Indian government to provide multiple e-governance services through a single smart card.

[1]  Omar Cheikhrouhou,et al.  BMC-SDN: Blockchain-Based Multicontroller Architecture for Secure Software-Defined Networks , 2021, Wirel. Commun. Mob. Comput..

[2]  Munish Sabharwal Multi-Modal Biometric Authentication and Secure Transaction Operation Framework for E-Banking , 2017, Int. J. Bus. Data Commun. Netw..

[3]  Ping Wang,et al.  The Request for Better Measurement: A Comparative Evaluation of Two-Factor Authentication Schemes , 2016, AsiaCCS.

[4]  D. G. Chandra,et al.  Cloud Computing Model for National E-governance Plan (NeGP) , 2012, 2012 Fourth International Conference on Computational Intelligence and Communication Networks.

[5]  Shu Kun Realization and Improvement of OTP Authentication , 2000 .

[6]  Mohamed Khalgui,et al.  UTM-Chain: Blockchain-Based Secure Unmanned Traffic Management for Internet of Drones , 2021, Sensors.

[7]  ASCII Embedding: An Efficient Deep Learning Method for Web Attacks Detection , 2021, MedPRAI.

[8]  Travis Wiens,et al.  Engine Speed Reduction for Hydraulic Machinery Using Predictive Algorithms , 2019, International Journal of Hydromechatronics.

[9]  Omar Cheikhrouhou,et al.  An OWASP Top Ten Driven Survey on Web Application Protection Methods , 2020 .

[10]  Eun-Jun Yoon,et al.  Drawbacks of Liao et al.'s Password Authentication Scheme , 2006, International Conference on Next Generation Web Services Practices.

[11]  Kee-Young Yoo,et al.  Improvement of Chien et al.'s remote user authentication scheme using smart cards , 2005, Comput. Stand. Interfaces.

[12]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..

[13]  O. Cheikhrouhou,et al.  M-CNN: A New Hybrid Deep Learning Model for Web Security , 2020, 2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA).

[14]  Maher Ben Jemaa,et al.  An EAP-EHash authentication method adapted to resource constrained terminals , 2010, Ann. des Télécommunications.

[15]  Wei-Chi Ku,et al.  Weaknesses and improvement of Wang et al.'s remote user password authentication scheme for resource-limited environments , 2009, Comput. Stand. Interfaces.

[16]  Yu-Chung Chiu,et al.  Improved remote authentication scheme with smart card , 2005, Comput. Stand. Interfaces.

[17]  Anis Koubaa,et al.  Towards a Distributed Computation Offloading Architecture for Cloud Robotics , 2019, 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC).

[18]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[19]  Wei-Chi Ku,et al.  Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[20]  Xiaomin Wang,et al.  Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards , 2007, Comput. Stand. Interfaces.

[21]  Vijay Jain,et al.  An Approach towards Digital Signatures for e-Governance in India , 2015, EGOSE.

[22]  Wei Hu,et al.  ATCS: A Novel Anonymous and Traceable Communication Scheme for Vehicular Ad Hoc Networks , 2011, Int. J. Netw. Secur..

[23]  Omar Cheikhrouhou,et al.  Establishing Pairwise Keys in Heterogeneous Two-Tiered Wireless Sensor Networks , 2009, 2009 Third International Conference on Sensor Technologies and Applications.

[24]  Eleni Stroulia,et al.  On the Personality Traits of StackOverflow Users , 2013, 2013 IEEE International Conference on Software Maintenance.

[25]  A. Derhab,et al.  PetroBlock: A Blockchain-Based Payment Mechanism for Fueling Smart Vehicles , 2021, Applied Sciences.

[26]  Anil K. Jain,et al.  Biometric Authentication: System Security and User Privacy , 2012, Computer.

[27]  Kuldip Singh,et al.  A secure dynamic identity based authentication protocol for multi-server architecture , 2011, J. Netw. Comput. Appl..

[28]  Vineeta Khemchandani,et al.  Unified and integrated authentication and key agreement scheme for e-governance system without verification table , 2019 .

[29]  Jian Ma,et al.  A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments , 2013, Math. Comput. Model..

[30]  Wei-Kuan Shih,et al.  Security enhancement on an improvement on two remote user authentication schemes using smart cards , 2011, Future Gener. Comput. Syst..

[31]  Jianhua Li,et al.  Anonymity Enhancement on Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards , 2010, IEEE Transactions on Industrial Electronics.

[32]  Ping Wang,et al.  Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks , 2014, Ad Hoc Networks.

[33]  Ronggong Song Advanced smart card based password authentication protocol , 2010, Comput. Stand. Interfaces.

[34]  Bhupendra Gupta,et al.  Visibility improvement and mass segmentation of mammogram images using quantile separated histogram equalisation with local contrast enhancement , 2019, CAAI Trans. Intell. Technol..

[35]  Cheng-Chi Lee,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards , 2011, Expert Syst. Appl..

[36]  V. B. Singh,et al.  E-Governance: Past, Present and Future in India , 2012, ArXiv.

[37]  Hechun Yu,et al.  Study on the dynamic and static characteristics of gas static thrust bearing with micro-hole restrictors , 2019, International Journal of Hydromechatronics.

[38]  Wei-Kuan Shih,et al.  Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[39]  Kuldip Singh,et al.  An improvement of Wang et al.'s authentication scheme using smart cards , 2010, 2010 National Conference On Communications (NCC).

[40]  Khalid Khan,et al.  A novel cost effective authentication framework for Wireless LANs in small medium enterprises (SMEs) , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[41]  Shuenn-Shyang Wang,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[42]  Cheng-Chi Lee,et al.  A Secure Dynamic Identity Based Authentication Protocol with Smart Cards for Multi-Server Architecture , 2015, J. Inf. Sci. Eng..

[43]  Vineeta Khemchandani,et al.  Study of e-governance in India: a survey , 2019 .

[44]  Liu Lin-chao Design Improvement and Implementation of Authentication Technology Based on OTP , 2005 .

[45]  Ping Wang,et al.  Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment , 2015, IEEE Transactions on Dependable and Secure Computing.

[46]  Mohamed Abid,et al.  RiSeG: a ring based secure group communication protocol for resource-constrained wireless sensor networks , 2011, Personal and Ubiquitous Computing.

[47]  C. Nugent,et al.  Review of ICT-based services for identified unmet needs in people with dementia , 2007, Ageing Research Reviews.

[48]  Sunil Karforma,et al.  Authentication of User in E-Governance: A Digital Certificate Based Approach , 2014 .

[49]  Tim Howes,et al.  Lightweight Directory Access Protocol , 1995, RFC.

[50]  Guesh Dagnew,et al.  Deep learning approach for microarray cancer data classification , 2020, CAAI Trans. Intell. Technol..

[51]  Anant Saxena,et al.  Developing entrepreneurship and e-government in India: Role of common service centers , 2013 .

[52]  Tzonelih Hwang,et al.  Non-interactive password authentications without password tables , 1990, IEEE TENCON'90: 1990 IEEE Region 10 Conference on Computer and Communication Systems. Conference Proceedings.

[53]  Jianfeng Ma,et al.  Improvement of robust smart‐card‐based password authentication scheme , 2015, Int. J. Commun. Syst..

[54]  H. Goswami OPPORTUNITIES AND CHALLENGES OF DIGITAL INDIA PROGRAMME , 2016 .

[55]  Tong Lu,et al.  Graphology based handwritten character analysis for human behaviour identification , 2020, CAAI Trans. Intell. Technol..

[56]  O. Cheikhrouhou,et al.  SQL Injection Attack Detection and Prevention Techniques Using Machine Learning , 2020 .

[57]  Vineeta Khemchandani,et al.  An Analytical Method to Audit Indian e-Governance System , 2017, Int. J. Electron. Gov. Res..

[58]  Xiong Li,et al.  An enhanced smart card based remote user password authentication scheme , 2013, J. Netw. Comput. Appl..

[59]  Omar Cheikhrouhou,et al.  CoopECC: A Collaborative Cryptographic Mechanism for the Internet of Things , 2021, J. Sensors.

[60]  Jürgen Weber,et al.  Analytical analysis of single-stage pressure relief valves , 2019, International Journal of Hydromechatronics.

[61]  Dilbag Singh,et al.  Color image encryption using minimax differential evolution-based 7D hyper-chaotic map , 2020, Applied Physics B.

[62]  Christophe Rosenberger,et al.  Service provider authentication assurance , 2012, 2012 Tenth Annual International Conference on Privacy, Security and Trust.

[63]  L. Kant,et al.  Information and communication technology in disease surveillance, India: a case study , 2010, BMC public health.

[64]  Eun-Jun Yoon,et al.  Further improvement of an efficient password based remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[65]  Shib Shankar Dasgupta Integrating the poor through e-Governance: A case study of the national e-Governance plan in India , 2010 .

[66]  Munish Sabharwal The Assessment of Concerns, Opinions and Perceptions of Bank Customers to find the Significant Metrics for Deployment of Biometrics in E-Banking , 2016 .

[67]  Anil K. Jain,et al.  A Multispectral Whole-Hand Biometric Authentication System , 2007, 2007 Biometrics Symposium.

[68]  Darpan Anand,et al.  Dynamic Id Based Remote User Authentication in Multi Server Environment Using Smart Cards: A Review , 2015, 2015 International Conference on Computational Intelligence and Communication Networks (CICN).

[69]  Robert H. Deng,et al.  A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[70]  Marvin A. Sirbu,et al.  Distributed authentication in Kerberos using public key cryptography , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[71]  Mohamed Abid,et al.  A lightweight user authentication scheme for Wireless Sensor Networks , 2010, ACS/IEEE International Conference on Computer Systems and Applications - AICCSA 2010.

[72]  Jian Ma,et al.  An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards , 2012, J. Netw. Comput. Appl..

[73]  Richard Heeks Understanding e-Governance for Development , 2001 .