Authentication Framework for Military Applications Employing Wireless Sensor Networks and Private Cloud

Objectives: To provide an authentication framework between military data centres pertaining to different levels of operations within the private cloud and a simple authentication schema for authenticating users at the wing-commander level in the special sinks deployed in our territory closer to line of control. Methods: In order to achieve the above mentioned objectives, we designed a conceptual defense structure that will highlight the various hierarchical levels of military operations. Military WSNs and data centres will utilize the designed simple authentication schema to improve the lifetime of the WSNs. The methodology adopted primarily consists of modifications to the existing Kerberos setup, so that it could fit the conceptual defense structure by utilizing Heimdal Kerberos distribution. Heimdal's modified Kerberos distribution is utilized in the cloud gateway system to create Kerberos Distribution Center. The modified Kerberos equations are provided in this paper. Findings: Based on the simulations carried out, it is identified that number of messages required for various dialogs for modified Kerberos is relatively less compared to the original version of Kerberos. The response time for modified Kerberos in single realm and cross realm based on different number of requests showed that modified Kerberos is performing better and efficient with respect to the response time metric. Minimum number of messages required for Kerberos Authentication using v4 (Simple dialog), v4 (Secure dialog), v4 (Authentication dialog), v5 (Request for service in another realm using Inter realm authentication) are 3, 5, 6 and 7 respectively. Response times range for single realm lie in the range of 3ms to 20ms approximately for 10 to 100 requests per minute. Response times range for cross realm lie in the range of 7 ms to 47 ms approximately for 10 to 100 requests per minute. The authentication time to authenticate instructions received at special sinks from level 1 resource via cloud gateway ranges from 4.5 ms to 6 ms for message sizes ranging from 100 bytes to 1000 bytes. The response times obtained from single realm authentication indicates lesser values as compared against cross realm authentication which is in consensus with the theory of Kerberos. Applications: The proposed scheme finds its application in all mission critical tasks where the time taken for successful authentication of users should be drastically reduced to improve the system performance.

[1]  Attila A. Yavuz,et al.  A new multi-tier adaptive military MANET security protocol using hybrid cryptography and signcryption , 2010 .

[2]  Ling Tian,et al.  Identity-Based Authentication for Cloud Computing , 2009, CloudCom.

[3]  R. Prabu,et al.  PB Verification and Authentication for Server using Multi Communication , 2016 .

[4]  Latha Parthiban,et al.  SecAuthn: Provably Secure Multi-Factor Authentication for the Cloud Computing Systems , 2016 .

[5]  Helen Tang,et al.  Strong Authentication for Tactical Mobile Ad Hoc Networks , 2007 .

[6]  S. Kotani,et al.  TrustCube: An Infrastructure that Builds Trust in Client , 2009 .

[7]  David Starobinski,et al.  Rateless Deluge: Over-the-Air Programming of Wireless Sensor Networks Using Random Linear Codes , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[8]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[9]  Haiyun Luo,et al.  Adaptive Security for Multi-layer Ad-hoc Networks , 2002 .

[10]  Wenbo Mao,et al.  An Identity-based Non-interactive Authentication Framework for Computational Grids , 2004 .

[11]  Xiaoyan Hong,et al.  Hierarchical routing for multi-layer ad-hoc wireless networks with UAVs , 2000, MILCOM 2000 Proceedings. 21st Century Military Communications. Architectures and Technologies for Information Superiority (Cat. No.00CH37155).

[12]  Sunghyuck Hong Multi-factor User Authentication on Group Communication , 2015 .

[13]  Hannu Kari,et al.  Packet level authentication in military networks , 2006 .

[14]  Mi-Kyoung Kim,et al.  Integrated User Authentication Method using BAC(Brokerage Authentication Center) in Multi-clouds , 2015 .

[15]  Markus Jakobsson,et al.  Authentication in the clouds: a framework and its application to mobile users , 2010, CCSW '10.