In fog-enabled cloud computing framework, one of the most challenges is security promises due to the compromised passwords. To overcome this issue, different multifactor authentication schemes have been developed that requires additional authentication credentials along with the standard password to authenticate the login. Among those schemes, Communication Latency-based Authentication Scheme (CLAS) increases the protection of conventional web authentication schemes by leveraging the Round Trip network communication Latency (RTL) between clients and authenticators together with standard password. It uses RTL of clients to secure against password compromise. On the other hand, it can support compromise of either the password or the profiled location of a user. This makes it susceptible to same location attacks. As a result, an integration of additional profiling features is needed to attain more robust and flexible defense against password compromise. Hence in this paper, an extended CLAS is proposed that mainly investigates the mobility and same location challenges in CLAS. Initially, the legitimate login failures are solved by handling both selective and arbitrary mobility of users. For selective mobility case, CLAS generates an individual profile for each location and the user may be granted access if his/her real-time login profile matches any of the stored reference profiles. For arbitrary mobility case, CLAS is integrated with two-factor authentication mechanism to authenticate the user. In addition, the defense against Mimic attacks is improved by utility metric-based location anonymization and obfuscation of RTL algorithms. By using these algorithms, the user’s locations are anonymized and the values of RTL are obfuscated to defend against user compromise attempts for impersonating the RTL by getting nearer to the user location. Moreover, a keystroke dynamics measure is introduced with obfuscated RTL measures to effectively defend the same location attacks. This technique alleviates the potential impacts of network instabilities on RTL measurements. As well, it increases the authentication sample space and so improves the security guarantee of CLAS. Finally, the simulation outcomes illustrate that an extended CLAS has the ability to reduce both false positive and false negative rates.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.