1 / 21

Secure Authentication System with Resource Management Overview

This system by Gregory Geosits and Todd Little provides secure authentication and resource management. The authentication server and resource manager ensure client authenticity through DES encryption. Communication is via Java RMI, and interface design decisions focus on security attributes sharing.

wyoming-bean
Télécharger la présentation

Secure Authentication System with Resource Management Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication SystemwithResource Management Gregory Geosits Todd Little

  2. Overview • Authentication Server • Provide a means for a client to prove authenticity • Provide a means for a resource manager to verify a client’s authenticity • Implement a secure encryption algorithm

  3. Overview • Resource Manager • Provide a resource for an authentic client • Be able to verify a client’s authenticity

  4. Overview • Client • Connect to an authentication server and verify authentication • Connect to a resource manager, prove authentication, and obtain a resource

  5. Design Decisions • Communications via Java RMI • Each component of the system must be a different host • DES private-key encryption for authentication • 1-hour time window before authentication must be re-verified • 1 Interface for the Server and RM to share

  6. Security Attributes • Data Encryption Standard • Private Key Based • Implementation taken from ECE5477 • Method Usage • DES d = new DES(key); • Long e_value = d.encrypt(value); • Long d_value = d.decrypt(e_value);

  7. Security System Interaction

  8. Code Specifics • Server • Resource Manager • Client

  9. Server • Main ( ) Method • Set up RMI host • Bind host to RMI port 8182 • Create registry on that port • Initialize client names and private keys

  10. Server • Client_Connect ( ) Method • Parameters: String name, long e_key • Return Value: long encrypted_HOD

  11. Server • Resource_Connect ( ) Method • Parameters: String name, long e_data • Return Value: Boolean authenticated

  12. Server • Get_Hour ( ) Method • Parameters: none • Return Value: integer HOD

  13. Server • Resource_Deliver_Message ( ) Method • Parameters: String name, long data • Return Value: String message • Dummy Method

  14. Resource Manager • Main ( ) Method • Initialize RMI host • Bind host to RMI port 8183 • Create registry on that port

  15. Resource Manager • Resource_Deliver_Message ( ) Method • Parameters: String name, long data • Return Value: String message

  16. Resource Manager • Resource_Connect ( ) Method • Dummy Method • Client_Connect ( ) Method • Dummy Method

  17. Client • Main ( ) Method • Set up two RMI connections • Encrypt its own key • Authenticate to server • Retrieve message from Resource Manager • Display message

  18. Running the System • Server • Java Server • Resource Manager • Java Resource • Client • Java Client

  19. System Testing • 4 Scenarios • (Failure) Incorrect Name, Correct Key • (Failure) Correct Name, Incorrect Key • (Failure) Incorrect Name, Incorrect Key • (Success) Correct Name, Correct Key

  20. Enhancements • Private Key Transmission via Public Key Algorithm • Additional Resource Manager Functionality • Implementation in TCP

  21. Demonstration Thank You

More Related