Network security: private communication in a public world
Network security: private communication in a public world
Cryptography and network security (2nd ed.): principles and practice
Cryptography and network security (2nd ed.): principles and practice
Public-key cryptography and password protocols
ACM Transactions on Information and System Security (TISSEC)
Security technologies for the World Wide Web
Security technologies for the World Wide Web
Information Security Management: Global Challenges in the New Millennium
Information Security Management: Global Challenges in the New Millennium
Network Security Essentials: Applications and Standards
Network Security Essentials: Applications and Standards
Slide Attacks with a Known-Plaintext Cryptanalysis
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Authentication for Distributed Web Caches
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Hi-index | 0.00 |
In the Internet and distributed systems, we can always access many application servers for gaining many information or electronic business processing, etc. Despite of those advantages of information technology, there have been also many security problems that many unauthorized users attack our network and computer systems for acquiring many information or destroying our resources. In this paper, we propose a client authentication model that uses two authentication server systems, duplicated authentication. Before a client requests information processing to application web servers, the user acquire session password from two authentication servers. The proposed client authentication model can be used making high quality of computer security using the two authentication procedures, user's password and authentication password. The second password by two authentication servers is used in every request transaction without user's input because of storing to client's disc cache when a session is opened first. For more secure authentication we can close session between client and server if a request transaction is not created during a time interval. And then user will acquire authentication password again using logon to the authentication servers for requesting information processing. The client authentication procedure is needed to protect systems during user's transaction by using duplicated password system. And we can detect intrusion during authorized client's transaction using our two client authentication passwords because we can know immediately through stored client authentication password when a hackers attack our network or computer systems.