Abstract
Authentication agent enables an authorized user to gain authority in the Internet or distributed computing systems. It is one of the most important problems that application server systems can identify many clients authorized or not. To protect many resources of web server systems or any other our computer systems, we should perform client authentication process in the Internet or distributed client server systems. Generally, a user can gain authority using the user’s ID and password. But using client’s password is not always secure because of various security attacks of many opponents. In this paper, we propose an authentication agent system model using an interactive authentication database. Our proposed agent system provides secure client authentication that add interactive authentication process to current systems based on user’s ID and password. Before a user requests a transaction for information processing to distributed application servers, the user should send a authentication key acquired from authentication database. The agent system requests an authentication key from the user to identify authorized user. The proposed authentication agent system can provide high quality of computer security using the two passwords, user’s own password and authentication key or password. The second authentication password can be acquired by authentication database in every request transaction without user’s input because of storing to client’s database when the user gets authority first. For more secure authentication, the agent system can modify the authentication database. Using the interactive database, the proposed agent system can detect intrusion during unauthorized client’s transaction using the authentication key because we can know immediately through stored the authentication password when a hackers attack out network or computer systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hayzelden, A.L.G., Bourne, R.: Agent Technology for Communications Infrastructure. John Wiley & Sons, Chichester (2001)
Stallings, W.: Network Security Essentials: Application and Standards. Prentice-Hall, Englewood Cliffs (1999)
Kaufman, C., Perlman, R., Speciner, M.: Network Security: Private Communication in a Public World. Prentice-Hall, Englewood Cliffs (1995)
Stallings, W.: Cryptography and Network Security: Principles and Practice. Prentice-Hall, Englewood Cliffs (1999)
Neuman, B.C., Kerberos, T.T.: An Authentication Service for Computer Networks. IEEE Communications 32(9), 33–38 (1994)
Bellovin, S.M., Merritt, M.: An Attack on the Interlock Protocol When Used for Authentication. IEEE Transactions on Information Theory 40(1), 273–275 (1994)
Sandhu, R., Samarati, P.: Authentication, Access Control, and Audit. ACM Computing Surveys 28(1), 241–243 (1996)
Furuya, S.: Slide Attacks with a Known-Plaintext Cryptanalysis. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 214–225. Springer, Heidelberg (2002)
Giles, J., Sailer, R., Verma, D., Chari, S.: Authentication for Distributed Web Caches. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 126–145. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, JW. (2005). Security Agent Model Using Interactive Authentication Database. In: Kim, T.G. (eds) Artificial Intelligence and Simulation. AIS 2004. Lecture Notes in Computer Science(), vol 3397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30583-5_66
Download citation
DOI: https://doi.org/10.1007/978-3-540-30583-5_66
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24476-9
Online ISBN: 978-3-540-30583-5
eBook Packages: Computer ScienceComputer Science (R0)