Three way authentication protocol for privacy preserving and ownership authentication transfer for ubiquitous computing devices

B. H. Pradeep, Sanjay Singh

Research output: Contribution to journalArticle

Abstract

Now a days almost everybody is having a portable communication device, be it a laptop, a tablet or smart phones. The user would like to have all the services at his fingertips and access them through the portable device he owns. The user would exchange data with the other user or the service provider or control the smart appliances at his home. The interactions between the user's device and the service provider must be secure enough regardless of the type of device used to access or utilize the services. In this paper we propose a "Three Way Authentication (TWA)" technique intended to preserve the user privacy and to accomplish ownership authentication in order to securely deliver the services to the user devices. This technique will also help the users or the service providers to check whether the device is compromised or not with the help of the encrypted pass-phrases that are being exchanged. The users use the devices to store most of the valuable information and will prove risky when the device is borrowed by the other user or when it is lost or stolen. To safeguard the user data and also to preserve user privacy we also propose the technique of Authenticated Ownership Transfer (AOT). The user who sells the device has to transfer the ownership of the device under sale. Once the ownership has been transferred, the old owner will not be able to use that device at any cost. Neither of the users will be able to use the device if the process of ownership has not been carried out properly. This also takes care of the scenario when the device has been stolen or lost, avoiding the impersonation attack. The proposed protocol has been modeled and tested with Automated Validation of Internet Security Protocols and Applications (AVISPA) and is found to be safe.

Original languageEnglish
Pages (from-to)430-443
Number of pages14
JournalWSEAS Transactions on Communications
Volume13
Publication statusPublished - 01-01-2014

Fingerprint

Ubiquitous computing
Authentication
Network protocols
Electronic data interchange
Sales
Internet
Communication
Costs

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

@article{007a24c396914bd2b16ade7803dc4e36,
title = "Three way authentication protocol for privacy preserving and ownership authentication transfer for ubiquitous computing devices",
abstract = "Now a days almost everybody is having a portable communication device, be it a laptop, a tablet or smart phones. The user would like to have all the services at his fingertips and access them through the portable device he owns. The user would exchange data with the other user or the service provider or control the smart appliances at his home. The interactions between the user's device and the service provider must be secure enough regardless of the type of device used to access or utilize the services. In this paper we propose a {"}Three Way Authentication (TWA){"} technique intended to preserve the user privacy and to accomplish ownership authentication in order to securely deliver the services to the user devices. This technique will also help the users or the service providers to check whether the device is compromised or not with the help of the encrypted pass-phrases that are being exchanged. The users use the devices to store most of the valuable information and will prove risky when the device is borrowed by the other user or when it is lost or stolen. To safeguard the user data and also to preserve user privacy we also propose the technique of Authenticated Ownership Transfer (AOT). The user who sells the device has to transfer the ownership of the device under sale. Once the ownership has been transferred, the old owner will not be able to use that device at any cost. Neither of the users will be able to use the device if the process of ownership has not been carried out properly. This also takes care of the scenario when the device has been stolen or lost, avoiding the impersonation attack. The proposed protocol has been modeled and tested with Automated Validation of Internet Security Protocols and Applications (AVISPA) and is found to be safe.",
author = "Pradeep, {B. H.} and Sanjay Singh",
year = "2014",
month = "1",
day = "1",
language = "English",
volume = "13",
pages = "430--443",
journal = "WSEAS Transactions on Communications",
issn = "1109-2742",
publisher = "World Scientific and Engineering Academy and Society",

}

TY - JOUR

T1 - Three way authentication protocol for privacy preserving and ownership authentication transfer for ubiquitous computing devices

AU - Pradeep, B. H.

AU - Singh, Sanjay

PY - 2014/1/1

Y1 - 2014/1/1

N2 - Now a days almost everybody is having a portable communication device, be it a laptop, a tablet or smart phones. The user would like to have all the services at his fingertips and access them through the portable device he owns. The user would exchange data with the other user or the service provider or control the smart appliances at his home. The interactions between the user's device and the service provider must be secure enough regardless of the type of device used to access or utilize the services. In this paper we propose a "Three Way Authentication (TWA)" technique intended to preserve the user privacy and to accomplish ownership authentication in order to securely deliver the services to the user devices. This technique will also help the users or the service providers to check whether the device is compromised or not with the help of the encrypted pass-phrases that are being exchanged. The users use the devices to store most of the valuable information and will prove risky when the device is borrowed by the other user or when it is lost or stolen. To safeguard the user data and also to preserve user privacy we also propose the technique of Authenticated Ownership Transfer (AOT). The user who sells the device has to transfer the ownership of the device under sale. Once the ownership has been transferred, the old owner will not be able to use that device at any cost. Neither of the users will be able to use the device if the process of ownership has not been carried out properly. This also takes care of the scenario when the device has been stolen or lost, avoiding the impersonation attack. The proposed protocol has been modeled and tested with Automated Validation of Internet Security Protocols and Applications (AVISPA) and is found to be safe.

AB - Now a days almost everybody is having a portable communication device, be it a laptop, a tablet or smart phones. The user would like to have all the services at his fingertips and access them through the portable device he owns. The user would exchange data with the other user or the service provider or control the smart appliances at his home. The interactions between the user's device and the service provider must be secure enough regardless of the type of device used to access or utilize the services. In this paper we propose a "Three Way Authentication (TWA)" technique intended to preserve the user privacy and to accomplish ownership authentication in order to securely deliver the services to the user devices. This technique will also help the users or the service providers to check whether the device is compromised or not with the help of the encrypted pass-phrases that are being exchanged. The users use the devices to store most of the valuable information and will prove risky when the device is borrowed by the other user or when it is lost or stolen. To safeguard the user data and also to preserve user privacy we also propose the technique of Authenticated Ownership Transfer (AOT). The user who sells the device has to transfer the ownership of the device under sale. Once the ownership has been transferred, the old owner will not be able to use that device at any cost. Neither of the users will be able to use the device if the process of ownership has not been carried out properly. This also takes care of the scenario when the device has been stolen or lost, avoiding the impersonation attack. The proposed protocol has been modeled and tested with Automated Validation of Internet Security Protocols and Applications (AVISPA) and is found to be safe.

UR - http://www.scopus.com/inward/record.url?scp=84904857409&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84904857409&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:84904857409

VL - 13

SP - 430

EP - 443

JO - WSEAS Transactions on Communications

JF - WSEAS Transactions on Communications

SN - 1109-2742

ER -