Authentication System with Resource Management
-
Upload
wyoming-bean -
Category
Documents
-
view
13 -
download
1
description
Transcript of Authentication System with Resource Management
Authentication SystemAuthentication Systemwithwith
Resource ManagementResource Management
Gregory Geosits
Todd Little
OverviewOverview
Authentication Server– Provide a means for a client to prove
authenticity– Provide a means for a resource manager to
verify a client’s authenticity– Implement a secure encryption algorithm
OverviewOverview
Resource Manager– Provide a resource for an authentic client– Be able to verify a client’s authenticity
OverviewOverview
Client– Connect to an authentication server and verify
authentication– Connect to a resource manager, prove
authentication, and obtain a resource
Design DecisionsDesign Decisions
Communications via Java RMIEach component of the system must be a
different hostDES private-key encryption for
authentication1-hour time window before authentication
must be re-verified1 Interface for the Server and RM to share
Security AttributesSecurity Attributes
Data Encryption Standard– Private Key Based– Implementation taken from ECE5477
Method Usage– DES d = new DES(key);– Long e_value = d.encrypt(value);– Long d_value = d.decrypt(e_value);
ServerServer
Main ( ) Method– Set up RMI host– Bind host to RMI port 8182– Create registry on that port– Initialize client names and private keys
ServerServer
Client_Connect ( ) Method– Parameters: String name, long e_key– Return Value: long encrypted_HOD
ServerServer
Resource_Connect ( ) Method– Parameters: String name, long e_data– Return Value: Boolean authenticated
ServerServer
Resource_Deliver_Message ( ) Method– Parameters: String name, long data– Return Value: String message– Dummy Method
Resource ManagerResource Manager
Main ( ) Method– Initialize RMI host– Bind host to RMI port 8183– Create registry on that port
Resource ManagerResource Manager
Resource_Deliver_Message ( ) Method– Parameters: String name, long data– Return Value: String message
Resource ManagerResource Manager
Resource_Connect ( ) Method– Dummy Method
Client_Connect ( ) Method– Dummy Method
ClientClient
Main ( ) Method– Set up two RMI connections– Encrypt its own key– Authenticate to server– Retrieve message from Resource Manager– Display message
Running the SystemRunning the System
Server– Java Server
Resource Manager– Java Resource
Client– Java Client
System TestingSystem Testing
4 Scenarios– (Failure) Incorrect Name, Correct Key– (Failure) Correct Name, Incorrect Key– (Failure) Incorrect Name, Incorrect Key– (Success) Correct Name, Correct Key
EnhancementsEnhancements
Private Key Transmission via Public Key Algorithm
Additional Resource Manager FunctionalityImplementation in TCP