Economic Application for Scenarios in the Inkomati Catchment 26 February2014.
A SECURITY ARCHITECTURE ACHIEVING …ijcsmc.com/docs/papers/February2014/V3I2201499a50.pdfControlled...
Transcript of A SECURITY ARCHITECTURE ACHIEVING …ijcsmc.com/docs/papers/February2014/V3I2201499a50.pdfControlled...
M.Sangeetha et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.2, February- 2014, pg. 653-658
© 2014, IJCSMC All Rights Reserved 653
Available Online at www.ijcsmc.com
International Journal of Computer Science and Mobile Computing
A Monthly Journal of Computer Science and Information Technology
ISSN 2320–088X
IJCSMC, Vol. 3, Issue. 2, February 2014, pg.653 – 658
RESEARCH ARTICLE
A SECURITY ARCHITECTURE ACHIEVING
ANONYMITY AND TRACEABILITY IN
PAYMENT BASED SYSTEM
M.Sangeetha1, S.Rajasulochana
2, S.Shanmathi
3
1M.E Computer Science and Engineering, SriGuru Institute of Technology, Coimbatore
2M.E Computer Science and Engineering, SriGuru Institute of Technology, Coimbatore
3M.E Computer Science and Engineering, SriGuru Institute of Technology, Coimbatore
1 [email protected], 2 [email protected], 3 [email protected]
Abstract: Anonymous profitable transactions can protect the privacy of clients. Some clients prefer to use cash when buying
everyday possessions to put off sellers from aggregating in sequence or soliciting them in the future. E-cash are associated to
a user's name, and can be used to determine other information, such as address, mobile number, etc. The E-cash system was
residential to allow secure anonymous transactions. Many loyalty programs use cards that personally recognize the user
tempting in each transaction or that act as a mathematical pseudonym, for use in data mining. The paper proposes a key
based protocol that enhances security in mobile transaction there by helping the bank admin to find the identity and the time
of misuse.
Keywords: Blind mark; e – cash; key based protocol; anonymity; traceability
I. INTRODUCTION
Not every system is completely secured. One of the crucial challenges of payment based system is anonymity and
privacy. Controlled anonymity provides a healthy balance between privacy and security issues thus avoiding anonymity misuse.
Security in general can be defined by three terms namely:
Confidentiality – termed as secrecy in data transfer
Integrity – can also be termed as trustworthiness. It ensures that the content remains unaltered
Authentication – refers to the identity of the person accessing the data
It is essential that a strong security protocol should address these three core areas.
Privacy and anonymity are two issues that are under a serious research these days. Privacy refers to the fact that the
information should be safe from third party disclosure. Thus a strong access control is essential to get rid of various attacks like
replay attack, brute-force attack and the like. Access control can be provided in various ways like role-based access control,
M.Sangeetha et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.2, February- 2014, pg. 653-658
© 2014, IJCSMC All Rights Reserved 654
Mandatory access control and discretionary access control etc. Secure Socket Layer (SSL) ensures privacy in transferring user
documents across the internet. SSL overcomes the lack of trust between parties involved in transaction by ensuring
confidentiality through encryption, integrity through checksums, and authentication via server certificates.
Fig.1 Payment based system
The world has moved onto the next phase where all the transaction where everything is electroic based. All the packets
been sent are in the form of tokens, where the token is issued by a trusted third party. In order to ensure that the history of
information is not available to anyone, one need to ensure not only privacy but also anonymity. In particular it is essential that,
Payer anonymity
Payer traceability
need to be ensured in a wide scale.
II. PREVIOUS WORK
In wireless communication systems, it is easier for a global observer to mount traffic analysis attacks by following the
packet forwarding path. Thus, routing anonymity is indispensable, which conceals the confidential communication relationship
of two parties by building an anonymous path between them. Nevertheless, unconditional anonymity may incur insider attacks
since misbehaving users are no longer traceable. Therefore, traceability is highly desirable such as in e-cash systems where it is
used for detecting and tracing double-spenders.
Disadvantages
In the existing Systems, there exist conflicts between the anonymity and traceability.
The fundamental security requirements including authentication, confidentiality, data integrity, and
non-repudiation are not achieved.
It has heavy wireless links.
Blind signature can use only for normal verifications.
M.Sangeetha et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.2, February- 2014, pg. 653-658
© 2014, IJCSMC All Rights Reserved 655
III. IMPLEMENTATION
The proposed work is implemented in the following ways:
A. E – Cash System
E – Cash is a privacy preserving mechanism used in payment based system to ensure anonymity and privacy. There
are two ways of counterfeiting physical cash in an electronic cash system:
Token forgery
Multiple spending
In order to avoid token forgery, in the proposed system, token is generated randomly generated during each transaction and the
system prompts the user to register during each transaction.
B. Initial Verification
Initial verification is done by blind mark process. A blind mark scheme allows a receiver to obtain a signature or mark on
a message such that both the message and the resulting mark remain unknown to the signer. We refer the readers for a formal
description of a blind mark scheme, which should bear the properties of verifiability, unlinkability, and unforgeability. Blind
mark scheme, where the restrictiveness property is included into the blind mark scheme such that the message being signed
must hold encoded information. As the name suggests, this property restricts the user in the blind mark scheme to embed some
account-related clandestine information into what is being signed by the bank (otherwise, the sign will be unsuccessful) such
that this secret can be recovered by the bank to identify a user if and only if he double-spends. The restrictiveness property is
essentially the assurance for traceability in the restrictive blind mark systems.
C. Key Issuance
In sequence to maintain security of the multipart against attacks and the equality among clients, the home server
manager may control the access of each client by issuing keys based on the mischief history of the client, which reflects the
server manager’s confidence about the client to act properly. Key issuance occurs when the client initially attempts to access the network or when all previously issued keys are used up. The client needs to disclose his real ID to the server executive in order
to obtain a key since the server executive has to ensure the faithfulness of this client.
D. Scam Detection
Key reuse usually results from the client’s inability to obtain key from the TA when network right to use is desired, primarily due to the client’s past mischief, which causes the server manager to limit his key requests.
E. Primary security objectives
It is trifling to show that our security architecture satisfy the security requirements for authentication, data integrity, and confidentiality, which follows directly from the employment of the standard cryptographic primitives, message authentication
code, and encryption, in our system. We are only left with the proof of non repudiation in this class. A scam can be repudiate
only if the client can provide a different demonstration, knows of communication from what is derivative by the server
manager.
IV. RESULTS
A. Message Transaction
Administrator will be the total controller of the project.
The blind mark scheme to embed some account-related secret information signed by the bank.
Each and every Transfer will be based on their key and one time password provided by admin.
Key is provided to the user at the time of transaction to their mobile or email id.
M.Sangeetha et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.2, February- 2014, pg. 653-658
© 2014, IJCSMC All Rights Reserved 656
Fig.2 Message transaction
B. Amount Transaction
The account number is stored with the client’s ID at the Key.
Customer account is activated by administrator and one time password is provide to them for
transaction
Each and every Transfer will be based on their key and one time password provided by admin
Fig.3 Amount transaction
M.Sangeetha et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.2, February- 2014, pg. 653-658
© 2014, IJCSMC All Rights Reserved 657
C. Blind Message
Transaction is based on the Key and one time password.
Key is provided to the user at the time to their mobile or Email id.
Registered and authenticated persons only make transaction.
Fig.4 Blind Message
D. Received SMS
Each client can receive the broadcast messages.
Fig.5 Received SMS
M.Sangeetha et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.2, February- 2014, pg. 653-658
© 2014, IJCSMC All Rights Reserved 658
V. CONCLUSION
A security architecture mainly consisting of the key-based protocols, which resolve the contradictory security
requirements of unconditional anonymity for honest users and traceability of misbehaving users. By utilizing the key, the
proposed approach is established to accomplish ideal security objectives and effectiveness. This type of E-cash system is
focused on in this paper. As the name implies, electronic cash is an effort to make an electronic expense system modeled after
our paper. The main design goal of E-cash system is to pay attention to protect the applications of intractability and anonymity.
Thus, E- cash is distinct to be an electronic payment system that provides, in calculation to the above refuge features, the property of consumer anonymity and payment intractability.
ACKNOWLEDGEMENT
The authors would like to thank the staff and students of SriGuru Institute of technology, friends and family members
for their support and guidance in bringing this research article. The authors would also like to thank them for their valuable support.
REFERENCES
[1] Balakrishnan.H, Barrett.C, Kumar.V, Marathe.M(2004), ‘The distance-2 matching problem and its relationship to the maclayer capacity of ad hoc networks’, IEEE Journal on Selected Area in Communications.
[2] Bui.L, Srikant.R(2009), ‘Novel architectures and algorithms for delay reduction in back-pressure scheduling and
routing’, INFOCOM Mini-Conference.
[3] Chaporkar.P, Kar.K(2009), ‘Throughput guarantees through maximal scheduling in wireless networks’.
[4] Dai.J.G, and Lin.W(2005), ‘Maximum pressure policies in stochastic processing networks. Operations Research’.
[5] Dai.J.G, and Lin.W(2007), ‘Asymptotic optimality of maximum pressure policies in stochastic processing networks’.
[6] Dupuis.H and Hajek.B(1994), ‘A simple formula for mean multiplexing delay for indep endent regenerative sources’.
[7] Feldmann.A, Kammenhuber.N, Maennel.O(2004), ‘A methodology for estimating interdomain web traffic demand’.
[8] Georgiadis.L, Neely.M.J, and Tassiulas.L(2006), ‘Resource Allocation and Cross-Layer Control in Wireless
Networks’.
[9] Gupta.G.R(2009), ‘Delay Efficient Control Policies for Wireless Networks’, Ph.D. Dissertation, Purdue University.
[10] GuptaG.R, Sanghavi.S, and Shroff.N.B(2009), ‘Workload optimality in switches without arrivals. MAthematical
performance Modeling and Analysis’.
Authors Profile
M Sangeetha was born in Theni on 26th December 1990. She received her B.Tech.(IT) degree from Periyar
Maniammai University, Thanjavur, Tamil Nadu in 2012. She is currently pursuing M.E. (CSE) degree in
SriGuru Institute of Technology, Coimbatore, Tamil Nadu. She has Published articles in various international
journals. She is interested in Secure Computing, Data mining, Audio mining.
S. Rajasulochana was born in Coimbatore on 26th June 1990. She received her B.E. (CSE) from Dr.
Mahalingam College of Engineering and Technology, Pollachi, Tamil Nadu in 2012. She is currently pursuing
her M.E (CSE) in SriGuru Institute of Technology, Varathayangarpalayam, Coimbatore, Tamil Nadu. She has
published an application for Windows Phone 7 and got certified. Her areas of interest include Cloud Computing
and Machine learning.
S.Shanmathi was born in Tiruchengode on 8th Augest 1991. She received her B.E (CSE) degree from Sengundhar College of Engineering Tiruchengode, Tamil Nadu in 2012. She is currently pursuing M.E. (CSE)
degree in SriGuru Institute of Technology, Coimbatore, Tamil Nadu. She has presented papers in various
national conferences. Her areas of interest are Network Security, Datastructures and web designing.