A Framework Design with QOS for Distributed Environment

A Framework Design with QOS for

Distributed Environment

Shriram KV

, Sasikumar P, Sriram Karthik ,Sathishkumar

*_{Assistant Prof, SENSE, VIT University, Vellore. Email: [email protected]}

Assistant Prof, SENSE, VIT University, Vellore. Email: [email protected] Student, M.Tech VLSI DESIGN, VIT University, Vellore. Email: [email protected]

Assistant Prof- Senior, SENSE, VIT University, Vellore. Email: [email protected]

Abstract

Applications designed are comprehensive only when QoS (Quality of Service) is proper. QoS characteristics includes a set of general characteristics such as Dependability, Security, Adaptability, Maintainability, Portability, Throughput, Capacity, Turn-around Time, Parallelism Constraints, Availability, Ordering Constraints, Result, Achievability, Priority and Presentation.

In a Distributed Environment, Security risks are a major concern, because the networked workstations and applications are exposed to a variety of threats. The threats can be eavesdrpping, masqaurading,tampering and replaying. To avoid these threats solutions like handshake mechanism, authentication, authrization and cryptography can be used. The main objective of the project is to design and develop security framework encapsulating the above solutions. This project addresses the QoS characteristics namely security, maintainability and adaptability issues in the designed framework

The security protocols such as Kerberos and SSL are used for proper authentication and handshake respectively. The discrete logarithmic problem based algorithm Elliptic Curve Cryptography (ECC) is used for Encryption and Decryption. This project deals with the usage of software engineering evolution methodology object oriented frameworks for design and development of security framework

A chat application is taken as a case study to use the framework designed to show the services provided by the framework. Metrics are used to identify potential weakness in the design of the application; so this project also deals with evaluation of object oriented framework using design and code metrics.

Key words: Encryption, Cryprtography, QOS, Security and Maintainability.

I. INTRODUCTION

Network Security is one of the most important topics which catch lot of attention and interest in the field of internet and networking.The security paradigms in the world of the corporate network, or intranet, and the internet have followed different paths. This is because of the differences in their computing environments. The security is enhanced with application developed and it is made comprehensive with Quality of Service. Quality of Service technologies provides the elemental building blocks that will be used for future enhancements.

1.1OVERVIEW OF THE PROJECT

Security is concerned with control of risks related to the prevention, detection, and remediation of attacks; and identity and anonymity in cyberspace. Also confidentiality, integrity, and authenticity are the most important concerns. Last but not the least; Privacy is also rated as very important one.

To achieve manageable and predictable quality of service from one end of the network to the other, the collection of components that must communicate and interact results in a fairly complex process. Quality of Service characteristics includes a set of general characteristics such as Dependability, Security, Adaptability, Maintainability, Portability, Throughput, Capacity, Turn-around Time, Parallelism Constraints, Availability, Ordering Constraints, Result, Achievability, Priority and Presentation.

1.2OBJECTIVE

The main objective of the project is to design and develop Security framework encapsulating good security measures for a distributed environment. The Quality of Service (QoS) framework is used to make the Quality of Service attributes an integral part of a software component. The QoS characteristics address namely security, maintainability and adaptability issues in this framework. The methods such as Secure Socket Layer (SSL) Mechanism, Kerberos and Cryptographic technique using Elliptic Curve Cryptography (ECC) are used to achieve the objective. The Kerberos provides in authentication of the system so that passwords are not transmitted in the clear i.e., the system is resistant against password attacks.

The Secure Socket Layer provided the proper handshake between the client and the server. In every SSL session, the server (responding) side of the connection must authenticate itself to the client (requesting) side. The threat is that a client may ask for a particular service but the reply to that request may come from an impostor or may be observed by an eavesdropper. To counter the possibility of an impostor server reply, the server proves its identity to the client.

The cryptography plays the major role for the encryption and decryption of the messages to overcome the various threats. The elliptic curve cryptography is followed since discrete logarithmic problem based. Elliptic Curve Cryptography offers considerably greater security for a given key size since they are next generation of public key cryptography

II.FRAMEWORK OVERVIEW

2.1FRAMEWORK BASIC DEFINITION

A framework is a class library that captures patterns of interactor between objects. A framework consists of a suite of concrete and abstract classes, explicitly designed to be used together. Applications are developed from framework by completion of the implementations of the abstract classes.

A framework can also include additional utilities to aid in the completion of end user applications. Utility can be a code generator or algorithm. Frameworks are partially completed applications.

The framework has the following two categories: A. Horizontal and

B. Vertical

A horizontal framework is more general than a vertical one. GUI toolkits are example of horizontal frameworks. A vertical framework is specific to a particular application domain and therefore not widely used.

2.2FRAMEWORK DESIGN RULES:

Rule 1 - To minimize the likelihood that you will have to modify a base class later. Rule 2 - To establish a consistent error handling strategy

Rule 3- To establish read-only access to persistent data.

Rule 4-To eliminate catastrophic bugs due to dereferencing bad character-string pointers. Rule 5-To make classes easier to use when character strings are passed as arguments.

Rule 6-To establish a convention for returning something from a function that has been allocated on the heap. Rule 7-To improve the efficiency when returning values and help to establish consistency in class interfaces Rule 8-To maintain predictability and consistency in operator semantics.

Rule 9-To establish a convention for passing arguments by reference. Rule 10-To keep the public portion of a class interface as simple as possible. Rule 11- To prevent name clashes and simplify names.

Rule 12- Keeping framework scalable.

2.3JAVA SECURITY

For java to become successful, it needed to avoid security problems that are plagued other models of software distribution. The important features of the language from a security standpoint are the use of access control for variables and methods within classes, the safety of the type system, the lack of pointers as a language data type, the use of garbage collection (automatic memory deallocation), and the use of packages with distinct namespaces.

Fig 1 Execution of a java program

III.SYSTEM DESIGN

Systems design is the process of defining the hardware and software architecture, components, modules, interfaces, and data for a computer system to satisfy specified requirements. System design is the high-level strategy for solving the problem and building a solution. System design includes the decisions about the organization of system into subsystems, the allocation of hardware and software components, and major conceptual and policy decisions that form the framework for detailed design.

3.1 SECURITY FRAMEWORK OVERVIEW

Despite the spectacular cases of external break-ins, most damage to computer systems and data comes not from malicious outside attacks, but rather from simple mistakes, or the unauthorized or unintended actions of legitimate users of a system. A basic goal of information security is to protect resources and assets from loss. The security framework helps to withstand the various threats and attack thereby ensuring a secure system.

The security framework for a distributed environment consists of the following three major modules: 1. Handshake module

2. Authentication module 3. Cryptography module

Fig 2 Security Framework

3.2HANDSHAKE MODULE

Fig 3 Client Server handshake

3.3 SSL handshake protocol

Secure Socket Layer protocol is an internet protocol for secure exchange of information between a web browser and a web server. It provides two basic security services:

authentication confidentiality

Logically, it provides a secure pipe between the web client and the server. The SSL protocol runs above TCP/IP and below higher-level protocols such as HTTP or IMAP. It uses TCP/IP on behalf of the higher-level protocols, and in the process allows an SSL-enabled server to authenticate itself to an SSL-enabled client, allows the client to authenticate itself to the server, and allows both machines to establish an encrypted connection.

3.3WORKING OF SSL HANDSHAKE PROTOCOL

The SSL protocol uses a combination of public-key and symmetric key encryption. Symmetric key encryption is much faster than public-key encryption, but public-key encryption provides better authentication techniques. An SSL session always begins with an exchange of messages called the SSL handshake.

The handshake allows the server to authenticate itself to the client using public-key techniques, then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows. Optionally, the handshake also allows the client to authenticate itself to the server. The handshake protocol of SSL, is the first sub-protocol used by the client and the server to communicate using an SSL –enabled connection.

Secure Socket Layer handshake is used to initiate a logical connection and establish the security capabilities associated with that connection. This consist of two messages:

The client hello and the server hello

Before ending the communication, the client and the server inform each other that their side of the connection is ending

3.5AUTHENTICATION MODULE

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks , authentication is commonly done through the use of passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially, using an assigned or self-declared password. The weakness in this system for transactions that are significant is that passwords can often be stolen or forgotten.

3.6KERBEROS AUTHENTICATION

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business.

3.6.1WORKING OF KERBEROS AUTHENTICATION

3.7TICKET GRANTING SERVER

The job of the server is to authenticate every client at the login time. The server shares a unique password with every client. The job of ticket granting server is to certify to the servers in the network that a client is really what it claims to be. Thus a connection is established between the client and the server which enables them to communicate.

Fig 4 Kerberos Authentication Mechanism

Server requests the ticket granting server for grant of ticket. Ticket Granting Server issues the ticket to the client and the server. Finally connection is established between the server and client.

Messages 1 and 4 in figure 4 show the application request and response, the most basic exchange in the Kerberos protocol. It is through this exchange that a client proves to a verifier that it knows the session key embedded in a Kerberos ticket. There are two parts to the application request, a ticket and an authenticator. The Kerberos Ticket

The client and server do not initially share an encryption key. Whenever a client authenticates itself to a new verifier it relies on the authentication server to generate a new encryption key and distribute it securely to both parties. This new encryption key is called a session key and the Kerberos ticket is used to distribute it to the verifier.

3.8CRYPTOGRAPHY MODULE

Cryptography is the art or science encompassing the principles and methods of transforming an intelligible message into one that is unintelligible (encryption) and then retransforming that message back to its original form(decryption). To achieve this Elliptic Curve Cryptography is a public key encryption is followed.

3.9ELLIPTIC CURVE CRYPTOGRAPHY

Elliptic Curve Cryptography is a mechanism for implementing public key cryptography. It provides the more security per bit of any known public key scheme, making it ideal for constrained environments. Elliptic curves may be used to form elliptic curve groups. A group is a set of elements with defined arithmetic operations on those elements. For elliptic curve groups, these specific operations are defined geometrically. One potential use of elliptic curves is in the definition of public key cryptosystems. In this way, variants of existing schemes can be devised so that they rely their security on a different underlying hard problem. Public key cryptography, unlike private key cryptography, does not require any shared secret between the communicating parties.

3.10 Working Of Elliptic Curve Cryptography

The mathematical operations of ECC is defined over the elliptic curve y2 _{= x}3 _{+ ax + b,where 4a}3 ₊ 27b2 _{≠ 0. Each value of the ‘a’ and ‘b’ gives a different elliptic curve. All points (x, y) which satisfies the above} equation plus a point at infinity lies on the elliptic curve. The public key is a point in the curve and the private key is a random number. The public key is obtained by multiplying the private key with the generator point G in the curve. The generator point G, the curve parameters ‘a’ and ‘b’, together with few more constants constitutes the domain parameter of ECC. One main advantage of ECC is its small key size. A 160-bit key in ECC is considered to be as secured as 1024-bit key in RSA.

3.11 Analytical explanation

xL = s2 - xJ – xK yL = -yJ + s (xJ – xL)

s = (yJ – yK)/(xJ – xK), s is the slope of the line through J and K.

If K = -J i.e. K = (xJ, -yJ) then J + K = O. where O is the point at infinity. If K = J then J + K = 2J then point doubling is done.

Also J + K = K + J

3.12 Finite Fields

The elliptic curve operations defined above are slow and inaccurate due to round-off error on real numbers. Cryptographic operations need to be faster and accurate. To make operations on elliptic curve accurate and more efficient, the curve cryptography is defined over Binary field F(2^m).

3.13 EC on Binary field F(2^m)

The equation of the elliptic curve on a binary field F(2^m) is y2 _{+ xy = x}3 _{+ ax}2 _{+ b,where b ≠ 0 with} finite field length at most m bits. These numbers can be considered as a binary polynomial of degree m – 1. All the operation such as addition, subtraction, division, multiplication involves polynomials of degree m – 1 or lesser. The m is chosen such that there is finitely large number of points on the elliptic curve to make the cryptosystem secure. The graph for this equation is not a smooth curve. Hence point addition and doubling as in real numbers will not work here. However, the algebraic rules for point addition and point doubling can be adapted for elliptic curves over F(2^m) .

3.14 Point Addition

Consider two distinct points J and K such that J = (xJ, yJ) and K = (xK, yK) Let L = J + K where L = (xL, yL), then

xL = s2 + s + xJ + xK + a yL = s (xJ + xL) + xL + yJ

s = (yJ + yK)/(xJ + xK), s is the slope of the line through J and K.

If K = -J i.e. K = (xJ, xJ + yJ) then J + K = O. where O is the point at infinity. If K = J then J + K = 2J then point doubling equations are used. Also J + K = K + J

3.15 Point Subtraction

Consider two distinct points J and K such that J = (xJ, yJ) and K = (xK, yK) Then J - K = J + (-K) where -K = (xk, xk + yk)

3.16 Point Doubling

Consider a point J such that J = (xJ, yJ), where xJ ≠ 0 Let L = 2J where L = (xL, yL), Then

xL = s2 + s + a yL = xJ 2 + (s + 1)*xL

s = xJ + yJ/ xJ, s is the tangent at point J and a is one of the parameters chosen with the elliptic curve If xJ = 0 then 2J = O, where O is the point at infinity.

3.17 Elliptic Curve Domain parameters

Apart from the curve parameters a and b, there are other parameters that must be agreed by both parties involved in secured and trusted communication using ECC. These are domain parameters. Generally the protocols implementing the ECC specify the domain parameters to be used.

3.18 Domain parameters for EC over field F(2^m)

3.19 Design of Elliptical Curve Cryptography

The Elliptical curve cryptography technique comprises of three major phases namely, key generation, encryption and decryption. In the key generation phase, three types of keys for the server(A) and the client(B) are generated ; private keys(nA,nB), public keys(pA,pB) and secret keys(kA,kB).The following Algorithm explains the Elliptic Curve Cryptography methodology.

Choose the elliptic curve, which satisfies the equation of the form y2 =x3 + ax + b and determine the fixed curve points using the addition rules. Generate the keys for the server (user A). Select a private Key for user A. The public key is determined by considering the product of the private key and the field containing the EC point. The secret key is the product of the private key of user A and public key of user B.

Choose a private key for the user B. Calculate the public key as the product of the private key of user B the field /containing the EC point. Generate the secret key by obtaining the product of the private key of user B and public key of user A. Encode the plain message to a message digest.

To encrypt the message, multiply it with random positive integer and public key of user A and obtain the cipher text .To decrypt the cipher text, user B multiplies the first point in the pair by B’s secret key and subtracts the result from the second point.

3.20 COMPARISON OF RSA AND ELLIPTIC CURVE CRYPTOGRAPHY

Elliptic Curve Cryptography uses much smaller key sizes than other asymmetric techniques, providing equally strong security. Due to the difficulty in breaking its encryption Elliptic Curve Cryptography can provide the same level of RSA encryption at a greatly reduced bit size.

A 128 bit symmetric key would require an RSA key of 3072 bits in order to provide equal protection. The benefits are more substantial for larger key sizes. A 256 bit symmetric key should be protected by 15000/bit rsa asymmetrically while an equivalent Elliptic Curve Cryptography key size is only 512 bits. Smaller key size makes possible more compact implementations for given level of security which means faster cryptographic operations, running on more compact software.

3.21 CLASS DIAGRAM

Class diagrams are widely used to describe the types of objects in a system and their relationships. Class diagrams model class structure and contents using design elements such as classes, packages and objects. Class diagrams describe three different perspectives when designing a system, conceptual, specification, and implementation. These perspectives become evident as the diagram is created and help solidify the design. The system modules are designed to class diagram and are referred.

Fig 8 Class diagram for Authentication module

III.IMPLEMENTATION

In the distributed environment, when a Client wishes to talk to another computer that exists on the local environment, it first identifies the host it wants to communicate with. After the host is identified, the client then sends a message to the Server (another computer from which information is required). This message contains the IP Address of the client alone. When this message reaches the Server it then sends the time and the address of the client to the Ticket Granting Server.

Chat application is a secure environment that utilizes Elliptic Curve Cryptography technique to encrypt and decrypt the messages. The cryptography takes place every time a message is sent between the users enabling a secure environment. The application will be terminated when either the time allotted for the Client exhausts or when a voluntary exit is opted by either of the party.

Such a way the project is implemented based on the following modules

1. Authentication module

2. Handshake module

3. Cryptographic module

4.1 Authentication Module

The authentication module is established with Kerberos technique which provides the authentication. The module involves various phases such as client communication, granting ticket to client from the server and time authentication.

The steps involved in the implementation of Authentication Module are: logging (String ClientIPAddress,String password,String UserId)

This method is used when the Client wishes to communicate with the Server. It sends the Client Address, username and a password.

public int clientticket(String ClientIPAddress,int hour,int minute)

The Server calls this method that resides in the Ticket Granting Server class to validate the Client. It contains the Client Address with the time at which the request was made.

public int giveTime(String ClientIPAddress)

The server gives the maximum time to the client. The method specifies the maximum time that client can use. The time is sent to client based on the IP address and its time.

public double givewarning(double Minutes)

Gives warning to client for expiry of the ticket based on the time. The method specifies warning based on the minutes for the expiry to notify user.

4.2 Handshake Module

The handshake module is achieved by using SSL system, which provides the handshake proper between the client and the server. This is an internal operation.

1. SSLSocketFactory factory= (SSLSocketFactory) SSLSocketFactory.getDefault() SSLSocket socket = (SSLSocket)factory.createSocket(ServerIP, 443);

Socket factories are a simple way to capture a variety of policies related to the sockets being constructed, producing such sockets in a way which does not require special configuration of the code which asks for the sockets. The port is set for 443 as the default by specifying the server IP address.

socket.startHandshake();

The method starts the handshake between the client and the server through the use of the socket. This allows client to negotiate using SSL socket to server.

4.3 Cryptographic Module

The cryptography module is achieved by implementing the Elliptic Curve Cryptography. This serves as the efficient way of encryption and decryption of data’s. The elliptic curve is generated and based on the curve the point is calculated and encrypted with the message. Here algebraic operations on the finite field GF(2^m) is used. It compromise of the following steps in the cryptographic generation

The class implements one of the interfaces to select compiled in parameters. This class simulates using runtime parameters.

ECpoint

The class is implemented such a way to identify elliptic curves over GF(2^m). ECfield

This class is provided for the algebraic operations on the finite field GF(2^m). ECField has static functions implementing the field operations

ECcrypt

This class tests the functionality and performance of the Elliptic Curve classes. The methods of the module are:

private static final int GF_POINT_UNITS = 2*(GF_K+1);

This method guides in providing the calculation of the curve points which allows the use of the points by point addition referenced in the previous chapter.

ECPoint()

The method is provided to create a new Elliptic Curve point at infinity i.e., the zero value. ECPoint(ECPoint q)

Create a copy of an existing Elliptic Curve point. The method provides a duplicate of the value for the curve. eccAdd(char[] p, char[] q, char[] r)

The method allows addition of the EC points the are arrived from the method ECpoint().Given the x coordinate of p and a suitable bit ybit of the corresponding y coordinate, evaluate the full y.

public void random(Random rand)

The random(Random rand) allows in selection of random point from the ECparam class. The method includes the following steps:

Sets p to a random point of the elliptic curve. Generate a pseudo-random x component evaluate the corresponding y component

Sets p to the point at infinity O, clearing entirely the content of p. Clearing entirely sets all bits to zero to avoid any possibility of leaking secret data.

BigInteger pack()

The method is to pack the curve point into a BigInteger. public void unpack(BigInteger a)

The method which unpacks a vlPoint into a curve point makePublicKey(BigInteger privateKey)

The method is to compute the public key. The steps are as follows: At param privateKey, The private key (x).

At return the public key is (x*P).

encodeSecret(BigInteger publicKey, BigInteger secret)

This method is used to encode the message along with public form and a shared value. Working of the method is as follows:

param secret holds a one-time secret multiplier (k). param publicKey holds a partner's public key (x*P).

return the secret multiplier's public form (k*P) in r and the shared value (k*x*P) in s. mult(privateKey)

This function is used for multiplying the pack for encoding the string to that of the key. public static class Pair { BigInteger r, BigInteger s }

This class is used such that two BigInteger values can be returned from one return statement. This helps in getting the message and the key.

decodeSecret(BigInteger privateKey, BigInteger message) Decode a secret shared value. In the method the work as follows: Param privateKey holds one's secret key (x).

Param message holds the public form of a partner's secret multiplier (k*P). Return the shared value (x*k*P).

Thus the implementation is fulfilled by the referred methods in the view of the designed system. After implementation Unit testing and regression testing are carried out.

SUMMARY AND SCOPE

to the client by using public-key techniques, and then allows the client and the server to cooperate in the creation of asymmetric keys used for rapid encryption and decryption. Optionally, the handshake also allows the client to authenticate itself to the server. Kerberos is a distributed authentication service that allows a client to prove its identity to an application server without sending data across the network that might allow an attacker or the verifier to subsequently impersonate the client. Kerberos optionally provides integrity and confidentiality for data sent between the client and server.

Implementation of ECC using projective coordinates has shown considerable improvements in efficiency compared to the affine coordinate implementation. This improvement in efficiency is due to the elimination of multiplicative inverse operation that would cost considerable processor cycles.

QoS provides differentiated services, which provide higher-priority to flows, or guaranteed services that provide an assured security level. Both of these are contrasted by best-effort services, which are provided by what is generally considered a lack of QoS. Elliptic Curve Cryptography provides the best effort service. The project maintains and follows the characteristics namely security, maintainability, and adaptability to make better frame work.

With the use of the framework for the distributed environment, the message transmitted is made secure with high security of Elliptical Curve Cryptography by SSL handshake between the client and the server, further the Kerberos ticket method allows identity, integrity and confidentiality.

The following potential improvement may be enhanced in futureDigital Signatures can be used such that the data is valid and that the sender has approved it.The features of the Kerberos can be extended such a way it can include renewable tickets and ticket waitlists.

Access Control List can be provided for additional security by providing username and password for all users.

Acknowledgment

I wish to thank all the co authors who have supported me to a great extent.

REFERENCE

[1] William Stallings, “Cryptography and Network Security, principles and practices”, Third edition, Pearson. [2] Pressman S. Roger, “Software Engineering, a Practitioners Approach”, New Delhi: Tata McGraw-Hill,

2001.

[3] Atul Khahate,” Cryptography and Network Security”, Tata McGraw-Hill, 2003.