"Design, Implementation and Integration of an opensource

technologies based setup for multi level authentication in

highly secured networks, using diverse and proven
authentication schemes"

Abstract:
The services are available on the network requires authentication for
distinguishing between authorized and unauthorized users of the service. With the
requirement of making the basic services - like the access of organization owned email
service – accessible over the Internet, the potential threat of unauthorized users trying to
hack the network resources using the Internet has increased multi folds. Simple, one
factor authentication schemes are vulnerable to hacking and require lot of discipline
among authorized users - in the form of complying to strong password policy - to make it
secure and thus are not preferred for highly secure networks. The two/multi factor
authentication schemes, which are preferable in highly secured networks, are complex
and require the users to carry some form of smart card or USB token for authentication.
Also, the management of smart cards and USB tokens adds on to the complexities at the
administrator level. Keeping the network secure, while exposing the available services,
over the Internet is a challenging task. The challenges start from making the
authentication setup of the network services as secure and as simple as possible, so as to
make the services accessible from any where across the Internet in the most simplified
way and without posing any potential threat to the networked resources.

In this project a setup using authentication scheme based on OpenID, One Time
Password (OTP), Public key and portal technologies is being developed for providing
multi level authenticated access to highly secured networked resources over the Internet.
The authentication setup and the portal thus developed will be tested to access the email
services securely over the Internet. The authentication scheme uses OpenID as the first
level of authentication, which provides a different network infrastructure for managing
the identity of the users of a secure network. The second level of authentication uses the
OTP technique to generate a one time password, which after encryption using the public
key infrastructure (PKI) will be sent to the pre-registered web based email account of the
user. The third level of authentication is done using the actual authentication setup of the
organization which is used from within the organization.

In this project we have tried to address the problem of the directly making the
authentication setup and the web services of the organization accessible from the Internet
to the unauthorized users, and at the same time making the related services accessible
from the Internet to the authorized and registered users – thus reducing the chances of the
authentication setup and the web services, getting hacked/accessed by the hackers. Also
the overheads of maintaining the security of the already established infrastructure i.e. the
pre programmed web services and the authentication setup gets reduced, since the first
point of entry to the network i.e. the authentication setup has been secured by using
multiple layers of diverse authentication schemes, built using multiple, tested and proven
authentication technologies.

Keyword: - Network security, multilevel authentication, USB token, OpenID, one time
password (OTP), PKI.

Project Guide

1 2 3
Shri S.S.Tomar Shri Jitendra Patil Mr. Deepak Abhyankar
Scientific officer-F Scientific officer-E Lecturer
RRCAT, Indore (MP) RRCAT, Indore (MP) SCSIT, DAVV

………………………….
Student
Rahul Sharma
M.Tech. (Computer science) 3rd SEM
School of Computer Science & IT, DAVV