Integrating access control with user authentication using smart cards

Author

Lee, Narn-Yih

Author_Institution

Appl. Eng. Dept., Southern Taiwan Univ. of Technol., Tainan, Taiwan

Volume

46

Issue

4

fYear

2000

fDate

11/1/2000 12:00:00 AM

Firstpage

943

Lastpage

948

Abstract

Jan and Tseng (see IEE Proc. Comput. Digit. Tech., vol.145, no.6, p.419-24, 1998) proposed two integrated schemes of user authentication and access control which can be used to implement a protection system in distributed computer systems. However, Lee (2000) showed that both schemes were insecure. Although Lee modified Jan-Tseng´s second scheme to withstand the proposed attacks, how to repair Jan-Tseng´s first scheme to prevent Lee´s attacks is still unknown. Thus, this paper proposes an improvement of Jan-Tseng´s first scheme using smart cards to withstand Lee´s attacks and the replay attack. The security of the proposed scheme is based on the difficulty of solving discrete logarithms. The proposed scheme holds the following advantages (1) servers do not need to keep any secret information about the system or the users; and (2) the updating processes for the modification of access rights are very efficient

Keywords

cryptography; message authentication; smart cards; telecommunication security; Lee´s attacks; access control; access rights modification; cryptography; discrete logarithms; distributed computer systems; efficient updating processes; protection system; replay attack; security; servers; smart cards; user authentication; Access control; Authentication; Control systems; Cryptography; Distributed computing; Information security; Permission; Protection; Smart cards; Vents;

fLanguage

English

Journal_Title

Consumer Electronics, IEEE Transactions on

Publisher

ieee

ISSN

0098-3063

Type

jour

DOI

10.1109/30.920444

Filename

920444