SpringerLink
Log in

The Authentication Framework within the Java Data Security Framework (JDSF): Design and Implementation Refinement

  • Conference paper
  • First Online:
Novel Algorithms and Techniques in Telecommunications and Networking

Abstract

We present a refinement design of the Authentication Framework, which is a part of a more general structure, that we refer to as Java Data Security Framework (JDSF) designed to support various aspects related to data security (confidentiality, origin authentication, integrity, SQL randomization), where this article focuses only on the authentication aspect. The design refinement considerations include unification of the parameters structure of concrete module implementations of the framework’s API from the software engineering point of view.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 160.49
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 213.99
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info
Hardcover Book
EUR 213.99
Price includes VAT (Germany)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. S. Mokhov, I. Clement, S. Sinclair, and D. Nicolacopoulos, “Modular Audio Recognition Framework,” Department of Computer Science and Software Engineering, Concordia University, Montreal, Canada, 2002– 2003, project report, http://marf.sf.net, last viewed April 2008.

  2. S. A. Mokhov, “Introducing MARF: a modular audio recognition framework and its applications for scientific and software engineering research,” in Advances in Computer and Information Sciences and Engineering. University of Bridgeport, U.S.A.: Springer Netherlands, Dec. 2007, pp. 473–478, proceedings of CISSE/SCSS’07, cisse2007.org.

    Google Scholar 

  3. The hsqldb Development Group, “HSQLDB – lightweight 100% Java SQL database engine v.1.8.0.10,” hsqldb.org, 2001–2008, http://hsqldb.org/.

  4. S. A. Mokhov, L. W. Huynh, J. Li, and F. Rassai, “A Java Data Security Framework (JDSF) for MARF and HSQLDB,” Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Canada, Apr. 2007, project report. Hosted at http://marf.sf.net, last viewed April 2008.

  5. D.X. Song,D.Wagner, andA. Perrig, “Practical techniques for searches on encrypted data.” University of California, Berkley.

    Google Scholar 

  6. L.Wang, S. Jajodia, and D.Wijesekera, Preserving Privacy in On-line Analytical Processing (OLAP). Springer, Berlin, 2007, ISBN: 0–38746273-2.

    Google Scholar 

  7. L. Wang and S. Jajodia, Security in Data Warehouses and OLAP Systems in The Handbook of Database Security: Applications and Trends, M. Gertz and S. Jajodia, Eds. Springer, Berlin, 2007.

    Google Scholar 

  8. L. Sweeney, “k-anonymity: A model for protecting privacy,” in International Journal on Uncertainty, Fuzziness, and Knowledge-based Systems, 2002, pp. 557–570.

    Google Scholar 

  9. L.Wang, “INSE691A: Database security and privacy, course notes,” CIISE, Concordia University, 2007, http://users.encs.concordia.ca/~wang/ INSE691A.html.

  10. S. A. Mokhov, “Experimental results and statistics in the implementation of the modular audio recognition framework’s API for text-independent speaker Identification,” in Proceedings of the 6th International Conference on Computing, Communications and Control Technologies (CCCT’08), C. D. Zinn, H.-W. Chu, M. Savoie, J. Ferrer, and A. Munitic, Eds., vol. II. Orlando, Florida, USA: IIIS, Jun. 2008, pp. 267–272.

    Google Scholar 

  11. ——, “On design and implementation of distributed modular audio recognition framework: Requirements and specification design document,” Department of Computer Science and Software Engineering, Concordia University, Montreal, Canada, Aug. 2006, project report, http://marf.sf.net, last viewed December 2008.

  12. S. A. Mokhov and R. Jayakumar, “Distributed modular audio recognition framework (DMARF) and its applications over web services,” in Proceedings of TeNe’08. Springer, 2008, to appear.

    Google Scholar 

  13. S. A. Mokhov, S. Sinclair, I. Clement, D. Nicolacopoulos, and the MARF Research & Development Group, “Text-Independent Speaker Identification Application,” Published electronically within the MARF project, http://marf.sf.net, 2002–2008, last viewed April 2008.

  14. S. A. Mokhov, “Choosing best algorithm combinations for speech processing tasks in machine learning using MARF,” in Proceedings of the 21st Canadian AI’08, S. Bergler, Ed. Windsor, Ontario, Canada: Springer-Verlag, Berlin Heidelberg, May 2008, pp. 216–221, LNAI 5032.

    Google Scholar 

  15. ——, “Study of best algorithm combinations for speech processing tasks in machine learning using median vs. mean clusters in MARF,” in Proceedings of C3S2E’08, B. C. Desai, Ed. Montreal, Quebec, Canada: ACM and BytePress, May 2008, pp. 29–43, ISBN 978–1-60558–101-9.

    Google Scholar 

  16. Sun Microsystems, Inc., “OpenOffice,” [online], 2008, openoffice.org.

    Google Scholar 

  17. The PostgreSQL Global Development Group, “PostgreSQL – the world’s most advanced open-source database,” postgresql.org, 1996–2008, http://www.postgresql.org/, last viewed May 2008.

  18. MySQL AB and Sun Microsystems, Inc., “MySQL – the world’s most popular open source database,” www.mysql.com, 1995–2008, http://www.mysql.com/, last viewed December 2008.

  19. S. A. Mokhov, L.W. Huynh, J. Li, andF. Rassai, “Aprivacyframework within the java data security framework (JDSF): Design refinement, implementation, and statistics,” in Proceedings of the 12th World Multi-Conference on Systemics, Cybernetics and Informatics (WM-SCI’08), N. Callaos, W. Lesso, C. D. Zinn, J. Baralt, J. Boukachour, C. White, T. Marwala, and F. V. Nelwamondo, Eds., vol. V. Orlando, Florida, USA: IIIS, Jun. 2008, pp. 131–136.

    Google Scholar 

  20. S. A. Mokhov and L. W. Huynh, “The integrity framework within the java data security framework (JDSF): Design refinement and implementation,” in Proceedings of CISSE’08. University of Bridgeport, CT, USA: Springer, Dec. 2008, to appear.

    Google Scholar 

  21. S. A. Mokhov, L. Wang, and J. Li, “Simple dynamic key management in SQL randomization,” 2008, unpublished.

    Google Scholar 

  22. The GIPSY Research and Development Group, “The General Intensional Programming System (GIPSY) project,” Department of Computer Science and Software Engineering, Concordia University, Montreal, Canada, 2002–2008, http://newton.cs.concordia.ca/~gipsy/, last viewed April 2008.

  23. E. Mykletun, M. Narasimha, and G. Tsudik, “Authentication and integrity in outsourced databases.” Computer Science Department, School of Information and Computer Science, University of California, Irvine, 2006.

    Google Scholar 

  24. M. Narasimha and G. Tsudik, “Authentication of outsourced databases using signature aggregation and chaining,” 2006.

    Google Scholar 

  25. F. Li, M. Hadjieleftheriou, G. Kollios, and L. Reyzin, “Authenticated index structures for aggregation queries in outsourced databases,”Tech. Rep., 2006.

    Google Scholar 

  26. ——, “Dynamic authenticated index structures for outsourced databases,” in SIGMOD 2006. ACM, 2006.

    Google Scholar 

  27. DNSSEC.NET, “DNSSEC: DNS Security Extensions Securing the Domain Name System,” 2002–2008, http://www.dnssec.net/, last viewed December 2008.

  28. D. Atkins and R. Austein, “RFC 3833: Threat Analysis of the Domain Name System (DNS),” [online], Aug. 2004, http://www.rfc-archive.org/getrfc.php?rfc=3833, viewed in December 2008.

  29. R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose, “RFC 4034: Resource Records for the DNS Security Extensions,” [online], Mar. 2005, http://www.rfc-archive.org/getrfc.php?rfc=4034, viewed in December 2008.

  30. D. Conrad, “RFC 3225: Indicating Resolver Support of DNSSEC,” [online], Dec. 2001, http://www.rfc-archive.org/getrfc.php?rfc=3225, viewed in December 2008.

  31. C. Assi, INSE7120: Advanced Network Management, Course Notes. CIISE, Concordia University, 2007, http://users.encs.concordia.ca/~assi/courses/inse7120.htm.

  32. R. Merkle, “A digital signature based on a conventional encryption function,” in Advances in Cryptology – CRYPTO’87, 1988, pp. 369–378.

    Google Scholar 

  33. ——, “A certified digital signature,” in Advances in Cryptology – CRYPTO’89, 1990, pp. 218–239.

    Google Scholar 

  34. Unascribed, “CBC-DES Java implementation,” [online], 2007.

    Google Scholar 

  35. J. O. Grabbe, “Java program for RSA encryption,” [online], 2001, http://www.laynetworks.com/rsa java.txt.

  36. Unascribed, Sign and Verify a DSA Signature. java2s.com, 2004, http://www.java2s.com/Code/Java/Security/VerifyaDSAsignature.htm.

  37. Sun Microsystems, Inc., Security Features in Java SE. java.sun.com, 2007, http://java.sun.com/docs/books/tutorial/security/index.html.

  38. S.Paavolainen andS. Ostermiller, MD5 hash generator. ostermiller.org, 2007, http://ostermiller.org/utils/MD5.java.html.

  39. A. Andreu and M.-A. Laverdi`ere, “SSHA digest, modified,” [online], 2006, http://www.securitydocs.com/library/3439.

  40. S. A. Mokhov, “Towards security hardening of scientific distributed demand-driven and pipelined computing systems,” in Proceedings of the 7th International Symposium on Parallel and Distributed Computing (ISPDC’08). Krakow,Poland: IEEE Computer Society, Jul. 2008, pp. 375–382.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Software Engineering, Concordia University, SGW, EV7.139-2, Montreal, Quebec, Canada

    Serguei A. Mokhov

  2. Ericsson Canada, Montreal, Quebec, Canada

    Farid Rassai

  3. SR Telecom, Montreal, Quebec, Canada

    Lee Wei Huynh

  4. Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Quebec, Canada

    Lingyu Wang

Authors
  1. Serguei A. Mokhov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Farid Rassai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lee Wei Huynh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lingyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Serguei A. Mokhov .

Editor information

Editors and Affiliations

  1. School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA

    Tarek Sobh

  2. School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA

    Khaled Elleithy

  3. School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA

    Ausif Mahmood

Rights and permissions

Reprints and permissions

Copyright information

Âİ 2010 Springer Science+Business Media B.V.

About this paper

Cite this paper

Mokhov, S.A., Rassai, F., Huynh, L.W., Wang, L. (2010). The Authentication Framework within the Java Data Security Framework (JDSF): Design and Implementation Refinement. In: Sobh, T., Elleithy, K., Mahmood, A. (eds) Novel Algorithms and Techniques in Telecommunications and Networking. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-3662-9_73

Download citation

  • DOI: https://doi.org/10.1007/978-90-481-3662-9_73

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-90-481-3661-2

  • Online ISBN: 978-90-481-3662-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation