Literature Review on Hybrid Security in Virtual Private Networks

Question: Discuss about the Literature Review on Hybrid Security in Virtual Private Networks. Answer: Introduction VPN is the technology by which information is protected from getting transmitted over the Internet. The unique recognition approaches include finger print recognition, retinal patterns, palm vein technology, voice recognition and face recognition (Mahto Yadav, 2013). These several metrics are related to the characteristics of human beings. This is a type of authentication used needed for the organization for access control and identification. Elliptical curve cryptography is a sub part of public key cryptography that is done on the basis of the structure of algebra of the elliptic curves over the finite fields. It needs various smaller keys in comparison to all the non-ECC for providing security. In this literature review, the discussion is made on the topic that why biometric and ECC are better than other VPN security. They help to mitigate the security issues by using the unique technologies. This paper will provide good methods to secure the confidential data and maintain the confidentiality of an organization. This literature review will also discuss about the innovative ways to utilize this system. The literature review does not provide any innovative recommendation about biometric system and elliptical curve cryptography. Rather, the review describes the existing best technologies of biometric and elliptical curve cryptography (Ramalho, Correia Soares, 2012). Most of the sources provided in the following paper states about the advantages of biometric, ECC, and disadvantages of the other VPN securities. Review: Field of Research The main aim of this literature review is to understand the basic concept of hybrid security in virtual private network. Virtual private networks do have some problems in their security. Biometric system and elliptical curve cryptography together constitute the best possible security methods that are useful to any organization. The security breaches or attacks occur only when a hacker or intruder tries to hack into the information system or the organization. According to Yadav, (2015), a VPN or virtual private network is an extension of a public network, which allows the users to receive and send the data in the public and the shared networks just like their devices were connected to the private network. The benefit of this VPN is the security, functionality and management policies of the private network. There are three major components of VPN. They are the authentication header, the encapsulating security payload and the internet key exchange. Rahimi Zargham, (2012) state that a virtual tunnel is a link between two locations in the Internet. When a sender sends a message or a data to a receiver in another location, the VPN tunnel comes into account. VPN tunnel is extremely safe and secured for transferring a sensitive data. This is mainly used for encryption of a TCP/IP connection to a server from an application. Most applications are based on the server and client protocol and they have to connect to the data for accessing the data. The VPN tunnel makes the connection easier and makes the communication secure. According to Funk, (2015), there are several types of VPN protocols. The protocols are IPSec, L2TP, point to point tunneling protocol, secure sockets layer and transport layer security, open VPN and secure shell or SSH. The IPSec is used to secure the communication of Internet across an IP network. The L2TP is combined with other VPN security protocol to generate a secured connection. The PPTP creates a VPN tunnel and the data packet in encapsulated. Main function of this protocol is the encryption of data. The SSL and TLS create a connection in VPN where the client is the browser. These protocols are mostly used in online shopping sites. Open VPN is used for generating the site-to-site and point-to-point connections. It is utilized as the custom security protocol. SSH generates a VPN tunnel, from which the data is transferred and the tunnel is protected. There are two types of VPN authentication methods that are used to secure the IPSec VPN tunnel. According to Mahto Yadav, (2013), VPN security provides good security system to any system. However, the problem in VPN is that the Point to point protocol is prone to brute force attack. This is dangerous to the information system. This problem can be solved with the help of biometric and cryptography. The famous RSA asymmetric cryptography is completely based on software and hardware. This type of algorithm requires to store the secret keys. Weak passwords protect these keys. There is a high chance of brute force attacks in this type of cryptographic algorithm. This is the main disadvantage of this cryptography. The elliptical curve cryptography solves this particular problem. The contactless palm vein biometric system greater security with less key length and there is no requirement for storing any private key anywhere. This combination of biometric system with elliptical curve cryptography aims to generate and share a secret key without the transmission of any private key so tha t nobody is able to access the key except the users. The elliptical curve cryptosystem describes the biometric system using the vein of the palm of an individual. Kahate, (2013) states that Internet Key Exchange or IKE is a protocol that is utilized to set a security association in VPN. For authentication purpose, IKE utilizes X.509 certificates either distributed or pre shared utilizing DNS or to set a shared session secret by the Diffie Hellman key exchange. Yoon Yoo, (2013) states that the conventional single server authentication of VPN approaches undergo a major drawback. When a user wishes to utilize several services of network,, the user has to register himself in those servers. For this particular problem, many multi server authentication approaches are proposed. However, these approaches are not secured from cryptographic attacks. This paper proposes the very efficient and secured the multi server authentication. This biometric authentication is done with smart cards on ECC to mitigate the hash operation complexities within the users. It will provide an extremely strong authentication function of a user. According to Yeh et al., (2013), the remote access virtual private network secures the network from remote locations. However, there is a high chance that this network can be breached. Biometric and ECC can stop the network from being breached. There are three factors that are used for user authentication by providing the privacy of biometric data with the help of robust elliptical curve cryptography. The three factors for this particular authentication are the passwords, smart cards and biometrics. However, it is observed that this authentication scheme is often vulnerable to any type of insider attack. The passwords can be hacked and intruders can steal the smart cards. According to Ramalho, Correia Soares, (2012), the main disadvantage of VPN is that it is extremely cost effective. Biometric and ECC are simple solution to this problem. They are not at all expensive. The best three biometric identifications are with hand. They are the hand geometry, palm print and finger surfaces. These three biometric identifications help to secure the system with cryptographic curves. Hand geometry is one of the fastest and safest technologies for securing and unique identification of individuals. Palm print is another common and simple way of identification using cryptography. Rao, Rao Rao, (2012), states that finger print is the best solution for biometric with elliptical curve cryptography. It is not possible to take any other persons finger print and thus is extremely safe and secured technology. Finger print is a unique biometric parameter, which when is combined with cryptography forms the safest and the secured hybrid virtual private network. Other Reviews According to Yoon Yoo (2014), a user generated a VPN connection with corporate server of VPN. When the encryption is done in the VPN connection, dial up networking connection is not required between the server and the client. However, this current system is not at all safe and secure as there is a chance that the hacker will get the details of the network. Recently several schemes are proposed for safe and secure networks and communication with the help of WSNs or wireless sensor networks. This is the new biometric based authenticated key agreement scheme. This wireless sensor network provides a secured network to the user. Salas, (2013) states that the problems of virtual private network security can be solved with the help of smart card. This smart card is created using ECC encryption and biometrics. A smart card is a simple card made of plastic that has a in built microprocessor and are utilized to perform several transactions. When the transactions were previously done using the virtual private network, the security was not up to the mark. Many breaching cases were registered worldwide as the network in virtual private network is open. Biometric and elliptical curve cryptography has brought the solution of smart card. Smart card secures the transaction and there is no chance that the intruder can hack into the systems. Althobaiti Aboalsamh, (2012) state thatElliptic Curve Cryptography or ECC usage is with smaller key to give high security and high speed in a low bandwidth. ECC is considered as the best method for upcoming applications. This review presents the idea of biometric signature, which is a new method to combine biometrics with public key infrastructure or PKI; the security can be increased using the ECC in biometric signature creation, because the private and public keys are produced without sending and saving any of the secret information anywhere. According to Mahalakshmi Sriram, (2013) a Virtual Private Network has several disadvantages as if it enables IP spoofing. The other disadvantage is the IP address of the user is blacklisted often due to the action of any other user of VPN. An ECC based multi biometric system stops this type of attack. This particular security system stops the spoofing of IP and the IP address is not blacklisted. Moreover, any other user cannot access the VPN when it is in use. The pictorial representation of the combination of biometric and ECC algorithm is given below: Fig 1: Combination of Biometric System and ECC The above diagram describes the basic algorithm of the biometric and ECC where A is the sender and B is the receiver. There are nine steps in this algorithm. They are as follows: i) At first the connection from A to B is requested. ii) In the second step, B acknowledges back. iii) Next, A sends an authentication request. iv) After this step, B shares the ECC key with A. v) In this step, A acknowledges back that the key is received. If the response is, negative there will be a disconnection. vi) If the response is positive, A will send a bio authentication request. vii) In this step, B will send the acknowledgement and the shared key to access. viii) In the eighth step, A will send an acknowledgement. ix) Finally, in the last step, the connection will be accessed. Once the connection is done, it is sent to the VPN tunnel. Current Best Solution According to Li et al., (2012), the best solution for the combination of biometric system and elliptical curve cryptography is the fingerprint recognition. The user has to scan his fingerprints in the biometric machine and thus the identification and verification is done. The main advantages of this type of biometric and ECC combination is that there is no chance of false and fake recognition. No finger prints are similar and the hacker cannot fake an users finger print. This type of combination is extremely secured and can be easily installed in any organization. The other advantage of this type of recognition is that it records time. There is a micro controller present in the system that records and authenticates the system. Fig 2: Block Diagram of the Finger Print Model The above diagram clearly defines the block diagram of a finger print model which is controlled by a micro controller. There is a module that takes the fingerprint and if wrong person gets into the system, a security alarm notifies. However, this system does have some drawbacks. The main drawback is the constant supply of electricity. Without electricity, the fingerprint model cannot work. Another major limitation of this system is that it accepts absolute accuracy. If the hands are sweaty or has any kind of injury, the fingerprint machine does not accept it. In spite of these limitations, fingerprint is accepted by all users and is considered as the safest technology. Conclusion Therefore, from the above discussion it can be concluded that, virtual private network is one of the safest technology for securing the network. However, it has some disadvantages like cost and complexity. The combination of biometric and elliptical curve cryptography is the answer for this problem. VPN is the technology by which information is protected from getting transmitted over the Internet. It allows the users to establish a private and virtual tunnel to enter a network safely, by accessing data, resources and communications by an insecure network. This sometimes becomes a huge problem for security. Biometric system helps to resolve the problems related to security in an organization. This is a type of verification of an individual through which that person is uniquely recognized by the evaluation of few identifying biological traits. Cryptography will transform the data in a confidential way so that there is no chance that the data will be in the hands of the hacker or intrud er. Moreover, this paper also describes about biometric system and elliptical curve cryptography in such a form that there exists no loophole in the system of security. The main advantage of these technologies is that the system will be unavailable to any individual, who does not have that particular biological trait. The above literature review discusses about the innovative ways to utilize this system. The best solution for this combination is the finger print system. The review provides a simple model of finger print system with proper justifications. The major limitations of this system include its constant supply of electricity and any kind of injury and roughness is not accepted by this system. References Althobaiti, O. S., Aboalsamh, H. A. (2012, December). An enhanced elliptic curve cryptography for Biometric. InComputing and Convergence Technology (ICCCT), 2012 7th International Conference on(pp. 1048-1055). IEEE. Funk, A. Virtual Private Network. Kahate, A. (2013).Cryptography and network security. Tata McGraw-Hill Education. Li, P., Yang, X., Qiao, H., Cao, K., Liu, E., Tian, J. (2012). An effective biometric cryptosystem combining fingerprints with error correction codes.Expert Systems with Applications,39(7), 6562-6574. Mahalakshmi, U., Sriram, V. S. (2013). An ECC based multibiometric system for enhancing security.Indian Journal of Science and Technology,6(4), 4299-4305. Mahto, D., Yadav, D. K. (2013, January). Network security using ECC with Biometric. InInternational Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness(pp. 842-853). Springer, Berlin, Heidelberg. Rahimi, S., Zargham, M. (2012). Analysis of the security of VPN configurations in industrial control environments.International Journal of Critical Infrastructure Protection,5(1), 3-13. Ramalho, M. B., Correia, P. L., Soares, L. D. (2012). Hand-based multimodal identification system with secure biometric template storage.IET computer vision,6(3), 165-173. Rao, B. R., Rao, E. K., Rao, S. R. (2012). Finger Print Parameter Based Cryptographic Key Generation.International Journal of Engineering Research and Applications (IJERA) ISSN, 2248-9622. Salas, M. (2013). A secure framework for OTA smart device ecosystems using ECC encryption and biometrics. InAdvances in Security of Information and Communication Networks(pp. 204-218). Springer, Berlin, Heidelberg. Yadav, S. (2015). Virtual Private Network. Yeh, H. L., Chen, T. H., Hu, K. J., Shih, W. K. (2013). Robust elliptic curve cryptography-based three factor user authentication providing privacy of biometric data.IET Information Security,7(3), 247-252. Yoon, E. J., Yoo, K. Y. (2013). Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem.The Journal of supercomputing,63(1), 235-255. Yoon, E. J., Yoo, K. Y. (2014, March). A biometric-based authenticated key agreement scheme using ECC for wireless sensor networks. InProceedings of the 29th Annual ACM Symposium on Applied Computing(pp. 699-705). ACM.