|
Existing techniques | Flaws in the existing techniques | Mitigation of flaws in the proposed technique |
|
Mutual authentication | Centralized architecture | De-centralized architecture |
There is a need to be both client and server for authentication of each other. Both are relaid on each other for authentication | There is no need of both client and server for authentication each other |
Less secure because relies on centralized authority | More secure because does not rely on centralized authority |
Open authentication | In open authentication, tokens are generated for end-users for authentication | Directly, hash key values are assigned to the end-users |
Tokens are not in an encrypted form, so everyone can access the token and breach security | Hash key values are in an encrypted form, so other entities do not understand the hash key values and cannot breach security |
Totally based on open authentication server | Not based on server |
Kerberos authentication | Kerberos authentication uses temporal tickets for authentication purposes in a specific period | The proposed solution provides hash key values permanently to end-users |
Temporal tickets are not in an encrypted form | Hash key values are in an encrypted form |
Dependent on temporal tickets and time, so kerberos authentication follows the centralized architecture | Provides decentralized architecture for authentication |
Group authentication | Group authentication authenticates entities with the permission of all other entities in the group. Message passing in a group is not in an encrypted form, so every entity in the group can easily perform some maliciousness | Hash key values are distributed across all entities in the system with the help of distributed ledgers. Hash key values are in an encrypted form, so it is hard to understand for any entity in the system. |
|