SNAP : a distributed authentication protocol
The explosive growth in network based applications and distributed systems allows the deployment of critical applications such as e-commerce, tele-banking, electronic government, etc. On the other hand, attacking networks and distributed systems becomes easier with the support of public cracking tools and the information sharing between hackers. Consequently, security is a crucial topic. Authentication is considered as one of the major components in security and, in fact, represents the front door for any secure system. It is an important requirement to ensure that the network resources are accessed only by authorized users, meanings that strong access control mechanisms are needed. Most existing authentication protocols are centralized such that a single authentication entity controls the authentication process. These traditional authentication protocols suffer from certain drawbacks pertaining to security, availability and trust. This thesis proposes and evaluates a novel authentication protocol: Secure Network Access Protocol (SNAP) that attempts to overcome some of the drawbacks of centralized authentication protocols. SNAP is a distributed authentication protocol and is based on secret sharing schemes which have a quorum access structure. Another significant contribution of this thesis has been to consider not only the security analysis of SNAP but also the implementation issues. SNAP is studied and found to be robust in term of its security, availability, overhead and performance. The implementation of SNAP is considered and the application of SNAP to a wireless networks undertaken. The research conducted has shown the need for distributed authentication protocols and the importance of studying the network implementation issues for any novel security protocol.