Ashok Kumar Das

International Institute of Information Technology, Poona, Mahārāshtra, India

Are you Ashok Kumar Das?

Claim your profile

Publications (19)11.72 Total impact

  • Jayakrushna Sahoo, Ashok Kumar Das, A. Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Association rule mining among itemsets is a fundamental task and is of great importance in many data mining applications including attacks in network data, stock market, financial applications, bioinformatics to find genetic disorders, etc. However, association rule extraction from a reasonable-sized database produces a large number of rules. As a result, many of them are redundant to other rules, and they are practically useless. To overcome this issue, methods for mining non-redundant rules are essentially required. To address such problem, we initially propose a definition for redundancy in sense of minimal knowledge and then a compact representation of non-redundant association rules which we call as compact informative generic basis. We also provide an improved version of the existing DCI_CLOSED algorithm (DCI_PLUS) to find out the frequent closed itemsets (FCI) with their minimal representative generators in combination with BitTable which represents a compact database form in a single scan of the original database. We further introduce an algorithm for constructing the compact informative generic basis from the FCI and their generators in an efficient way. We finally present an inference mechanism in which all association rules can be generated without accessing the database. Experiments are performed on the proposed method. The experimental results show that the proposed method outperforms the other existing related methods.
    Knowledge and Information Systems 02/2014; · 2.23 Impact Factor
  • Ashok Kumar Das, Adrijit Goswami, Vanga Odelu
    [Show abstract] [Hide abstract]
    ABSTRACT: The hierarchical cryptographic key assignment is used to assign cryptographic keys to a set of partially ordered security classes so that the user in a higher security class can derive the cryptographic secret keys of the other users in a lower security class. In this paper, we propose a practical solution for dynamic access problems in a user hierarchy, which uses the polynomial interpolation and hash function. When compared with other related recent existing access control schemes, in our scheme the computational complexity and the required storage space are significantly reduced. In addition, our scheme provides provable security. Furthermore, our scheme is easy to implement and therefore, it is more suitable for practical applications.
    International Journal of Communication Networks and Distributed Systems 02/2014; 12(2):129-151.
  • Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava’s scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava’s scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava’s scheme.
    Journal of Medical Systems 01/2014; 38(6). · 1.78 Impact Factor
  • Source
    Ashok Kumar Das, Vanga Odelu, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.
    TheScientificWorldJournal. 01/2014; 2014:719470.
  • Vanga Odelu, Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Lo et al. (2011) proposed an efficient key assignment scheme for access control in a large leaf class hierarchy where the alternations in leaf classes are more frequent than in non-leaf classes in the hierarchy. Their scheme is based on the public-key cryptosystem and hash function where operations like modular exponentiations are very much costly compared to symmetric-key encryptions and decryptions, and hash computations. Their scheme performs better than the previously proposed schemes. However, in this paper, we show that Lo et al.’s scheme fails to preserve the forward security property where a security class CxCx can also derive the secret keys of its successor classes CjCj’s even after deleting the security class CxCx from the hierarchy. We aim to propose a new key management scheme for dynamic access control in a large leaf class hierarchy, which makes use of symmetric-key cryptosystem and one-way hash function. We show that our scheme requires significantly less storage and computational overheads as compared to Lo et al.’s scheme and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against all possible attacks including the forward security. In addition, our scheme supports efficiently dynamic access control problems compared to Lo et al.’s scheme and other related schemes. Thus, higher security along with low storage and computational costs make our scheme more suitable for practical applications compared to other schemes.
    Information Sciences. 01/2014; 269:270–285.
  • [Show abstract] [Hide abstract]
    ABSTRACT: In a wireless sensor network, we often require the deployment of new nodes to extend the lifetime of the network because some sensor nodes may be lost due to power exhaustion problem or they may be also malicious nodes. In order to protect malicious nodes from joining the sensor network, access control mechanism becomes a major challenging problem in the design of sensor network protocols. Existing access control protocols designed for wireless sensor networks require either high communication overheads or they are not scalable due to involvement of the base station during authentication and key establishment processes. In this paper, we propose a new access control scheme for large-scale distributed wireless sensor networks, which not only identifies the identity of each node but it has also ability to differentiate between old nodes and new nodes. The proposed scheme does not require involvement of the base station during authentication and key establishment processes, and it can be easily implemented as a dynamic access control protocol. In addition, our scheme significantly reduces communication costs in order to authenticate neighbor nodes among each other and establish symmetric keys between neighbor nodes as compared with existing approaches. Further, our scheme is secure against different attacks and unconditionally secure against node capture attacks. The simulation results of our scheme using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool ensure that our scheme is safe.
    International Journal of Foundations of Computer Science 10/2013; 24(05). · 0.42 Impact Factor
  • Ashok Kumar Das, Bezawada Bruhadeshwar
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.
    Journal of Medical Systems 10/2013; 37(5):9969. · 1.78 Impact Factor
  • Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.
    Journal of Medical Systems 06/2013; 37(3):9948. · 1.78 Impact Factor
  • Vanga Odelu, Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against 'man-in-the-middle attack' or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.'s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu-Chen's scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu-Chen's scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu-Chen's scheme, Nikooghadam-Zakerolhosseini's scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.
    Journal of Medical Systems 04/2013; 37(2):9920. · 1.78 Impact Factor
  • Source
    Ashok Kumar Das, Ashish Massand, Sagar Patil
    [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose a new security protocol for proxy signature by a hierarchy of proxy signers. In this protocol, the original signer delegates his/her signing capability to a predefined hierarchy of proxy signers. Given the documents of a security class to be signed by the original signer, our scheme suggests a protocol for the hierarchy of proxy signers to sign the document on behalf of the original signer. The concept of hierarchical access control limits the number of people who could sign the document to the people who have the required security clearances. User in a security class requires two secret keys: one which identifies his/her security clearance, and that can also be derived by a user of upper level security clearance and second is his/her private key which identifies him/her as a proxy signer for the signature generation. We show that our scheme is efficient in terms of computational complexity as compared to the existing related proxy signature schemes based on the hierarchical access control. Our scheme also supports addition and deletion of security classes in the hierarchy. We show through security analysis that our scheme is secure against possible attacks. Furthermore, through the formal security analysis using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool we show that our scheme is also secure against passive and active attacks.
    Journal of King Saud University - Computer and Information Sciences. 01/2013; 25(2):219–228.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Wireless body area networks (WBANs) can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is also secure against passive and active attacks.
    Journal of King Saud University - Computer and Information Sciences. 01/2013;
  • [Show abstract] [Hide abstract]
    ABSTRACT: In a key management scheme for hierarchy based access control, each security class having higher clearance can derive the cryptographic secret keys of its other security classes having lower clearances. In 2008, Chung et al. proposed an efficient scheme on access control in user hierarchy based on elliptic curve cryptosystem [Information Sciences 178 (1) (2008) 230–243]. Their scheme provides solution of key management efficiently for dynamic access problems. However, in this paper, we propose an attack on Chung et al.’s scheme to show that Chung et al.’s scheme is insecure against the exterior root finding attack. We show that under this attack, an attacker (adversary) who is not a user in any security class in a user hierarchy attempts to derive the secret key of a security class by using the root finding algorithm. In order to remedy this attack, we further propose a simple improvement on Chung et al.’s scheme. Overall, the main theme of this paper is very simple: a security flaw is presented on Chung et al.’s scheme and then a fix is provided in order to remedy the security flaw found in Chung et al.’s scheme.
    Information Sciences. 11/2012; 209:80–92.
  • [Show abstract] [Hide abstract]
    ABSTRACT: Most queries in wireless sensor network (WSN) applications are issued at the point of the base station or gateway node of the network. However, for critical applications of WSNs there is a great need to access the real-time data inside the WSN from the nodes, because the real-time data may no longer be accessed through the base station only. So, the real-time data can be given access directly to the external users (parties) those who are authorized to access data as and when they demand. The user authentication plays a vital role for this purpose. In this paper, we propose a new password-based user authentication scheme in hierarchical wireless sensor networks. Our proposed scheme achieves better security and efficiency as compared to those for other existing password-based approaches. In addition, our scheme has merit to change dynamically the user's password locally without the help of the base station or gateway node. Furthermore, our scheme supports dynamic nodes addition after the initial deployment of nodes in the existing sensor network.
    Journal of Network and Computer Applications 09/2012; 35(5):1646–1656. · 1.47 Impact Factor
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: Several symmetric-key distribution mechanisms are proposed in the literature, but most of them are not scalable or they are vulnerable to a small number of captured nodes. In this paper, we propose a new dynamic random key establishment mechanism in large-scale distributed sensor networks, which supports deployment of sensor nodes in multiple phases. In the existing random key distribution schemes, nodes do not refresh their own keys, and thus, the keys in their key rings remain static throughout the lifetime of the network. One good property of our dynamic key distribution scheme is that the already deployed nodes in a deployment phase refresh their own keys in key rings before another deployment phase occurs. The strength of the proposed scheme is that it provides high resilience against node capture as compared to that for the other existing random key distribution schemes. Through analysis and simulation results, we show that our scheme achieves better network performances as compared to those for the existing random key distribution schemes. Finally, we propose an extended version of our scheme for practical usefulness to support high network connectivity and resilience against node capture.
    International Journal of Information Security 06/2012; 11(3). · 0.48 Impact Factor
  • Source
    Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: Establishment of pairwise keys between sensor nodes in a sensor network is a difficult problem due to resource limitations of sensor nodes as well as vulnerability to physical captures of sensor nodes by the enemy. Public-key cryptosystems are not much suited for most resource-constrained sensor networks. Recently, elliptic curve cryptographic techniques show that public key cryptosystem is also feasible for resource-constrained sensor networks. However, most researchers accept that the symmetric key cryptosystems are viable options for resource-constrained sensor networks. In this paper, we first develop a basic principle to address the key pre-distribution problem in mobile sensor networks. Then, using this developed basic principle, we propose a scheme which takes the advantage of the post-deployment knowledge. Our scheme is a modified version of the key prioritization technique proposed by Liu and Ning. Our improved scheme provides reasonable network connectivity and security. Moreover, the proposed scheme works for any deployment topology.
    08/2011;
  • Source
    Ashok Kumar Das, Debasis Giri
    [Show abstract] [Hide abstract]
    ABSTRACT: Pairwise key establishment is one of the fundamental security services in sensor networks which enables sensor nodes in a sensor network to communicate securely with each other using cryptographic techniques. It is not feasible to apply traditional public key management techniques in resource-constrained sensor nodes, and also because the sensor nodes are vulnerable to physical capture. In this paper, we introduce a new scheme called the identity based key pre-distribution using a pseudo random function (IBPRF), which has better trade-off between communication overhead, network connectivity and resilience against node capture compared to the other key pre-distribution schemes. Our scheme can be easily adapted in mobile sensor networks. This scheme supports the addition of new sensor nodes after the initial deployment and also works for any deployment topology. In addition, we propose an improved version of our scheme to support large sensor networks.
    03/2011;
  • Source
    Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: Due to resource constraints of the sensor nodes, traditional public key cryptographic techniques are not feasible in most sensor network architectures. Several symmetric key distribution mechanisms are proposed for establishing pairwise keys between sensor nodes in sensor networks, but most of them are not scalable and also are not much suited for mobile sensor networks because they incur much communication as well as computational overheads. Moreover, these schemes are either vulnerable to a small number of compromised sensor nodes or involve expensive protocols for establishing keys. In this paper, we introduce a new scheme for establishing keys between sensor nodes with the help of additional high-end sensor nodes, called the auxiliary nodes. Our scheme provides unconditional security against sensor node captures and high network connectivity. In addition, our scheme requires minimal storage requirement for storing keys mainly due to only a single key before deployment in each node in the sensor network, supports efficiently addition of new nodes after initial deployment and also works for any deployment topology.
    03/2011;
  • Ashok Kumar Das
    Security and Communication Networks. 01/2011; 4:162-180.
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: In 2012, Li and Lee (C. T. Li and C. C. Lee, “A novel user authentication and privacy preserving scheme with smart cards for wireless communications,” Mathematical and Computer Modelling, vol. 55, nos. 1–2, pp. 35–44, 2012) proposed a novel user authentication and privacy preserving scheme with smart cards for wireless communications. However, in this paper, we show that Li-Lee’s scheme is vulnerable to three security weaknesses: (1) Li-Lee’s scheme fails to achieve strong authentication in login and authentication phases, (2) Li-Lee’s scheme fails to update the user’s password correctly in the password change phase, and (3) Li-Lee’s scheme fails strongly to protect replay attacks. In order to remedy those security flaws in Li-Lee’s scheme, we propose a secure and effective user authentication and privacy preserving scheme with smart cards for wireless communications. We show that our scheme is secure against various known types of attacks, such as user anonymity, perfect forward security, strong replay attack, impersonation and off-line password guessing attacks and parallel session attack, which makes our scheme more secure and practical for mobile wireless networking. Moreover, our scheme works without password table, provides correct password change locally by the mobile user, non-repudiation, user friendliness, fairness in key agreement, and session keys establishment between the mobile user and the foreign agent, between the mobile user and the home agent, and between the foreign agent and the home agent. Further, through the simulation results using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool we show that our improved scheme is secure against passive and active attacks.
    Networking Science. 2(1-2).