Ashok Kumar Das

Pondicherry Institute of Medical Sciences, Pondichéry, Pondicherry, India

Are you Ashok Kumar Das?

Claim your profile

Publications (101)147.1 Total impact

  • Jayakrushna Sahoo, Ashok Kumar Das, A. Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Traditional association rule mining based on the support–confidence framework provides the objective measure of the rules that are of interest to users. However, it does not reflect the semantic measure among the items. The semantic measure of an itemset is characterized with utility values that are typically associated with transaction items, where a user will be interested to an itemset only if it satisfies a given utility constraint. In this paper, we first define the problem of finding association rules using utility-confidence framework, which is a generalization of the amount-confidence measure. Using this semantic concept of rules, we then propose a compressed representation for association rules having minimal antecedent and maximal consequent. This representation is generated with the help of high utility closed itemsets (HUCI) and their generators. We propose the algorithms to generate the utility based non-redundant association rules and methods for reconstructing all association rules. Furthermore, we describe the algorithms which generate high utility itemsets (HUI) and high utility closed itemsets with their generators. These proposed algorithms are implemented using both synthetic and real datasets. The results demonstrate better efficiency and effectiveness of the proposed HUCI-Miner algorithm compared to other well-known existing algorithms. In addition, the experimental results show better quality in the compressed representation of the entire rule set under the considered framework.
    Expert Systems with Applications 08/2015; 42(13). DOI:10.1016/j.eswa.2015.02.051 · 1.97 Impact Factor
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: Critical applications in wireless sensor network (WSN) are real-time based applications. Therefore, users are generally interested in accessing real-time information. This is possible, if the users (called the external parties) are allowed to access the real-time data directly from the sensor nodes inside WSN and not from the base station. The sensory information from nodes are gathered periodically by the base station and so, the gathered information may not be real-time. In order to get the real-time information from the sensor nodes, the user needs to be first authorized to the sensor nodes as well as the base station so that the illegal access to nodes do not happen. In this paper, we propose a novel three-factor user authentication scheme suited for distributed WSNs. Our scheme is light-weight, because it only requires the efficient cryptographic hash function, and symmetric key encryption and decryption operations. Further, our scheme is secure against different known attacks which are proved through the rigorous informal and formal security analysis. In addition, we simulate our scheme for the formal security verification using Automated Validation of Internet Security Protocols and Applications tool. The simulation results clearly demonstrate that our scheme is secure against passive and active adversaries.
    Wireless Personal Communications 06/2015; 82(3). DOI:10.1007/s11277-015-2288-3 · 0.98 Impact Factor
  • Vanga Odelu, Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: In real-life applications, ensuring secure transmission of data over public network channels to prevent malicious eavesdropping of the data is an important issue in distributed network environment. There are several potential security risks in protecting data and providing access control over the data. It is a challenging problem to manage dynamically the access rights to the resources and protect them from unauthorized access. Several migration access control mechanisms have been proposed in the literature using hierarchical structure to manage the cryptographic keys to prevent from unauthorized access of resources. However, most of them suffer from some known attacks and they do not efficiently support all required dynamic properties for mobile agent environment. Since, in practical scenarios, from time to time changing of decryption key of a confidential file provides maximum security for the system, it affects significantly the performance of the key management mechanism. In this paper, we propose a novel dynamic migration access control mechanism for the mobile agents (DMAMA) in a distributed network environment using symmetric-key cryptosystem. Further, we provide an elliptic curve cryptography based signature (El-Gamal type) on the decryption key assigned to the confidential file to avoid unauthorized modifications by an attacker. Moreover, DMAMA provides an efficient solution to the dynamic property such as changing decryption key of a confidential file, whereas other schemes do not provide. In addition, DMAMA is efficient in computation and storage overheads as compared to the other related existing schemes. Through the informal and formal security analysis, we show that DMAMA is secure against possible known attacks including man-in-the-middle attack as well as DMAMA provides backward secrecy to the decryption key of a confidential file when adding a new node or creating a new relationship in the existing hierarchy. As a result, higher security, low computational and storage overheads along with efficient access control properties make DMAMA more suitable for practical applications compared to the other related schemes.
    Wireless Personal Communications 05/2015; DOI:10.1007/s11277-015-2604-y · 0.98 Impact Factor
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: Type 1 diabetes mellitus (T1DM) is also on increase like type 2 diabetes, even though not in the same proportion, but still with a trend of 3-5% increase/year. India has three new cases of T1DM/100,000 children of 0-14 years. Three sets of prevalence data shows 17.93 cases/100,000 children in Karnataka, 3.2 cases/100,000 children in Chennai, and 10.2 cases/100,000 children in Karnal (Haryana). T1DM may be autoimmune or idiopathic in nature and is present in 9% cases of insulin deficiency. T1DM is primarily caused by genetic factors, environmental factors, and disorder of the immune regulatory mechanism. A combination of all these three factors causes autoimmune disease, which may ultimately result in the destruction of pancreatic beta cells leading to hyperglycemia, ketoacidosis and potentially death, if not treated with insulin. Prediabetes is the phase before the onset of T1DM, which provides a window of opportunity for early intervention. All available interventions including steroids, immunosuppressants, and cyclosporins can be possibly applied during the prediabetes phase. The treatment goals for T1DM are simple and include maintaining near normal blood glucose levels and avoiding long-term complications, which is a constant juggle between insulin and maintaining an appropriate lifestyle. The Indian Council of Medical Research funded Registry of People with diabetes in India with young age at onset (YDR) was started in the year 2006 with 10 collaborating centres across India. This registry is focusing on to provide an overview of diabetes in the young.
    04/2015; 19(Suppl 1):S31-3. DOI:10.4103/2230-8210.155372
  • [Show abstract] [Hide abstract]
    ABSTRACT: Internet-based content distribution facilitates an efficient platform to sell the digital content to the remote users. However, the digital content can be easily copied and redistributed over the network, which causes huge loss to the right holders. On the contrary, the digital rights management (DRM) systems have been introduced in order to regulate authorized content distribution. Enterprise DRM (E-DRM) system is an application of DRM technology, which aims to prevent illegal access of data in an enterprise. Earlier works on E-DRM do not address anonymity, which may lead to identity theft. Recently, Chang et al. proposed an efficient E-DRM mechanism. Their scheme provides greater efficiency and protects anonymity. Unfortunately, we identify that their scheme does not resist the insider attack and password-guessing attack. In addition, Chang et al.'s scheme has some design flaws in the authorization phase. We then point out the requirements of E-DRM system and present the cryptanalysis of Chang et al.'s scheme. In order to remedy the security weaknesses found in Chang et al.'s scheme, we aim to present a secure and efficient E-DRM scheme. The proposed scheme supports the authorized content key distribution and satisfies the desirable security attributes. Additionally, our scheme offers low communication and computation overheads and user's anonymity as well. Through the rigorous formal and informal security analyses, we show that our scheme is secure against possible known attacks. Furthermore, the simulation results for the formal security analysis using the widely accepted Automated Validation of Internet Security Protocols and Applications tool ensure that our scheme is also secure. Copyright © 2015 John Wiley & Sons, Ltd.
    Security and Communication Networks 04/2015; DOI:10.1002/sec.1266 · 0.72 Impact Factor
  • Sanjay Kalra, Manash P Baruah, Ashok Kumar Das
    04/2015; 19(Suppl 1):S4-5. DOI:10.4103/2230-8210.153416
  • Source
    Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Several biometric-based remote user authentication schemes using smart cards have been proposed in the literature in order to improve the security weaknesses in user authentication system. In 2012, An proposed an enhanced biometric-based remote user authentication scheme using smart cards. It was claimed that the proposed scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. In this paper, we first analyze the security of An’s scheme and we show that this scheme has three serious security flaws in the design of the scheme: (i) flaw in user’s biometric verification during the login phase, (ii) flaw in user’s password verification during the login and authentication phases, and (iii) flaw in user’s password change locally at any time by the user. Due to these security flaws, An’s scheme cannot support mutual authentication between the user and the server. Further, we show that An’s scheme cannot prevent insider attack. In order to remedy the security weaknesses found in An’s scheme, we propose a new robust and secure anonymous biometric-based remote user authentication scheme using smart cards. Through the informal and formal security analysis, we show that our scheme is secure against all possible known attacks including the attacks found in An’s scheme. The simulation results of our scheme using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool ensure that our scheme is secure against passive and active attacks. In addition, our scheme is also comparable in terms of the communication and computational overheads with An’s scheme and other related existing schemes. As a result, our scheme is more appropriate for practical applications compared to other approaches.
    03/2015; 4(2). DOI:10.1016/j.jksuci.2014.03.020
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The shape tailoring in gold (Au) nanostructures is vital for tuning their optical and catalytic properties. Herein, we describe nicotinamide adenine dinucleotide (NAD+) assisted direct electrochemical growth of surface-confined Au nanodendrites as well as the application of these nanodendrites in the non-enzymatic detection of glucose in neutral pH and the oxidation of methanol in alkaline pH. NAD+ plays an important role in the growth of Au nanodendrites. The specific adsorption of NAD+ onto the Au (011) facet aids in the growth of Au nanodendrites. In the absence of NAD+, interconnected wall-like morphology is obtained. The Au nanodendrites are characterized by UV–visible spectroscopy, X-ray diffraction (XRD), field emission scanning electron microscopy (FESEM), transmission electron microscopy (TEM) and electrochemical methods. FESEM and TEM analysis confirm that the Au nanostructures are dendritic, consisting of a trunk from which several branches evolve; the presence of NAD+ in the supporting electrolyte solution plays a vital role in the evolution of this morphology. The electrode based on Au dendrites has an electrochemically accessible surface area of 0.281 cm2 and shows excellent electrocatalytic activity for both glucose and methanol. In alkaline pH, the Au nanodendrite-based electrode oxidized methanol at 0.3 V with a highly-stable response. This electrode oxidizes glucose at 0.4 V in neutral pH without the use of enzymes. The sensitivity and limit of detection of the electrode are calculated to be 0.037 ± 0.02 μA mM−1 cm−2 and 7.29 μM (S/N = 3), respectively. The surface morphology of the Au nanostructure plays an important role in the electrocatalytic performance.
    Electrochimica Acta 03/2015; 158. DOI:10.1016/j.electacta.2015.01.119 · 4.09 Impact Factor
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.
    Journal of Medical Systems 03/2015; 39(3):218. DOI:10.1007/s10916-015-0218-2 · 2.21 Impact Factor
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.
    Journal of Medical Systems 03/2015; 39(3):204. DOI:10.1007/s10916-015-0204-8 · 2.21 Impact Factor
  • Vanga Odelu, Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: The authentication protocols are trusted components in a communication system in order to protect sensitive information against a malicious adversary in the client-server environment by means of providing a variety of services including users' privacy and authentication. In the cryptographic protocols, understanding the security failures is the key for both patching to the existing protocols and designing the future protocols. Recently, in 2014, Wang proposed an improved Elliptic Curve Cryptography (ECC) based anonymous remote authentication scheme using smart card and claimed that the proposed scheme is secure against password guessing attack, smart card lost/stolen verifier attack, and also preserves user anonymity and prevents credential leakage. However, in this paper, we show that Wang's scheme fails to preserve the user anonymity and does not prevent the off-line password guessing attack, credential leakage and smart card lost/stolen verifier attack. In order to withstand those security pitfalls found in Wang's scheme, we aim to propose a new secure privacy-preserving ECC-based client authentication with key agreement protocol using smart card. Through the formal and informal security analysis we show that our scheme is secure against possible known attacks including the off-line password guessing attack, credential leakage attack and smart card lost/stolen verifier attack. Our scheme also preserves the user anonymity property. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks. Our scheme provides high security along with low computational and communication costs. As a result, our scheme is practically suitable for mobile devices in the client-server environment as compared to other related schemes in the literature.
    02/2015; 21. DOI:10.1016/j.jisa.2015.01.001
  • Ashok Kumar Das
    [Show abstract] [Hide abstract]
    ABSTRACT: User authentication is a prominent security requirement in wireless sensor networks (WSNs) for accessing the real-time data from the sensors directly by a legitimate user (external party). Several user authentication schemes are proposed in the literature. However, most of them are either vulnerable to different known attacks or they are inefficient. Recently, Althobaiti et al. presented a biometric-based user authentication scheme for WSNs. Although their scheme is efficient in computation, in this paper, we first show that their scheme has several security pitfalls such as (i) it is not resilient against node capture attack; (ii) it is insecure against impersonation attack; and (iii) it is insecure against man-in-the-middle attack. We then aim to propose a novel biometric-based user authentication scheme suitable for WSNs in order to withstand the security pitfalls found in Althobaiti et al. scheme. We show through the rigorous security analysis that our scheme is secure and satisfies the desirable security requirements. Furthermore, the simulation results for the formal security verification using the most widely used and accepted Automated Validation of Internet Security Protocols and Applications tool indicate that our scheme is secure. Our scheme is also efficient compared with existing related schemes. Copyright © 2015 John Wiley & Sons, Ltd.
    International Journal of Communication Systems 01/2015; DOI:10.1002/dac.2933 · 1.11 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Sulfonated poly(ether-ether-ketone) functionalized graphene oxide (SPG)/poly(vinylidene fluoride) (PVDF) composites have been prepared by a solvent evaporation technique. The –SO3H group of SPG interact with the >CF2 dipole of PVDF to integrate graphene uniformly into a PVDF matrix. The cross-sectional field emission scanning electron microscopy micrograph shows folded-chain lamella of spherulitic PVDF crystallites spread outwards from the growth center. The spherulitic crystallites decrease with the incorporation of SPG into the PVDF matrix and the composite containing 3 wt.% SPG (SPG3) does not show spherulite, but fiber-like crystallites. Fourier transform infrared spectroscopy, wide angle X-ray scattering and differential scanning calorimetry (DSC) results suggest that piezoelectric β-polymorph formation begins with the incorporation of SPG into the PVDF matrix, and SPG3 shows the formation of the fully β-polymorph. DSC cooling curves show that SPG acts as an effective nucleating agent for the crystallization of PVDF. Study of the mechanical properties shows that there is a simultaneous enhancement of the stress and the strain at break indicating the enhanced toughness of the PVDF composites compared to pure PVDF. Young’s modulus increases 160% and the oxygen permeability coefficient decreases by 91% in the SPG3 composite film compared to pure PVDF.
    Carbon 01/2015; 81. DOI:10.1016/j.carbon.2014.09.065 · 6.16 Impact Factor
  • Vanga Odelu, Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Authentication protocol in wireless communication systems is important to protect the sensitive information against a malicious adversary by means of providing a variety of services, such as user credentials’ privacy, session key security (we call it as SK-security), mutual authentication, and user revocation facility when a user’s credentials are unexpectedly revealed. Thus, understanding the security failures of authentication schemes is a key for both patching to the existing schemes and designing the future schemes. Recently, Li et al. showed security drawbacks of Chen et al.’s scheme and proposed an improvement. Later, Islam identified various security flaws in Li et al.’s scheme and proposed further enhancement to remedy these flaws. However, in this paper, we show that Islam’s enhancement has still some security pitfalls. In addition, all these schemes suffer from the time-synchronization problem. We then present a more secure and robust remote user authenticated key agreement scheme in order to remedy the security flaws found in Islam’s scheme. Through the formal security analysis using the widely-accepted Burrows-Abadi-Needham logic (BAN logic), we show that our scheme provides secure mutual authentication. Furthermore, the formal and informal security analysis show that our scheme is secure against various known attacks including the offline password guessing attack when smart card of a user is lost/stolen, and our scheme also provides SK-security, user anonymity, and avoids the time-synchronization problem. We further simulate our scheme for the formal security verification using the widely-accepted and widely-used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results clearly indicate that the proposed scheme is safe. Thus, our scheme provides high security along with more functionality features as compared to Li et al.’s scheme and Islam’s scheme. As a result, our scheme is very suitable for practical applications.
    Wireless Personal Communications 01/2015; DOI:10.1007/s11277-015-2721-7 · 0.98 Impact Factor
  • Vanga Odelu, Ashok Kumar Das, Adrijit Goswami
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently, in 2014, He and Wang proposed a robust and efficient multi-server authentication scheme using biometrics-based smart card and elliptic curve cryptography (ECC). In this paper, we first analyze He-Wang’s scheme and show that their scheme is vulnerable to a known session-specific temporary information attack and impersonation attack. In addition, we show that their scheme does not provide strong user’s anonymity. Furthermore, He-Wang’s scheme cannot provide the user revocation facility when the smart card is lost/stolen or user’s authentication parameter is revealed. Apart from these, He- Wang’s scheme has some design flaws, such as wrong password login and its consequences, and wrong password update during password change phase. We then propose a new secure multiserver authentication protocol using biometric-based smart card and ECC with more security functionalities. Using the Burrows- Abadi-Needham (BAN) logic, we show that our scheme provides secure authentication. In addition, we simulate our scheme for the formal security verification using the widely-accepted and used AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, and show that our scheme is secure against passive and active attacks. Our scheme provides high security along with low communication cost, computational cost, and variety of security features. As a result, our scheme is very suitable for battery-limited mobile devices as compared to He- Wang’s scheme.
    IEEE Transactions on Information Forensics and Security 01/2015; DOI:10.1109/TIFS.2015.2439964 · 2.07 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We describe the shape-controlled growth of raspberry-like gold (Au) nanostructures and their application in the electrochemical oxidation of methanol and reduction of oxygen. Nicotinamide adenine dinucleotide (NAD+) plays a vital role in the growth of raspberry-like Au nanostructures. The preferential adsorption of NAD+ onto the (011) facets of Au favors the growth of raspberry-like morphology. In the absence of NAD+, icosahedral Au nanostructures were obtained. The raspberry-like Au nanostructures have been characterized by UV-visible spectroscopy, X-ray diffraction (XRD), field emission scanning electron microscopy (FESEM), and electrochemical measurements. The FESEM image shows that the raspberry-like morphology has an average size of 170 nm. The spectral profile shows a broad band between 650 and 795 nm. Compared to Au nanoseeds and icosahedral Au nanostructures that were grown in the absence of NAD+, the raspberry-like morphology has excellent catalytic activity towards the electrochemical oxidation of methanol and reduction of oxygen. On the raspberry-like nanoparticle-based electrode, the oxidation of methanol was observed at 0.35 V in alkaline pH, and the reduction of oxygen was observed at -0.06 and -0.4 V in 0.1 M PBS. The electrochemical reduction of oxygen occurs in two steps: (i) reduction of oxygen to H2O2 and (ii) further reduction of electrogenerated H2O2 to water. The electrochemical performance of the raspberry-like nanostructure-based electrode is highly stable.Graphical abstractA facile method was developed for the synthesis of raspberry-like Au nanostructure and it was used as an electrocatalyst for the oxidation of methanol and reduction of oxygen.KeywordsElectrochemical oxidationNicotinamide adenine dinucleotideGold nanostructureMethanol oxidationOxygen reduction
    Electrochimica Acta 01/2015; 151. DOI:10.1016/j.electacta.2014.10.155 · 4.09 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: The deployment of new nodes is often required in order to extend the lifetime of the sensor network because sensor network may be lost due to power exhaustion problem or deployment of malicious nodes by an attacker. To protect malicious nodes from joining the network, designing of access control schemes becomes a major challenging problem. In this paper, we first review the Huang-Liu's access control scheme. Though their scheme is energy efficient requiring low computational and communication overheads, but we show that their scheme is insecure against node replication attacks as well as it does not provide the mutual authentication between the base station (BS) and sensor nodes. We aim to propose a new efficient and secure access control scheme in order to remedy such security weaknesses found in Huang-Liu's scheme. Our proposed scheme makes use of only the one-way hash function and bitwise XOR operations for providing the authentication and key establishment. Our scheme also requires significantly less communication and computational costs as compared to other related schemes. We show through both informal and formal security analysis that our scheme has the ability to tolerate various known attacks. We further simulate our scheme for formal security verification using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and we show that our scheme is secure against passive as well as active attacks.
    International Journal of Communication Networks and Distributed Systems 01/2015; 14(1):40-73..
  • [Show abstract] [Hide abstract]
    ABSTRACT: Advancement in communication technology provides a scalable platform for various services, where a remote user can access the server from anywhere without moving from its place. It provides a unique opportunity for online services such that a user does not need to be physically present at the service center. These services adopt authentication and key agreement protocols in order to ensure authorized and secure access to the resources. Most of the authentication schemes proposed in the literature support a single-server environment, where the user has to register with each server. If a user wishes to access multiple application servers, he/she requires to register with each server. The multi-server authentication introduces a scalable platform such that a user can interact with any server using single registration. Recently, Chuang and Chen proposed an efficient multi-server authenticated key agreement scheme based on a user’s password and biometrics (Chuang and Chen, 2014). Their scheme is a lightweight, which requires the computation of only hash functions. In this paper, we first analyze Chuang and Chen’s scheme and then identify that their scheme does not resist stolen smart card attack which causes the user’s impersonation attack and server spoofing attack. We also show that their scheme fails to protect denial-of-service attack. We aim to propose an efficient improvement on Chuang and Chen’s scheme to overcome the weaknesses of their scheme, while also retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Chuang and Chen’s scheme. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against the replay and man-in-the-middle attacks. In addition, our scheme is comparable in terms of the communication and computational overheads with Chuang and Chen’s scheme and other related existing schemes.
    Expert Systems with Applications 12/2014; 41(18):8129–8143. DOI:10.1016/j.eswa.2014.07.004 · 1.97 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: The Session Initiation Protocol (SIP) is a signaling communications protocol, which has been chosen for controlling multimedia communication in 3G mobile networks. The proposed authentication in SIP is HTTP digest based authentication. Recently, Tu et al. presented an improvement of Zhang et al.’s smart card-based authenticated key agreement protocol for SIP. Their scheme efficiently resists password guessing attack. However, in this paper, we analyze the security of Tu et al.’s scheme and demonstrate their scheme is still vulnerable to user’s impersonation attack, server spoofing attack and man-in-the middle attack. We aim to propose an efficient improvement on Tu et al.’s scheme to overcome the weaknesses of their scheme, while retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Tu et al.’s scheme. Furthermore, we simulate our scheme for the formal security analysis using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks including the replay and man-in-the-middle attacks. Additionally, the proposed scheme is comparable in terms of the communication and computational overheads with Tu et al.’s scheme and other related existing schemes.
    Peer-to-Peer Networking and Applications 12/2014; DOI:10.1007/s12083-014-0321-z · 0.46 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Metformin is an oral antidiabetic drug, commonly used for treating type 2 diabetes (T2DM) patients. It is transported into the hepatocyte by polyspecific organic cation transporter 1 which is encoded by the gene SLC22A1. It has been hypothesized that genetic variations of SLC22A1 gene will influence interindividual variation in glucose lowering efficacy of metformin. Previous studies have demonstrated this in other populations with conflicting results, but it remains to be elucidated in Indian population. Henceforth, the objective of the study was to evaluate the impact of SLC22A1 rs622342 gene polymorphism on the clinical efficacy of metformin in South Indian T2DM patients. A total of 122 newly detected, treatment naive T2DM patients of either sex were included in this study. The patients were started on metformin monotherapy and followed up for 12 weeks. Genotype was determined using qRT-PCR. Before and after treatment with metformin, body mass index (BMI), serum lipid profile, glycated hemoglobin (HbA1c), fasting & postprandial glucose level, and blood pressure (BP) were measured. The study cohort mean age was 49.57 ± 9.88yrs. Of the 122 T2DM patients, 93 were classified as responders and 29 as non-responders based on fall in HbA1c levels. Interestingly, carriers of one variant allele ‘C’ (AC) of rs622342 polymorphism were less among the responders than those who did not (44.8% vs. 22.6%). On the contrary, patients with two copies of allele ‘A’ (AA) had 5.6 times greater chance of responding to metformin treatment. A similar trend was observed when the proportion was analyzed under different genetic models (OR 3.85, 95% CI 1.61-9.19 for dominant; OR 3.56, 95% CI 0.83-15.26 for recessive; 55.1% vs. 77.4%; OR 2.78, 95% CI 1.15-6.70 for over-dominant and OR 4.10, 1.78-9.43 for additive). Further, metformin showed significant beneficial effects on BMI, HbA1c, FPG, PPG, lipid parameters and BP. These data suggest that the allele and genotypes of SLC22A1 rs622342 gene polymorphism were associated with the therapeutic efficacy of metformin in South Indian patients with T2DM.
    Clinical and Experimental Medicine 11/2014; DOI:10.1007/s10238-014-0322-5 · 2.82 Impact Factor

Publication Stats

393 Citations
147.10 Total Impact Points

Institutions

  • 2015
    • Pondicherry Institute of Medical Sciences
      Pondichéry, Pondicherry, India
  • 2014–2015
    • Chonbuk National University
      • Department of Polymer Nano Science & Technology
      Tsiuentcheou, Jeollabuk-do, South Korea
    • International Institute of Information Technology, Hyderabad
      Bhaganagar, Telangana, India
  • 2012–2015
    • International Institute of Information Technology
      Poona, Maharashtra, India
  • 2011–2014
    • Biomedical Informatics Centre
      Chandigarh, Chandīgarh, India
    • Centre for IT Education
      Bhubaneswar, Orissa, India
    • International Institute of Information Technology, Bhubaneswar
      • Department of Computer Science and Engineering
      Bhubaneswar, Orissa, India
  • 2010–2014
    • IIT Kharagpur
      • Department of Chemistry
      Khargpur, West Bengal, India
    • Jothydev's Diabetes and Research Center
      Thrissur, Kerala, India
  • 1986–2014
    • Jawaharlal Institute of Postgraduate Medical Education & Research
      • • Department of Medicine
      • • Department of Pharmacology
      Pondichéry, Pondicherry, India
  • 2001
    • Indian Association for the Cultivation of Science
      Kolkata, West Bengal, India