Different security protocols were analyzed are used for a centralized
database with distributed architecture. The goal is identify adequate
security protocols to mitigate the security of information through
identity of a model without relying on technological infrastructures. In
this phase the suitable security protocols for a model of identity
authentication, authorization and auditing (AAA) was analyzed. Deductive
method is used in exploratory research to analyze security protocols
more used among the main mentioned: Feret, Kerberos, Radius, Dnssec,
Ipsec, Pgp, Secure Rpc, Set, Ssl, Tls, Maille, Eap, Pap, Map, Diameter,
Peap, among others. It turned out that security protocols should be
adopted on a model of identity for a centralized data base. It was
concluded that protocols and security algorithms must have a direct
relation to the identity model; allowing mitigate the vulnerabilities
and risks considering To mitigate the threats and risks of information
with confidentiality, integrity and availability. The technological
infrastructure should not influence the implementation of different
This paper provides the first analysis to adopt appropriate security
protocols for an identity model with authentication, authorization and
auditing without relying on specific technological infrastructure for
Ecuador's civil registry; in a distributed architecture database.
Different civil registries of the world with similar characteristics can
refer this research project.
Security protocols, Algorithms, Models of identity, Authentication, Authorization.
P. D. Student, S. Moisés, T. Toapanta, P. D. Luis, and E. Mafla, "Security analysis of civil registry database of ecuador," in 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT). “Special Section Computer Science/Networking”. IEEE Catalog, Chennai – India, 2016, pp. 1024–1029.
T. J. O. Moisés and E. Mafla., "Analysis to define management of identities access control of security processes for the registration civil from Ecuador," in 2016 IEEE International Smart Cities Conference (ISC2) - IEEE ISC2 2016- Privacy and Security Track. IEEE Catalog, Trento – Italy, 2016, pp. 122-125.
R. O. S. De, H. Del, P. Barrezueta, D. E. L. E. Y. Organica, D. E. G. D. E. La, and I. Y. Datos, "Ley orgánica de gestión de la identidad y datos civiles," Quito- Ecuador, 2016.
M. Toapanta, E. Mafla, and J. Orizaga, "Conceptual model for identity management to mitigate the database security of the registry civil of Ecuador," in Materials Today: Proceedings Tracks “Computer Science/Networking”. ISSN 2214-7853. Indexed in Scopus (Elsevier) and the CPCI (Thomson Reuters, Web of Science). Impact SJR, United Kingdom, 2016.
C. M. Quispe and P. D. E. Red, "Protocolos de comunicación utilizados en cloud computing," Revista de Información, Tecnología y Sociedad2012.
W. Tim, "Image reduction operators based on non-monotonic averaging functions," IEEE Xplore, 2013.
A. Han, "Biometric-Kerberos authentication scheme for secure mobile computing services," presented at the Image and Signal Processing (CISP), 2013 6th International Congress on, 2013.
J. Feng and X. Coll, "Analysis, implementation and extensions of RADIUS protocol," presented at the Networking and Digital Society, 2009. ICNDS ’09. International Conference on, 2009.
D. Wei, Y. Liu, X. Yu, and X. Li, "Research of mobile IPv6 application based on diameter protocol," presented at the Computer and Computational Sciences, 2006. IMSCCS ’06. First International Multi-Symposiums, 2008.
G. K. Lee and J. Y. Choi, "Formal verification of PAP and EAP-MD5 protocols in wireless networks," presented at the Advanced Information Networking and Applications, 2004. AINA 2004. 18th International Conference, 2004.
J. R. Arana, A. V. Leandro, and P. Oscar, "Implementation of network access control by using authentication, authorization and accounting protocols," Ingeniería y Competitividad, vol. 15, pp. 127-137, 2013.
R. Carrillo, "Redalyc. La consumer protection in electronic payment transactions," Electron. Stud. Teleprocessing, vol. 6, pp. 33-49, 2007.
V. Neumann, C. L. Gomes, C. Unsihuay-Vila, K. V. Fonseca, and P. R. Torres, "Parameterization of IPsec framework for security in the smart grid interoperability," presented at the Innovative Smart Grid Technologies Latin America (ISGT LATAM), 2015 IEEE PES, 2015.
A. Fritz and J. F. Paris, "Maille authorization - A distributed, redundant authorization protocol," in Performance, Computing, and Communications Conference, 2006. IPCCC 2006. 25th IEEE International Date of Conference, 2006.
Universidad Politecnica Salesiana del Ecuador Sede Guayaquil
The authors declare that they have no competing interests.
The authors thank the CUCEA of Universidad de Guadalajara, Jalisco,
México, Program IT PhD Information Technologies, Universidad Politécnica
Salesiana del Ecuador and Secretaria de Educación Superior Ciencia,
Tecnología e Innovación (Senescyt).