Web applications are becoming a necessary part of modern life. Security is one of the most important non-functional requirements of every solution. Early days, security and data privacy was just luxury part of software development and it was an optional requirement but nowadays it plays a critical role in daily life. This research paper has been made to observe the need for security algorithms in web application. This work observes that the current security level of existing applications and also recommend improved security solutions to enhance the security level as well performance of proposed architecture. This work recommends that ECC (asymmetric key cryptography) and Blowfish algorithm (symmetric key cryptography) can be used to achieve confidentiality during communication. It also considers the MD5 algorithm to maintain the integrity and modified Kerberos algorithm to achieve authentication. The complete work will propose a security architecture having solution to achieve confidentiality, integrity with strong authentication policy for web application development.

Web based application, RC6, ECC, Blowfish, Kerberos authentication

[1] K. M. Abdullah, E. H. Houssein, H. H. Zayed, “New Security Protocol using Hybrid Cryptography Algorithm for WSNs”, 1st International Conference on Computer Applications & Information Security (ICCAIS 2018) IEEE, Saudi Arabia, 2018.
[2] Milind Mathur, Ayush Kesarwani, “Comparison between DES, 3DES, RC2, RC6, BLOWFISH, and AES”. Proceedings of National Conference on New Horizons in IT -NCNHIT, 2013.
[3] M. Harini, K. Pushpa Gowri, C. Pavithra, M. Pradhiba Selvarani, “A Novel Security Mechanism using Hybrid Cryptography Algorithms”. International Conference on Electrical, Instrumentation, and Communication Engineering (ICEICE) IEEE, India, 2017.
[4] Jayraj Gondaliya, Jinisha Savani, Vivek Sheetal Dhaduvai, Gahangir Hossain, “Hybrid Security RSA Algorithm in Application of Web Service”. 1st International Conference on Data Intelligence and Security (ICDIS) IEEE, USA, 2018.
[5] Kalyani Ganesh Kadam, Prof. Vaishali Khairnar, “Hybrid RSA-AES Encryption for Web Services”. International Journal of Technical Research and Applications, Issue. 31, pp. 51-56, 2015
[6] Kirtiraj Bhatele, Prof Amit Sinhal, Prof Mayank Pathak, “A Novel Approach to the Design of a New Hybrid Security Protocol Architecture”. International Conference on Advanced Communication Control and Computing Technologies (ICACCCT) IEEE, India, 2012.
[7] S. Dubey, R. Jhaggar, R. Verma, D. Gaur, “Encryption and Decryption of Data by Genetic Algorithm”, International Journal of Scientific Research in Computer Science and Engineering, Vol. 5, Issue. 3, pp.42-46, 2017.
[8] M. Amjad, “Security Enhancement of IPV6 using Advance Encryption Standard and Deffie Hellman”, International Journal of Scientific Research in Network Security and Communication, Vol. 5, Issue. 3, 2017.
[9] B. Hari Krishna, Dr. S. Kiran, G. Murali, R. Pradeep Kumar Reddy, “Security issues in Service Model of Cloud Computing Environment”, International Conference on Computational Science, Procedia Computer Science 87, India, pp.246-251, 2016.
[10] K. Ruth Ramya, T. Sasidhar, D. Naga Malleswari & M.T.V.S. Rahul, “A review on Security aspects of Data Storage in Cloud Computing”, International Journal of Applied Engineering Research, Vol 10, No. 5, pp.13383-13394, 2015.
[11] Rizk, Rawya, and Yasmin Alkady, "Two-phase hybrid cryptography algorithm for wireless sensor networks", Journal of Electrical Systems and Information Technology, Vol. 2, Issue. 3, pp.296-313, 2015.
[12] Trishna Panse, Vivek Kapoor, Prashant Panse, “A review on Key Agreement Protocols used in Bluetooth Standard and Security Vulnerabilities in Bluetooth Transmission”, International Journal of Information and Communication Technology Research, Vol. 2, No. 3, 2012.
[13] Dr. V Kapoor, R Yadav, “A Hybrid Cryptography Technique to support Cyber Security Infrastructure”, International Journal of Advanced Research in Computer Engineering & Technology, Vol. 4, Issue.11, 2015
[14] V Kapoor, R Yadav, “A Hybrid Cryptography Technique for improving Network Security.”, International Journal of Computer Applications, Vol. 141, No.11, pp.25-30, 2016