JASF: Jasta Security Framework

JASM is a model designed to increase the security level in authentication systems. It uses IP Address of the user in the authentication process to enhance the security.

💡 Research Summary

The paper introduces the JASTA Security Framework (JASF), a model that augments traditional authentication mechanisms with the user’s IP address to raise overall security. Existing methods such as passwords, OTPs, and two‑factor authentication (2FA) verify identity but often ignore the network context from which a login request originates, leaving systems vulnerable to credential theft, brute‑force attacks, session hijacking, and IP‑spoofing. JASF addresses this gap by converting the client’s IP into a dynamic “trust score.” The score is calculated from recent login history, geographic consistency, and real‑time threat intelligence feeds (e.g., AbuseIPDB, IPinfo). If the score falls below a predefined threshold, the framework automatically escalates the authentication flow, requiring additional factors such as OTP, security questions, or biometric verification. Conversely, a high‑trust IP allows the user to complete login with the standard 2FA step, preserving user experience.

Key technical components include: (1) an IP‑based scoring algorithm that weights recent, familiar IPs more heavily and penalizes unfamiliar or known malicious addresses; (2) seamless integration with an open‑source identity provider (Keycloak) via a plugin that extracts the client IP, queries a Redis cache for historical data, and asynchronously updates threat lists; (3) session binding, where the authenticated session token is tied to the originating IP, causing immediate session invalidation if the IP changes during the session; and (4) a policy engine that can block or flag access from VPNs, proxies, or TOR nodes.

The threat model covers credential phishing, brute‑force, session hijacking, and IP‑masking attacks. Experimental evaluation on a simulated environment of 10,000 concurrent login attempts shows an average latency increase of only 33 ms (≈0.2 % overhead). Security testing demonstrates that 96 % of brute‑force attempts are pre‑emptively blocked by low trust scores, and 98 % of session‑hijacking attempts are terminated when an IP change is detected.

Limitations are acknowledged: users on mobile networks or legitimate VPNs may be falsely flagged, and privacy regulations (GDPR, CCPA) require careful handling of IP logs. The authors propose extending the model with additional factors such as device fingerprints and location data, and suggest future work on machine‑learning‑driven score optimization and large‑scale cloud deployment.

In conclusion, JASF provides a low‑cost, high‑impact security layer that enriches authentication with contextual network information, significantly reducing the attack surface at the login stage while maintaining acceptable performance and user convenience.