|
| Comparing The Proof By Knowledge Authentication Techniques
|
|
Full
text: |
 PDF(677.9KB) |
|
|
Source |
International Journal of Computer Science and Security (IJCSS) |
|
Table of Contents |
|
|
Download
Complete Issue PDF(4.92MB) |
|
Volume: 4 Issue: 2 |
| |
Pages: 149-264 |
|
Publication
Date: May 2010 |
|
ISSN
(Online): 1985-1553 |
|
|
|
|
|
Pages |
237 - 255 |
|
Author(s) |
|
|
|
Published
Date |
10-06-2010 |
|
Publisher |
CSC
Journals, Kuala Lumpur,
Malaysia |
|
ADDITIONAL
INFORMATION |
| Keywords Abstract References Cited by Related Articles Collaborative
Colleague |
| |
|
| |
KEYWORDS: graphical passwords, visual passwords, text passwords, user authentication |
|
|
| |
|
|
| This Manuscript is indexed in the following databases/websites:- |
|
| 1. Directory of Open Access Journals (DOAJ) |
| 2. Docstoc |
| 3. PDFCAST |
| 4. Scribd |
| 5. CiteSeerX |
| 6. WorldCat |
| 7. ScientificCommons |
| 8. Google Scholar |
| 9. Academic Index |
| 10. refSeek |
| 11. ResearchGATE |
| 12. Bielefeld Academic Search Engine (BASE) |
| 13. iSEEK |
| 14. Socol@r |
| 15. Academic Journals Database |
| 16. Libsearch |
| 17. slideshare |
| |
|
| |
|
|
| This paper presents a survey of proof by knowledge authentication techniques (text passwords, visual passwords and graphical passwords). Both new methods are more memorable, as people have to remember images and not characters and graphical passwords are also more secure. A total of 100 users participated in our survey, who after getting informed about the new authentication methods, they answered to the questionnaire that we have prepared. Based on their answers all users have many passwords for their everyday needs and they try to select passwords that are not only memorable, but also secure. Unfortunately, they can not deal with proper password selection and they become victims of dictionary attacks. Understanding this situation, participants were very positive in learning more about the new authentication methods. They found both techniques memorable and friendly – visual passwords at most, but they found graphical passwords a bit more complex and difficult to learn how to use them, something that they can overcome with small practice. |
| |
|
| |
|
| |
| 1 |
Bammigatti, P. H., and Rao, P. R. “Delegation in role based access control model for workflow systems”. International Journal of Computer Science and Security, 2(2): 1-10, 2008.
|
|
|
| 2 |
Chandrasekar, A., Rajasekar, V. R. and Vasudevan, V. “Improved authentication and key agreement protocol using elliptic curve cryptography”. International Journal of Computer Science and Security, 3(4): 325-333, 2009.
|
|
|
| 3 |
Kar, J. and Banshidhar, M. “An efficient password security of multi-party key exchange protocol based on ECDLP”. International Journal of Computer Science and Security, 3(5): 405-413, 2009.
|
|
|
| 4 |
Tahir, M. N. “Hierarchies in contextual role-based access control model (C-RBAC)”. International Journal of Computer Science and Security, 2(4): 28-42, 2008.
|
|
|
| 5 |
Tahir, M. N. “Testing of contextual role-based access control model (C-RBAC)”. International Journal of Computer Science and Security, 3(1): 62-75, 2009.
|
|
|
| 6 |
W. Jansen. “Authenticating users on handheld devices”. In Proceedings of the Canadian Information Technology Security Symposium, 2003.
|
|
|
| 7 |
Bhagwat, R. and Kulkarni, A. (2010). “An overview of registration based and registration free methods for cancelable fingerprint template”. International Journal of Computer Science and Security, 4(1): 23-30, 2010.
|
|
|
| 8 |
H. Davies. “Physiognomic access control”. Information Security Monitor, 10(3): 5-8, 2005.
|
|
|
| 9 |
K. Gilhooly. “Biometrics: Getting back to business”. Computerworld, May 2005.
|
|
|
| 10 |
D. Klein. “Foiling the Cracker: a survey of, and improvements to, password security”. In Proceedings of the 2n USENIX Security Workshop, pp. 5-14, 1990.
|
|
|
| 11 |
de A. Angeli, L. Coventry, G. Johnson and K. Renaud. “Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems”. International Journal of Human-Computer Studies, 63: 128-152, July 2005.
|
|
|
| 12 |
H. Bolande. “Forget passwords, what about pictures?”. http://zdnet.com.com/2102-11-525841.html
|
|
|
| 13 |
X. Suo, Y. Zhu and S. G. Owen. “Graphical passwords: A survey”. In Proceedings of the Annual Computer Security Applications Conference, Marriott University Park, Tucson, Arizona, 2005.
|
|
|
| 14 |
K. Renaud and de A. Angeli. “My password is here! An investigation into visuo-spatial authentication mechanisms”. Interacting with Computers, 16: 1017-1041, 2004.
|
|
|
| 15 |
L. Sobrado and C. J. Birget. “Graphical passwords”. The Rutgers Scholar, 4, 2002. http://RutgersScholar.rutgers.edu/volume04/contents.htm.
|
|
|
| 16 |
F. Tari, A. A. Ozok and H. S. Holden “A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords”. In ACM International Conference Proceeding Series, 149: 56-66, 2006.
|
|
|
| 17 |
] A. Perrig and D. Song. “Hash visualization: A new technique to improve real-world security”. In Proceedings of the 1999 International Workshop on Cryptographic Techniques and E-Commerce (CryTEC ’99).
|
|
|
| 18 |
Real User Corporation. “About passfaces”, http://www.realuser.com/cgi-bin/ru.exe/_/homepages/ technology/passfaces.htm, accessed in November 2006.
|
|
|
| 19 |
D. Davis, F. Monrose and M. Reiter. “On user choice in graphical password schemes”. In Proceedings of the 13th USENIX Security Symposium, 2004.
|
|
|
| 20 |
R. Dhamija and A. Perrig. “Déjà Vu: A user study using images for authentication”. In Proceedings of the 9th USENIX Security Symposium, 2000.
|
|
|
| 21 |
A. Bauer. “Gallery of random art”, 1998, http://andrej.com/art, accessed in December 2008.
|
|
|
| 22 |
W. Jansen. “Authenticating mobile device users through image selection”. Data Security, May 2004.
|
|
|
| 23 |
Passlogix. www.passlogix.com, accessed in November 2006.
|
|
|
| 24 |
E. G. Blonder. “Graphical passwords”. Lucent Technologies, Inc., Murray Hill, NJ, U. S. Patent, Ed. United States, 1996.
|
|
|
| 25 |
S. Wiedenbeck, J. Waters, C. J. Birget, A. Brodskiy and N. Memon. “Authentication using graphical passwords: Basic results”. In Human-Computer Interaction International (HCII 2005). Las Vegas, NV, 2005.
|
|
|
| 26 |
S. Wiedenbeck, J. Waters, C. J. Birget, A. Brodskiy and N. Memon. “Authentication using graphical passwords: Effects of tolerance and image choice”. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS). Carnegie-Mellon University, Pittsburgh, 2005.
|
|
|
| 27 |
S. Wiedenbeck, J. Waters, C.J. Birget, A. Brodskiy and N. Memon. “PassPoints: Design and longitudinal evaluation of a graphical password system”. International Journal of Human Computer Studies (Special Issue on HCI Research in Privacy and Security), 63: 102-127, 2005.
|
|
|
| 28 |
I. Jermyn, A. Mayer, F. Monrose, K. M. Reiter and D. A. Rubin. “The design and analysis of graphical passwords”. In Proceedings of the 8th USENIX Security Symposium. 1999.
|
|
|
| 29 |
D. Nali and J. Thorpe. “Analysing user choice in graphical passwords”. Tech. Report TR-04-01, School of Computer Science, Carleton University, Canada, 2004.
|
|
|
| 30 |
C. P. van Oorschot and J. Thorpe. “On the security of graphical password schemes”. Technical Report TR-05-11. Integration and extension of USENIX Security 2004 and ACSAC 2004 papers.
|
|
|
| 31 |
J. Thorpe and P. Van Oorschot. “Graphical dictionaries and the memorable space of graphical passwords”. In Proceedings of the 13th UNIX Security Symposium, August 2004.
|
|
|
| 32 |
J. C. Birget, D. Hong and N. Memon. “Robust discretization with an application to graphical passwords”. Cryptology ePrint Archive, Report 2003/168, http://eprint.iacr.org,
|
|
|
| 33 |
K. Chalkias, A. Alexiadis and G. Stephanides. “A multi-grid graphical password scheme”. In Proceedings of the 6th International Conference on Artificial Intelligence and Digital Communications, Thessaloniki, Greece, 2006.
|
|
|
| 34 |
A. Alexiadis, K. Chalkias and G. Stephanides. “Implementing a graphical password scheme that uses nested grids”. In Proceedings of the International Conference for Internet Technology and Secured Transactions (ICITST 2006), London, United Kingdom, 2006.
|
|
|
| 35 |
I. Irakleous, M. S. Furnell, S. P. Dowland and M. Papadaki. “An experimental comparison of secret-based user authentication technologies”. Information Management & Computer Security, 10: 100-108, 2002.
|
|
|
| 36 |
B. Tribelhorn. “End user security”, 2002. http://www.cs.hmc.edu/~mike/public_html/courses/ security/s06/projects/index.html, accessed in November 2008.
|
|
|
| 37 |
Y. Kim and T. Kwon. “An authentication scheme based upon face recognition for the mobile environment”. In Proceedings of the International symposium on computational and information science No1, Shanghai, China, 2004.
|
|
|
| 38 |
J. Goldberg, J. Hagman and V. Sazawal. “Doodling our way to better authentication”. CHI '02 extended abstracts on Human Factors in Computer Systems, Minneapolis (ACM Press), 2002.
|
|
|
| 39 |
R. Weiss and A. del Luca. “PassShapes: Utilizing stroke based authentication to increase password memorability”. In Proceedings of the 5th Nordic conference on Human-computer interaction: building bridges. Lund, Sweden, ACM pp. 383-392, 2008.
|
|
|
| 40 |
A. M. Eljetlawi and N. Ithnin. “Graphical password: Prototype usability survey”. In Proceedings IEEE International Conference on Advanced Computer Theory and Engineering, pp. 351-355, 2008.
|
|
|
| 41 |
K. M. Everitt, T. Bragin, J. Fogarty and T. Kohno. “A comprehensive study of frequency, interference, and training of multiple graphical passwords”. In Proceedings of the 27th international conference on Human factors in computing systems. Boston, MA, USA. ACM, pp. 889-898, 2009.
|
|
|
| 42 |
S. Chiasson, A. Forget, E. Stobert, P. C. van Oorschot and R. Biddle. “Multiple password interference in text passwords and click-based graphical passwords”. ACM CCS’09, November 9–13, 2009, Chicago, Illinois, USA, 2009.
|
|
|
| 43 |
A. A. Ozok and S. Holden “A strategy for increasing user acceptance of authentication systems: Insights from an empirical study of user preferences and performance”. International Journal of Business and Systems Research, 2(4): 343-364, 2008.
|
|
|
| 44 |
K. Johnson and S. Werner. “Graphical user authentication: A comparative evaluation of composite scene authentication vs. three competing graphical passcode systems”. Human Factors and Ergonomics Society Annual Meeting Proceedings, 52: 542-546, 2008.
|
|
|
| 45 |
M. D. Hafiz, A. H. Abdullah, N. Ithnin and H. K. Mammi. “Towards identifying usability and security features of graphical password in knowledge based authentication technique”. In Proceedings of the Second Asia International Conference on Modelling and Simulation, IEEE, pp. 396-403, 2008.
|
|
|
| 46 |
L. Y. Por and X. T. Lin. “Multi-grid background Pass-Go”. WSEAS Transactions on Information Science and Applications, 7(7): 1137-1148, 2008.
|
|
|
| |
|
| |
|
| |
| |
|
| |
|
| |
| 1 |
TechRepublic
|
| 2 |
ZDNet
|
| 3 |
silicon.com
|
| 4 |
CONTA, University of Macedonia
|
| 5 |
lw20.com
|
| |
|
| |
|
| |
|
| Stamati Gkarafli : Colleagues
|
|
| Anastasios A. Economides : Colleagues
|
|
