Intro This paper explores various authentication systems to see if it is possible for any one of them to be deemed cheap, practical and secure enough to.

Slides:

Advertisements

Similar presentations

Browser Security Modes Alex Crowell and James Kasten.

Advertisements

Password Cracking Lesson 10. Why crack passwords?

1 Authentication with Passwords Prof. Ravi Sandhu Executive Director and Endowed Chair February 1, © Ravi.

ATTACKING AUTHENTICATION The Web Application Hacker’s Handbook, Ch. 6 Presenter: Jie Huang 10/31/2012.

Using E-Class Managing Documents in the Library. This is a PowerPoint presentation of about five minutes duration. It will explain the principles of document.

Evidence Collection & Admissibility Computer Forensics BACS 371.

James Tam User Centered Design Why User Centered Design is important Approaches to User Centered Design.

Essential Software Architecture Chapter Two - Introducing the Case Study Ian Gorton CS590 – Winter 2008.

05-899/ Usable Privacy and Security Colleen Koranda February 7, 2006 Usable Privacy and Security I.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.

 Visual Studio has great support for building ASP.NET web applications  Real web application development involves more than just copying the files created.

Peace Out, Passwords Identity and Access Management for the rest of us.

ECE 533 Final Project SIMPLE FACE RECOGNITION IMPLEMENTATION FOR COMPUTER AUTHENTICATION Josh Easton- Tin-Yau Lo.

Web Design Process CMPT 281. Outline How do we know good sites from bad sites? Web design process Class design exercise.

Lecture 5 Heuristic evaluations & Early prototype Evaluations HEIM, CHAPTERS

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

1 - buttons Click “Step Forward” to execute one line of the program. Click “Reset” to start over. “Play,” “Stop,” and “Step Back” are disabled in this.

Slide 1 Copyright © 2003 Encapsule Systems, Inc. Hyperworx Platform Brief Modeling and deploying component software services with the Hyperworx™ platform.

Overview of SQL Server Alka Arora.

Fundamentals of Python: From First Programs Through Data Structures Chapter 14 Linear Collections: Stacks.

CIS 450 – Network Security Chapter 8 – Password Security.

Building Success Websites What to build and what to look out for!

Authentication and Authorization Authentication is the process of verifying a principal’s identity (but how to define “identity”?) –Who the person is –Or,

Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Implementing a Sentient Computing System Presented by: Jing Lin, Vishal Kudchadkar, Apurva Shah.

Lecture 11: Strong Passwords

Three Basic Identification Methods of password Possession (“something I have”) Possession (“something I have”) Keys Passport Smart Card Knowledge (“Something.

Chapter 4 – Protection in General-Purpose Operating Systems Section 4.5 User Authentication.

Problem Statement: Users can get too busy at work or at home to check the current weather condition for sever weather. Many of the free weather software.

CS 206 Introduction to Computer Science II 09 / 10 / 2009 Instructor: Michael Eckmann.

CE Operating Systems Lecture 3 Overview of OS functions and structure.

NIMS MIDDLE SCHOOL PASSWORD BRIEF. What is a Password?  It is a string of alphanumeric characters that can be used to allow access to multiple things.

A Use Case Primer 1. The Benefits of Use Cases  Compared to traditional methods, use cases are easy to write and to read.  Use cases force the developers.

03/11/20151 System Development Lifecycle Design. 203/11/2015 Learning Objectives Consider the relevance and timeliness of data. Describe: The processes.

Understanding Users Cognition & Cognitive Frameworks

G53SEC 1 Authentication and Identification Who? What? Where?

DSpace vs Fedora Ralph LeVan OCLC Research. What Do You Want From a Repository? How do you create your metadata? How do you assemble your objects? How.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Problems With Centralized Passwords Dartmouth College PKI Lab.

Source Mastering UML with Rational Rose 2002 Information System Engineering Introduction to UML.

1 University of Utah – School of Computing Computer Science Writing Tic Tac Toe H. James de St. Germain University of Utah.

Computer Security The World of Cyber Crime Presentation Details This presentation will explain the purpose of bypassing security or stealing information.

Authorization vs. Authentication Authentication is the process of proving identity to the system –login Authorization happens after authentication. It.

Authentication What you know? What you have? What you are?

Networks. Learning Objectives: By the end of this lesson you should be able to:

Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Topic 2 Input devices. Topic 2 Input devices Are used to get raw data into the computer so that it can be processed Include common input devices such.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

Userinter14 1 User Interface Design – part 2 Pressman, chapter 12 pp Merrill and Feldman, “Rethinking the Path to Usability” IT Pro, May/June 2004.

Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.

7/10/20161 Computer Security Protection in general purpose Operating Systems.

Outline The basic authentication problem

Web Development Web Servers.

Biometric Authentication

Writing an Empirical Report: The IMRaD Structure

JavaScript Functions.

D-Link Router Customer Care Number. A D-link router is a basic necessity these days with so much technology around us in offices or homes. We can connect.

Strong Password Authentication Protocols

Norman 7 A: User-Centered Design

Flowcharts and Pseudo Code

DATABASE DESIGN & DEVELOPMENT

Computer Security Authentication

Computer Security Protection in general purpose Operating Systems

Presentation transcript:

Intro This paper explores various authentication systems to see if it is possible for any one of them to be deemed cheap, practical and secure enough to be able to replace the current password mechanisms used in most workstation type environments to something else, thus paving the path for becoming the new de facto standard for industry wide authentication

What Kind of Information would be used for this Study? Mostly information regarding the various systems, their pros and cons in addition to information related to their cost in deployment. This paper will revolve around the search for a cheap and effective authentication system to replace string based passwords so anything that can be used to prove one form of authentication over another will be good.

Why do security systems in general, fail? Design model--the security model from the designers’ perspective and how it should interact with the user and the system. It is the belief how the system should work in a perfect world. User’s mental model--the model in which how the user of the system believes the security system to work, based on assumptions. The model differs from user to user, some and some users have grossly inaccurate assumptions. system model--the actual way the system works

Why should we stop using password based authentications for productivity environments? There is a problem in finding balance between usability and security. Passwords can easily be told to others. Passwords are easy to copy. There are many widely available tool of decrypting stored password information. Passwords can be captured easily during input time. There are weaknesses in password reset mechanisms that hackers may be able to exploit.

Memory Based authentication Picture Recognition Technologies (AKA graphical passwords) Pseudo-word recognition (same as graphical passwords except user is presented a series of pseudo words e.g. ' kould' from various selection screens. Artificial grammar learning (a system that requires user to memories a pattern or string of characters. e.g. JKGWYY

Criteria Of Evaluation Number of security holes Cost Ease of Use Increase in Security Scalability Practicality of implementation and modding