Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/4905
標題: A CLICK-BASED SPATIAL AUTHENTICATION SYSTEM
觸控式影像驗證系統
作者: 金娜
Bayarmunkh, Altanzaya
關鍵字: 圖形驗證法
graphical password
身份驗證
觸控式
影像驗證
authentication
click-based authentication
出版社: 通訊工程研究所
引用: [1] Paul Deitel, Harvey Deitel, Abbey Deitel, and Michael Morgano, Pearson Education “Android for Programmers An App-Driven Approach”, Inc. 2012, pp.1-12, pp.421-429. [2] Behrouz A. Forouzan McGraw-Hill “Introduction to Cryptography and Network Security” International Edition, Inc. 2008, pp.1-290. [3] S. Chiasson, R. Biddle, and P. van Oorschot, “A Second Look at the Usability of Click-Based Graphical Passwords,” Proc. ACM Symp. Usable Privacy and Security (SOUPS), July 2007. [4] S. Chiasson, A. Forget, R. Biddle, and P. van Oorschot, “Influencing Users towards Better Passwords: Persuasive Cued Click-Points,” Proc. British HCI Group Ann. Conf. People and Computers: Culture, Creativity, Interaction, Sept. 2008. [5] S. Chiasson, A. Forget, E. Stobert, P. van Oorschot, and R. Biddle, “Multiple Password Interference in Text and Click-Based Graphical Passwords,” Proc. ACM Conf. Computer and Comm. Security (CCS), Nov. 2009. [6] S. Chiasson, Elizabeth Stobert, Alain Forget, Robert Biddle, and Paul C. van Oorschot, “Persuasive Cued Click-Points: Design, Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism” IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 9, NO. 2, MARCH/APRIL 2012 [7] M. ZALISHAM JALI, A STUDY OF GRAPHICAL ALTERNATIVES FOR USER AUTHENTICATION, July 2011 [8]L. D. Paulson, "Taking a Graphical Approach to the Password," Computer, vol. 35, pp. 19, 2002 [9] Che Wei Hsu, Yen-Chieh Ouyang “SPATIAL AUTHENTICATION SCHEME FOR ONLINE TRANSACTIONS” Master thesis, Date: 19 December, 2011 [10] A. F. Syukri, E. Okamoto, and M. Mambo, "A User Identification System Using Signature Written with Mouse," in Third Australasian Conference on Information Security and Privacy (ACISP): Springer-Verlag Lecture Notes in Computer Science (1438), 1998, pp. 403-441. [11]I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin, "The Design and Analysis of Graphical Passwords," in Proceedings of the 8th USENIX Security Symposium, 1999. [12] L. Sobrado and J.-C. Birget, "Graphical passwords," The Rutgers Scholar, An Electronic Bulletin for Undergraduate Research, vol. 4, 2002 [13] E. Stobert, A. Forget, S. Chiasson, P. van Oorschot, and R. Biddle, “Exploring Usability Effects of Increasing Security in Click-Based Graphical Passwords,” Proc. Ann. Computer Security Applications Conf. (ACSAC), 2010 [14] T. Valentine, "An evaluation of the Passface personal authentication system," Technical Report, Goldsmiths College, University of London 1998 [15]M. N. Doja and N. Kumar. “Image Authentication Schemes Against Keylogger Software”, Ph.D, Comp. Eng. Dept., Jamia Millia Islamia, New Delhi, India. [16] Ive Billiauws, Kristiaan Bonjean, Promotor hogeschool, and GoedemeImage “Recognition on an Android mobile phone” Master Thesis [17] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, "Authentication using graphical passwords: Basic results," in Human-Computer Interaction International (HCII 2005). Las Vegas, NV, 2005. [18] S. Chiasson, “USABLE AUTHENTICATION AND CLICK-BASED GRAPHICAL PASSWORDS” DOCTOR OF PHILOSOPHY School of Computer Science at CARLETON UNIVERSITY Ottawa, Ontario December 2008 [19] X. Suo, Ying Zhu, G. Scott. Owen “Graphical Passwords: A Survey” Department of Computer Science Georgia State University [20] Worldwide smartphone sales by operating system (2012), source: Gartner Research http://www.gartner.com/it/page.jsp?id=1924314 [21] SQLite Database [Online] http://www.sqlite.org/ limits.html [22] Passive Attack-Wiki [Online] http://en.wikipedia.org/wiki/Passive_attack [23] Active Attack-Wiki [Online] http://en.wikipedia.org/wiki/Active_attack [24] Wikipedia [Online] http://en.wikipedia.org/wiki/Main_Page [25] Google[Online] https://www.google.com/ [26] Yahoo[Online] http://tw.yahoo.com/ [27] Passlogix, "www.passlogix.com," last accessed in June 2005.
摘要: 網路安全一直以來對所有的組織而言是個重要的議題,最常見的信息安全驗證身分的方法就是使用字母和數字的使用者名稱和密碼。圖形驗證法透過使用者點擊圖片來驗證身分,用來代替字母和數字的方式,和輸入字母和數字比較起來,圖形驗證法難以被破解。假如密碼很難猜,同樣的也不好記但圖形驗證法可以解決這樣的問題。 在我們的研究中,我們試圖開發一種身份驗證方法,採用先進的點擊圖片密碼與用兩個安全性的步驟,從兩次隨機圖片中選擇我們的密碼。使用者必須選擇他們的第一個步驟,以及選擇自己喜歡的密碼種類,第二個密碼種類的選擇要和第一有關的,我們的方法可防止攻擊者入侵,因圖片的位置會隨機改變且按鍵會變少,讓攻擊者混淆。鼓勵用戶選擇更隨意,更安全的密碼,使用者會覺得滿意有趣。實驗結果表明該方法的有效性,簡潔性,不容易忘記且容易使用,因使用文字型式的密碼輸入。我們用Android的應用程序來證明我們的理念。
Network security is always an important issue for all organization. The most common authentication method for information security is to use alphanumerical usernames and passwords. Graphical passwords are an alternative method to alphanumeric passwords in which users click on images to authenticate themselves. Comparing to alphanumeric password, graphical passwords are more difficult to break. If a password is hard to guess, then it is often hard to remember but graphical passwords can solve this problem. In this research we have developed an authentication method that uses advanced click-based picture passwords, with 2 steps of security, with choosing image password two times from random pictures. User must choose a picture for their first step and the decision held on their favorite thing and the second step has alike images related with their first choice, this encourages users to select more random and more secure passwords. To confuse attackers and to satisfy users we add extra procedure during login process by arranging visibility of image buttons in random position and therefore decreasing the guessing number of buttons. The experiment result demonstrates the effectiveness of our innovative method in being secured plus memorable, easy to use and safer than alphanumerical authentication method. The Click-based spatial authentication system is implemented in Android application to prove our concept.
URI: http://hdl.handle.net/11455/4905
其他識別: U0005-0602201313305900
文章連結: http://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-0602201313305900
Appears in Collections:通訊工程研究所

文件中的檔案:

取得全文請前往華藝線上圖書館



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.