Usable Security Introduction to User Authentication and Human Interaction Proof Research
|
|
- Jemima Atkinson
- 5 years ago
- Views:
Transcription
1 Usable Security Introduction to User Authentication and Human Interaction Proof Research Argyris C. Constantinides PhD Student Department of Computer Science University of Cyprus 1
2 Agenda Introduction User Authentication CAPTCHA HCI Beyond Mobile INTRODUCTION 2
3 The World Wide Web Today A platform for deployment of complex applications of increased interactivity A medium used for complex and important tasks commercial and governmental transactions, collaborative work, learning, information retrieval Security issues of interactive systems are of paramount importance Security on the World Wide Web Today Millions lost due to security breaches which often are accredited to end-user erroneous interaction habits with regards to deployed security policies Unusable authentication policies an ever increasing number of minimum characters for a secure password unnecessary time-depending security tasks solving a CAPTCHA challenge for accomplishing the main user goal 3
4 Usable Security designing secure systems that people can use Security Concerns the security aspects of the system Develop suitable mechanisms to ensure security of systems Usability Concerns the usability aspects of the system Design and develop security mechanisms following a user-centered design approach Predominant Security Mechanisms User Authentication The process of verifying the physical identity of a person CAPTCHA Challenges Protect Web systems against malicious automated software agents Tasks performed on every moment worldwide by millions of users 4
5 Security THE PROBLEM Emphasis on Security but not Usability Usability 5
6 The User Authentication Problem Current computing systems are more capable of guessing passwords through dictionary attacks Password policies decrease memorability of passwords require users to remember minimum 8+ characters, upper and lower case letters, special characters) Even more difficult to be memorized by humans The CAPTCHA Problem Current character recognition systems are more capable of breaking CAPTCHAs The characters distortion and complexity is increased Even more difficult to be recognized by humans 6
7 RELATED WORK User Authentication Two entities are communicating, and one or both wish to establish their identity to the other User authentication is the process of verifying the physical identity of a person User authentication is a vital component of any security infrastructure today 7
8 User Authentication Types What the user knows, what the user has and what the user is 1. Knowledge-based authentication, e.g., passwords 2. Token-based authentication, e.g., credit card 3. Biometric-based authentication, e.g., fingerprint Password-based Authentication Passwords are the most popular type of authentication 80% of US and UK companies apply text-based password authentication (Zhang et al., 2009) 8
9 Necessity for Increasing Usability of Passwords Studies revealed major usability issues of current password mechanisms (Komanduri et al., 2011; Bonneau et al., 2012) Policies make passwords hard to remember Multiple passwords across multiple accounts (less usable) Users don t understand threats and risks, e.g., one password is used across multiple accounts (less secure) Will Passwords become obsolete? Nielsen (2000) said that biometrics are highly usable and would replace passwords - hasn t happened Gates (2004) predicted that passwords would become obsolete - hasn t happened Why not? 9
10 Password-based Authentication Easy and fast to implement (vs. fingerprint and biometric-based) Cheap to implement (vs. credit cards and token-based) Popular among most of the users Do not have privacy issues as fingerprint identifiers Graphical authentication Graphical authentication highly researched alternatives Require users to remember images or draw patterns on a grid as their authentication key More memorable. Pictures are better recalled and recognized than text (Paivio, 2006; 1971) 10
11 Recognition-based: Passfaces Remember faces as the authentication key Very memorable Memorability decreases until you have multiple Passfaces keys (Everitt et al., 2009) Recognition-based: Single Object Images Remember single-object images More memorable than faces or abstract images Images may be easily labeled, e.g., football, teddy bear, etc. 11
12 Recall-based or Cued-recall-based CAPTCHA (Completely Automated Public Turing Tests to Tell Computers and Humans Apart) Protect against automated software agents whose purpose is to degrade the quality of a provided service Automated creation of fake accounts that are used later on for spam Generation of massive scale advertising Manipulation of online voting systems Access of private information Generation of hyperlinks in forums to improve their Web-sites search engine ranking Dictionary attacks of passwords 12
13 CAPTCHA (Completely Automated Public Turing Tests to Tell Computers and Humans Apart) Verifies that the entity interacting with a system is actually a human being, and not a software agent Based on the assumption that a distorted text-based image can be easily recognized by the human brain but present significant difficulty to image recognition systems Text-recognition CAPTCHA CAPTCHA challenges are performed primarily with the use of textrecognition CAPTCHA (Burzstein et al., 2010; von Ahn et al., 2008). Google recaptcha (von Ahn et al., 2008) is currently the most popular and widely used CAPTCHA online Over 200 million recaptchas are completed daily Facebook, Microsoft and many others utilize text-recognition CAPTCHA (Burzstein et al., 2010) 13
14 Necessity for Increasing Usability of CAPTCHA Studies revealed major usability issues of current CAPTCHA mechanisms (Yan et al., 2008; Fidas et al., 2011) Users find CAPTCHA frustrating Users have major difficulties in solving CAPTCHA CAPTCHA Alternatives Image-recognition CAPTCHAs Image puzzle problems e.g., Require users to select images Illustrating cats among dogs. Or determine the upright position of an image Speech-recognition CAPTCHAs Require users to enter text that is narrated by the CAPTCHA challenge 14
15 Diversity in User Authentication and CAPTCHA Research has shown that human behavior (e.g. interaction, visual and security behavior) in UA and CAPTCHA schemes varies depending on the users individuals characteristics and preferences Differences in factors such as age, cognitive processing styles and abilities One-size-fits-all Ineffective practice of usability in security, does not naturally embed the users characteristics in the design process Ignores the fact that different users different characteristics develop different structural and functional mental models need individual scaffolding It is necessary to understand in depth the interdependencies among the user characteristics and the security tasks,taking place during the interactions with hypermedia environments 15
16 User Security Tasks? Textual Authentication Textual CAPTCHA focusofanalysisremainsmainlyon the technology layer and fails to analyze and understand the users Graphical Authentication Image CAPTCHA Best-fit Security Scheme 16
17 HCI Beyond Mobile Beyond Real World 17
18 Mixed Reality How do we interact with it? 18
19 How do we type? Bluetooth-paired physical keyboard Virtual keyboard Research Challenges Do VR/AR/MR devices affect usability and security in User Authentication and CAPTCHA? Do the existing effects of human factors still exist in VR/AR/MR contexts? How to design usable UA and CAPTCHA schemes within VR/AR/MR contexts? 19
20 THANK YOU FOR YOUR ATTENTION 20
Studying the Effect of Human Cognition on Text and Image Recognition CAPTCHA Mechanisms
Studying the Effect of Human Cognition on Text and Image Recognition CAPTCHA Mechanisms Marios Belk 1, Panagiotis Germanakos 1, Christos Fidas 1, George Spanoudis 2, and George Samaras 1 1 Department of
More informationAuthentication KAMI VANIEA 1
Authentication KAMI VANIEA FEBRUARY 1ST KAMI VANIEA 1 First, the news KAMI VANIEA 2 Today Basics of authentication Something you know passwords Something you have Something you are KAMI VANIEA 3 Most recommended
More informationIn this unit we are continuing our discussion of IT security measures.
1 In this unit we are continuing our discussion of IT security measures. 2 One of the best security practices in Information Security is that users should have access only to the resources and systems
More informationAuthentication SPRING 2018: GANG WANG. Slides credit: Michelle Mazurek (U-Maryland) and Blase Ur (CMU)
Authentication SPRING 2018: GANG WANG Slides credit: Michelle Mazurek (U-Maryland) and Blase Ur (CMU) Passwords, Hashes, Salt Password database Username Plaintext Password Not a good idea to store plaintext
More informationWhat is a security measure? Types of security measures. What is a security measure? Name types of security measures
TOPIC: Fundamentals of cyber security: Methods to detect and prevent cyber security threats LEARNING OBJECTIVES: What is a security measure? CAPTCHA Biometric security measures Password systems Automatic
More informationBalancing Usability and Security in a Video CAPTCHA
Balancing Usability and Security in a Video CAPTCHA Google, Inc. kak@google.com Rochester Institute of Technology rlaz@cs.rit.edu Symposium on Usable Privacy and Security (SOUPS) 2009 July 15th-17th, 2009,
More informationOSN Attack Automated Identity Theft Attacks
OSN Attack Automated Identity Theft Attacks John LePage Department of Electrical & Computer Engineering Missouri University of Science and Technology jlpc5@mst.edu 9 November 2016 2014 John LePage Introduction
More informationPICATCHA MIMS 2011 FINAL PROJECT REPORT SUMMARY
A platform to monetize usable & secure CAPTCHAs for desktop and mobile devices May 5th, 2011 School of Information, University of California Berkeley Final Project Report Team: Dhawal Mujumdar and Satish
More informationSecurity and Usability Computer Security: Lecture 9. 9 February 2009 Guest Lecture by Mike Just
Security and Usability Computer Security: Lecture 9 9 February 2009 Guest Lecture by Mike Just Introduction Who am I? Mike Just Visiting Research Fellow, School of Informatics Researching security and
More informationGraphical User Authentication Using Random Codes
Graphical User Authentication Using Random Codes Mr.D.S.Gawande 1, Manisha P. Thote 2, Madhavi M. Jangam 3, Payal P. Khonde 4, Payal R. Katre 5, Rohini V. Tiwade 6 1Assistant Professor, Computer Science
More informationUser Authentication. Daniel Halperin Tadayoshi Kohno
CSE 484 / CSE M 584 (Autumn 2011) User Authentication Daniel Halperin Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others
More informationWhat is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.
P1L4 Authentication What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource. Authentication: Who are you? Prove it.
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationWho are you? Enter userid and password. Means of Authentication. Authentication 2/19/2010 COMP Authentication is the process of verifying that
Who are you? Authentication COMP620 Authentication is the process of verifying that the user or system is who they claim li to be. A system may be acting on behalf of a given principal. Authentication
More informationProtecting your Data in the Cloud. Cyber Security Awareness Month Seminar Series
Protecting your Data in the Cloud Cyber Security Awareness Month Seminar Series October 24, 2012 Agenda Introduction What is the Cloud Types of Clouds Anatomy of a cloud Why we love the cloud Consumer
More informationEBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS
EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS HOW SECURE IS YOUR VPN ACCESS? Remote access gateways such as VPNs and firewalls provide critical anywhere-anytime connections to the networks
More informationHow to Tell a Human apart from a Computer. The Turing Test. (and Computer Literacy) Spring 2013 ITS B 1. Are Computers like Human Brains?
How to Tell a Human apart from a Computer The Turing Test (and Computer Literacy) Spring 2013 ITS102.23 - B 1 Are Computers like Human Brains? The impressive contributions of computers during World War
More informationHans Joachim Jelena Mirkovic Ivica Milanovic Øyvind Bakkeli
Hans Joachim Jelena Mirkovic Ivica Milanovic Øyvind Bakkeli Introduction Research questions: What are most common and accepted authentication methods for mobile services? What are differences, opportunities
More informationLecture 3 - Passwords and Authentication
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 3 - Passwords and Authentication CSE497b - Spring 2007 Introduction Computer and Network Security Professor
More informationBiometrics&CAPTCHA. 11/29/2010 EJ Jung
Biometrics&CAPTCHA 11/29/2010 EJ Jung Announcements Guest lecture on Wed. December 1st. readings in the Schedule page report after the lecture - extra credit for quiz Service lab presentation on Mon. December
More informationEvaluating Alternatives to Passwords
Security PS Evaluating Alternatives to Passwords Bruce K. Marshall, CISSP, IAM Senior Security Consultant bmarshall@securityps.com Key Topics Key Presentation Topics Authentication Model Authenticator
More informationHuman Computable Protocols: Password-based Authentication
18733: Applied Cryptography Human Computable Protocols: Password-based Authentication Anupam Datta With Jeremiah Blocki and Manuel Blum Carnegie Mellon University Memory Experiment 1 Person Action Bill
More informationTrusted Profile Identification and Validation Model
International Journal of Engineering Research and Development e-issn: 2278-067X, p-issn: 2278-800X, www.ijerd.com Volume 7, Issue 1 (May 2013), PP. 01-05 Himanshu Gupta 1, A Arokiaraj Jovith 2 1, 2 Dept.
More informationAnalytical Evaluation
Analytical Evaluation November 7, 2016 1 Questions? 2 Overview of Today s Lecture Analytical Evaluation Inspections Performance modelling 3 Analytical Evaluations Evaluations without involving users 4
More informationSecuring Cloud Applications with a Distributed Web Application Firewall Riverbed Technology
Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com 2013 Riverbed Technology Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS
More informationThematic Graphical User Authentication: Graphical User Authentication Using Themed Images on Mobile Devices
Int'l Conf. Security and Management SAM'17 273 Thematic Graphical User Authentication: Graphical User Authentication Using Themed Images on Mobile Devices Joshua Sherfield 1, Cheryl V. Hinds 2 1 Lawrence
More informationTHALES DATA THREAT REPORT
2018 THALES DATA THREAT REPORT Trends in Encryption and Data Security U.S. FEDERAL EDITION EXECUTIVE SUMMARY #2018DataThreat THE TOPLINE Federal agency data is under siege. Over half of all agency IT security
More informationLecture 3 - Passwords and Authentication
Lecture 3 - Passwords and Authentication CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12 What is authentication? Reliably verifying
More informationA Survey on Graphical Passwords in Providing Security
A Survey on Graphical Passwords in Providing Security Mrs. Anuradha. V #, Mr.M.Nagesh *, Mr.N. Vijaya sunder sagar # # M.Tech., Dept. of CSE, Ashoka Institute of Engineering & Technology, JNTU Hyderabad
More informationPrivacy-Enhancing Technologies & Applications to ehealth. Dr. Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies & Applications to ehealth Dr. Anja Lehmann IBM Research Zurich IBM Research Zurich IBM Research founded in 1945 employees: 3,000 12 research labs on six continents IBM Research
More informationCollective Intelligence. CAPTCHAs. Eran Hershko
Collective Intelligence CAPTCHAs Eran Hershko Outline 1) Introduction to CAPTCHA. 2) recaptcha (and Collective Intelligence). 3) How To Break Two CAPTCHAs: EZ- GIMPY & GIMPY. 4) Summery & Future Work.
More informationComputer Security & Privacy
Computer Security & Privacy Melissa Winstanley (mwinst@cs.washington.edu) (based on slides by Daniel Halperin) How exploration sessions work You get 1/3 point of extra credit for each session Attendance
More informationNETWORK SECURITY - OVERCOME PASSWORD HACKING THROUGH GRAPHICAL PASSWORD AUTHENTICATION
NETWORK SECURITY - OVERCOME PASSWORD HACKING THROUGH GRAPHICAL PASSWORD AUTHENTICATION P.Kiruthika R.Tamilarasi Department of Computer Applications, Dr.Mahalingam College Of Engineering and Technology,
More informationRobust Defenses for Cross-Site Request Forgery Review
Robust Defenses for Cross-Site Request Forgery Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka October 16, 2011 1 Introduction to the topic and the reason for the topic
More informationepldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
More informationConsumer Opinions and Habits A XIRRUS STUDY
Consumer Opinions and Habits A XIRRUS STUDY Executive Summary With more devices on the planet than people, it goes without saying that wireless is no longer a bonus - it s a necessity. By the end of 2015,
More informationAre You Flirting with Risk?
Are You Flirting with Risk? A Review of RSA Authentication Manager 8.x Platform 1 2 3 RSA AUTHENTICATION Agenda MANAGER 8.0 Password Problem The Ultimate Authentication Engine Market overview {Speaker}
More informationCaptcha as Textual Passwords with Click Points to Protect Information
Captcha as Textual Passwords with Click Points to Protect Information Sandeep Kumar Vengala Computer Science & Engineering. S.R.Engineering College, Warangal, Telangana, India. Goje Roopa(Asst.Prof) Computer
More informationUser Authentication + Other Human Aspects
CSE 484 (Winter 2010) User Authentication + Other Human Aspects Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for
More informationA Review on Various Interactive CAPTCHA Techniques Concerning Web Security
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320 088X IMPACT FACTOR: 6.017 IJCSMC,
More informationComputer Security. 10. Biometric authentication. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10. Biometric authentication Paul Krzyzanowski Rutgers University Spring 2018 1 Biometrics Identify a person based on physical or behavioral characteristics scanned_fingerprint = capture();
More informationOn Users Preference on Localized vs. Latin-Based CAPTCHA Challenges
On Users Preference on Localized vs. Latin-Based CAPTCHA Challenges Christos Fidas 1,2 and Artemios G. Voyiatzis 3 1 Department of Computer Science, University of Cyprus, 1678 Nicosia, Cyprus 2 Interactive
More informationComputer Security 4/15/18
Biometrics Identify a person based on physical or behavioral characteristics Computer Security 10. Biometric authentication scanned_fingerprint = capture(); if (scanned_fingerprint == stored_fingerprint)
More informationUsable Privacy and Security, Fall 2011 Nov. 10, 2011
Usable Privacy and Security, Fall 2011 Nov. 10, 2011 YoungSeok Yoon (youngseok@cs.cmu.edu) Institute for Software Research School of Computer Science Carnegie Mellon University picture/photo based vs.
More informationEvaluating Three Scrutability and Three Privacy User Privileges for a Scrutable User Modelling Infrastructure
Evaluating Three Scrutability and Three Privacy User Privileges for a Scrutable User Modelling Infrastructure Demetris Kyriacou, Hugh C Davis, and Thanassis Tiropanis Learning Societies Lab School of Electronics
More informationOverview of Today s Lecture. Analytical Evaluation / Usability Testing. ex: find a book at Amazon.ca via search
Overview of Today s Lecture Analytical Evaluation / Usability Testing November 17, 2017 Analytical Evaluation Inspections Recapping cognitive walkthrough Heuristic evaluation Performance modelling 1 2
More informationPasswords. EJ Jung. slide 1
Passwords EJ Jung slide 1 Basic Problem? How do you prove to someone that you are who you claim to be? Any system with access control must solve this problem slide 2 Many Ways to Prove Who You Are What
More informationUnlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.
Unlocking Office 365 without a password How to Secure Access to Your Business Information in the Cloud without needing to remember another password. Introduction It is highly likely that if you have downloaded
More informationDESIGN, IMPLEMENTATION AND EVALUATION OF A KNOWLEDGE BASED AUTHENTICATION SCHEME UPON COMPELLING PLAIT CLICKS
http:// DESIGN, IMPLEMENTATION AND EVALUATION OF A KNOWLEDGE BASED AUTHENTICATION SCHEME UPON COMPELLING PLAIT CLICKS Chalichima Harshitha 1, Devika Rani 2 1 Pursuing M.tech (CSE), 2 Assistant professor
More informationPixelCAPTCHA. A Unicode Based CAPTCHA Scheme CYBER WORKFORCE ISSUES. Gursev Singh Kalra, Salesforce.com
PixelCAPTCHA A Unicode Based CAPTCHA Scheme Gursev Singh Kalra, Salesforce.com Abstract. This paper will discuss a new visual CAPTCHA [1] scheme that leverages the 64K Unicode code points from the Basic
More informationDisk Encryption Buyers Guide
Briefing Paper Disk Encryption Buyers Guide Why not all solutions are the same and how to choose the one that s right for you.com CommercialSector Introduction We have written this guide to help you understand
More informationWhy use multiple addresses
Why use multiple email addresses This article limits the discussion to email vendors that provide a free email service. Therefore, having more than one email account can be useful. Further, the assumption
More informationUsable Privacy and Security Introduction to HCI Methods January 19, 2006 Jason Hong Notes By: Kami Vaniea
Usable Privacy and Security Introduction to HCI Methods January 19, 2006 Jason Hong Notes By: Kami Vaniea Due Today: List of preferred lectures to present Due Next Week: IRB training completion certificate
More informationIdentification, authentication, authorisation. Identification and authentication. Authentication. Authentication. Three closely related concepts:
Identification, authentication, authorisation Three closely related concepts: Identification and authentication WSPC, Chapter 6 Identification: associating an identity with a subject ( Who are you? ) Authentication:
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis H2020 Clustering
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis SAINT Workshop
More informationAre You Flirting with Risk?
Are You Flirting with Risk? RSA Live Webcast October 15, 2013 Jessica Stanford Sr. Product Marketing Manager, RSA Authentication 1 2 3 4 5 RSA AUTHENTICATION MANAGER 8.0 Agenda Password Problem Market
More informationCued Click Point Technique for Graphical Password Authentication
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 1, January 2014,
More informationCIS 6930/4930 Computer and Network Security. Topic 6. Authentication
CIS 6930/4930 Computer and Network Security Topic 6. Authentication 1 Authentication Authentication is the process of reliably verifying certain information. Examples User authentication Allow a user to
More informationHCI Lecture 10: Guest Lecture Usability & Security 28 October 2008
HCI Lecture 10: Guest Lecture Usability & Security 28 October 2008 Mike Just, Visiting Research Fellow Key Points: Reliance upon memory is a key factor for usability Usability and security can be achieved
More informationInformation Security & Privacy
IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 8 Feb 24, 2015 Authentication, Identity 1 Objectives Understand/explain the issues related to, and utilize
More informationTHE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY
THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY DATA CENTER WEB APPS NEED MORE THAN IP-BASED DEFENSES AND NEXT-GENERATION FIREWALLS table of contents.... 2.... 4.... 5 A TechTarget White Paper Does
More informationL5: Basic Grammar Based Probabilistic Password Cracking
L5: Basic Grammar Based Probabilistic Password Cracking Sudhir Aggarwal and Shiva Houshmand and Matt Weir Florida State University Department of Computer Science E-Crime Investigative Technologies Lab
More informationSolution. Imagine... a New World of Authentication.
A Solution Imagine... a New World of Authentication. Imagine a World Where Passwords can t be hacked People can t share credentials Users can t pretend to be someone else Where authentication is more Secure
More informationCHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM
109 CHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM Security is considered to be the most critical factor in many applications. The main issues of such
More informationKeywords security model, online banking, authentication, biometric, variable tokens
Volume 4, Issue 11, November 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Authentication
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 6. Authentication Instructor: Dr. Kun Sun Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationAuthentication. Identification. AIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 6. Authentication Instructor: Dr. Kun Sun Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationA New Hybrid Graphical User Authentication Technique based on Drag and Drop Method
A New Hybrid Graphical User Authentication Technique based on Drag and Drop Method Salim Istyaq, Khalid Saifullah Assistant Professor, Dept. of Computer Engineering, EES, University Polytechnic, Faculty
More informationSecurity server using CAPTCHA. Introduction to CAPTCHA
Security server using CAPTCHA Introduction to CAPTCHA A key area in security research and practice is authentication, the determination of whether a user should be allowed to access to a given system or
More informationWHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD
WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD Imagine that you re a CISO in charge of identity and access management for a major global technology and manufacturing company. You
More informationYour message is sent from your computer to a server (like the post office) where the
E-mail it s convenient, cheap and easy. Today, it is the most rapidly growing means of communication. All e-mail programs are slightly different. Gmail, Hotmail, and Yahoo! are some popular e-mail programs.
More informationGraphical Password or Graphical User Authentication as Effective Password Provider
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 2 Issue 9 September 2013 Page No. 2765-2769 Graphical Password or Graphical User Authentication as Effective
More informationInteraction Style Categories. COSC 3461 User Interfaces. What is a Command-line Interface? Command-line Interfaces
COSC User Interfaces Module 2 Interaction Styles What is a Command-line Interface? An interface where the user types commands in direct response to a prompt Examples Operating systems MS-DOS Unix Applications
More informationSecuring Network Devices with the IEC Standard What You Should Know. Vance Chen Product Manager
with the IEC 62443-4-2 Standard What You Should Know Vance Chen Product Manager Industry Background As the Industrial IoT (IIoT) continues to expand, more and more devices are being connected to networks.
More information5-899 / Usable Privacy and Security Text Passwords Lecture by Sasha Romanosky Scribe notes by Ponnurangam K March 30, 2006
5-899 / 17-500 Usable Privacy and Security Text Passwords Lecture by Sasha Romanosky Scribe notes by Ponnurangam K March 30, 2006 1 Topics covered Authentication and authorization Pass-sentences, pass-phrases
More informationThe Bots Are Coming The Bots Are Coming Scott Taylor Director, Solutions Engineering
The Bots Are Coming The Bots Are Coming Scott Taylor Director, Solutions Engineering Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information
More informationDefenses against Large Scale Online Password Guessing by Using Persuasive Cued Click Points
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 2, Issue. 4, April 2013,
More informationGOOGLE APPS. GETTING STARTED Page 02 Prerequisites What You Will Learn. INTRODUCTION Page 03 What is Google? SETTING UP AN ACCOUNT Page 03 Gmail
GOOGLE APPS GETTING STARTED Page 02 Prerequisites What You Will Learn INTRODUCTION Page 03 What is Google? SETTING UP AN ACCOUNT Page 03 Gmail DRIVE Page 07 Uploading Files to Google Drive Sharing/Unsharing
More informationFujitsu World Tour 2016
Fujitsu World Tour 2016 Human Centric Innovation in Action Utrecht 13 June 2016 0 Copyright 2016 FUJITSU Mobilizing the Enterprise One size does not fit all powered by 1 Copyright 2016 FUJITSU Speaker
More informationThreat Assessment Summary. e-voting, Admin, and pvoting TOE s
Threat Assessment Summary e-voting, Admin, and pvoting TOE s, 2011 Page 1 of 22 Source Code, High Level Architecture Documentation and Common Criteria Documentation Copyright (C) 2010-2011 and ownership
More informationCSC 474 Network Security. Authentication. Identification
Computer Science CSC 474 Network Security Topic 6. Authentication CSC 474 Dr. Peng Ning 1 Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationHuman Computation. Melissa Winstanley
Human Computation Melissa Winstanley mwinst@cs.washington.edu What computers do badly Open-ended, unstructured tasks Creativity Writing stories Composing music Making art Conversation Loebner Prize (chatbots)
More informationTHE TANGLED WEB OF PASSWORD REUSE
THE TANGLED WEB OF PASSWORD REUSE DAS, BONNEAU, CAESAR, BORISOV, AND WANG PRESENTED BY: CODY FRENZEL AND JP WHEELER INTRODUCTION Easy to guess passwords undermine security Many online services offer password
More informationSecuring today s identity and transaction systems:! What you need to know! about two-factor authentication!
Securing today s identity and transaction systems:! What you need to know! about two-factor authentication! 1 Today s Speakers! Alex Doll! CEO OneID Jim Fenton! Chief Security Officer OneID 2 Contents!
More informationPROTECTING YOUR BUSINESS ASSETS
PROTECTING YOUR BUSINESS ASSETS How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and Your Credit Card Number Gets Stolen A MyNAMS Presentation by Regina Smola @2012 Regina
More informationOnline Threats. This include human using them!
Online Threats There are many dangers from using the web (and computer in general). One should watch out for malware, automated programs designed to cause harm to you, your data, and your system. You are
More informationHow. Biometrics. Expand the Reach of Mobile Banking ENTER
How Biometrics Expand the Reach of Mobile Banking ENTER Table of Contents 01 The Mobile Banking Opportunity 02 What s Suppressing Mobile Adoption? 03 Onboarding Challenges: Proving One s Identity 04 Authentication
More informationGraphical password authentication using Pass faces
RESEARCH ARTICLE OPEN ACCESS Graphical password authentication using Pass faces Ms Grinal Tuscano*, Aakriti Tulasyan**, Akshata Shetty**, Malvina Rumao**, Aishwarya Shetty ** *(Department of Information
More informationevision Review Project - Engagement Simon McLean, Head of Web & IT Support Information & Data Services.
evision Review Project - Engagement Monitoring Simon McLean, Head of Web & IT Support Information & Data Services. What is Usability? Why Bother? Types of usability testing Usability Testing in evision
More informationNew Era of authentication: 3-D Password
New Era of authentication: 3-D Password Shubham Bhardwaj, Varun Gandhi, Varsha Yadav, Lalit Poddar Abstract Current authentication systems suffer from many weaknesses. Textual passwords are commonly used.
More informationAdditional Support and Disability Advice Centre
Additional Support and Disability Advice Centre GUIDELINES TO PRODUCING ACCESSIBLE WORD DOCUMENTS 1 INTRODUCTION As well as allowing adaptation of font, background colour and layout to suit personal preferences,
More informationMulti-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey Friedberg
Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey Friedberg Phishing & Identity Theft Historically most online banking done with passwords (single-factor authentication)
More informationGraphical Password Scheme: CAPTCHA Sonali S. Pawar, Prof. Pravin P. Kalyankar
Graphical Password Scheme: CAPTCHA Sonali S. Pawar, Prof. Pravin P. Kalyankar Computer Science and Engineering, Dr. B.A.M.University, Aurangabad e-mail: sonali.pawar052@gmail.com Contact No. :9665144137
More informationCS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu
CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many
More informationTeacher s Instruction Guide. Securing Cyberspace Grand Challenge: Multi-Factor Authentication
Teacher s Instruction Guide Securing Cyberspace Grand Challenge: Multi-Factor Authentication Created by Team Snow-in: David Lam Leo Betts Praveen Rammohan Samuel Temple Sterling Mitchell Yuzong Gao Table
More informationITU-T SG 17 Q10/17. Trust Elevation Frameworks
ITU-T SG 17 Q10/17 Trust Elevation Frameworks Abbie Barbir, Ph.D. ITU-T SG 17 Q10 Rapporteur Martin Euchner SG 17 Advisor ITU Workshop on "Future Trust and Knowledge Infrastructure July 1 2016 Contents
More informationSecurity and Privacy. Security or Privacy? Computer Security
2110413 Computer Security Security & Privacy: the definitions Security Components Supporting Concepts Krerk Piromsopa, Ph.D. Department of Computer Engineering Chulalongkorn University Authentication Security
More information2016, IJARCSSE All Rights Reserved Page 209
Volume 6, Issue 12, December 2016 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Picture in
More informationCyber Security Updates and Trends Affecting the Real Estate Industry
Cyber Security Updates and Trends Affecting the Real Estate Industry What, Why, and How? Agenda Cyber Security Today Changes to Security Standards and Trends Protecting Yourself and Your Organization Takeways
More information