SPOSS: Secure Pin-Based-Authentication Obviating Shoulder Surfing
作者: Ankit Maheshwari , Samrat Mondal
DOI: 10.1007/978-3-319-49806-5_4
关键词: Scheme (programming language) 、 Computer security 、 Shoulder surfing 、 Session (computer science) 、 Resilience (network) 、 Password 、 Usability 、 Login session 、 Authentication 、 Computer science
摘要: Classical PIN based authentication schemes are susceptible to shoulder surfing attacks and hence attacker may obtain secret credentials of legitimate user very easily. Some the existing that provide resistance against either require multiple rounds for entering single digit or some have dependency on external hardware complex computation be done mentally in order enter PIN. Another possible security threat could stealing if password file is compromised. In this paper, we propose a new entry mechanism known as SPOSS which provides resilience not only human-based but also recording attack (for one session) impose device like camera record whole login session future reference. compromise attack. Additionally, can ensured by round without doing any hardware. Experimental analysis shows proposed scheme achieves good balance between usability parameters.
springer.com
sci-hub.se 参考文章(21)
Majid Arianezhad, Douglas Stebila, Behzad Mozaffari, Usability and security of gaze-based graphical grid passwords financial cryptography. pp. 17- 33 ,(2013) , 10.1007/978-3-642-41320-9_2
Teemupekka Virtanen, Antti Stén, Antti Kaseva, Fooling Fingerprint Scanners - Biometric Vulnerabilities of the Precise Biometrics 100 SC Scanner ,(2003)
Nilesh Chakraborty, Samrat Mondal, An Improved Methodology towards Providing Immunity against Weak Shoulder Surfing Attack international conference on information systems security. pp. 298- 317 ,(2014) , 10.1007/978-3-319-13841-1_17
T. Perkovic, N. Rakic, M. Cagalj, SSSL: Shoulder Surfing Safe Login international conference on software, telecommunications and computer networks. pp. 270- 275 ,(2009)
Dugald R. Hutchings, Saranga Komanduri, Order and entropy in picture passwords graphics interface. pp. 115- 122 ,(2008)
Hristo Bojinov, Elie Bursztein, Xavier Boyen, Dan Boneh, Kamouflage: loss-resistant password management european symposium on research in computer security. pp. 286- 302 ,(2010) , 10.1007/978-3-642-15497-3_18
Edward K. Vogel, Maro G. Machizawa, Neural activity predicts individual differences in visual working memory capacity Nature. ,vol. 428, pp. 748- 751 ,(2004) , 10.1038/NATURE02447
George Armitage Miller, The magical number seven plus or minus two: some limits on our capacity for processing information ,(1956)
Jerry Ma, Weining Yang, Min Luo, Ninghui Li, A Study of Probabilistic Password Models ieee symposium on security and privacy. pp. 689- 704 ,(2014) , 10.1109/SP.2014.50
Huanyu Zhao, Xiaolin Li, S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme advanced information networking and applications. ,vol. 2, pp. 467- 472 ,(2007) , 10.1109/AINAW.2007.317