Upload
swati-singh
View
163
Download
6
Embed Size (px)
Citation preview
3 D- PASSWORD SCHEMESBY:-SWATI SINGHB.TECH IN CSEREG NO:-1401298347SL NO:-46SESSION:-2016-17SEMESTER:-6TH COLLEGE:-GIFT,BBSR
CONTENTS3D password overviewAimThree basic identification method of passwordAuthentication schemesFunctionalities required3d password selection and input3d virtual environment design guidelines3D environmentApplicationsSecurity AnalysisAttacks and CountermeasuresConclusion
3d password overviewThe three dimensional password(3D password) is new authentication methodology that combines recognition ,recall what you have(tokens),and what you are(biometrics) in one authentication systems. The idea is simply outlined as follow.
The user navigates through a three dimensional virtual environments. The combination and the sequence of the user action and interaction towards the object in the three dimensional. Virtual environment constructs the user 3D passwords. Therefore the user can walk in the virtual environment and type something on a computer that exit in(x1,y1,z1)Position , then walk into a room that has a white board that exit in a position(x2,y2,z2) and draw something on the white board. The combination and the sequence of the previous two actions towards the specific objects construct the users 3D passwords. Users can navigate through a three dimensional virtual environment that can contain any virtual object.
Virtual object can be any types. We will list some possible objects to clarify the idea.
An object can be:
1.An ATM machine that requires a smart card and PIN
2.A light that can be switched on/off
3.Any real object
4.Any biometric device
5.A computer that user can type in
AIMThe aim of 3D password scheme is to propose and evaluate a new schemeOf authentication. This scheme is based on a virtual three dimensional environment .User navigate through the virtual environment and interactwith items inside the virtual three dimensional environment .The 3D password’sCombines most existing authentication schemes such as textual passwords,Graphical passwords and biometrics into one virtual three dimensionalenvironment .The 3D password’s main application is the protection of criticalresources and systems.
Authentication is the process of validating who you are to whom you claimedto be .In general , there are four human authentication techniques:
1.What you know(knowledge based).2.What you have(token based).3.What you are(biometrics).4.What you recognize(recognition based).
Three Basic Identification Methods of password
•Password•PIN
•Keys•Passport•Smart Card
•Face•Fingerprint•Iris
Possession(“something I have”)
Biometrics(“something I am”)
Knowledge(“something I know”)
AUTHENTICATION SCHEMES
KNOWLEDGE BASED Recall based Recognition based
TOKEN BASEDEG: smart card
BIOMETRIC BASED Fingerprint ,palm prints ,hand geometry ,face
recognition
Intrusiveness upon a user’s personal characteristics.
GRAPHICAL PASSWORDS
Recognition based
Recall based
FUNCTIONALITIES REQUIRED
New scheme should combine the existing authentication schemes
Freedom to select the type of authentication technique.
Should provide secrets that are easy to remember, difficult to guess.
3D PASSWORD SELECTION AND INPUT
3D environment space represented by the co-ordinates
User navigate into the 3D virtual environment using any input device.
The sequence of actions and interactions forms the users 3D password.
3D VIRTUAL ENVIRONMENT DESIGN GUIDELINES
Real-life similarity
Object uniqueness and distinction
Three-dimensional virtual environment
System importance
Snapshot of a virtual environment , which contains 36pictures and six computers as virtual objects
3D environment
APPLICATIONS
Critical servers.
Nuclear and military facilities.
Airplanes and jet fighters.
ATM, desktop computers and laptops.
SECURITY ANALYSIS
3D Password Space Size.
3D Password Distribution Knowledge.
ATTACKS AND COUNTER MEASURES
Brute Force Attack
Well-Studied Attack
Shoulder Surfing Attack
Timing Attack
CONCLUSION
Commonly used authentication schemes are vulnerable to attacks.
3D Password is a multifactor authentication scheme.
Design of 3D virtual environment, selection of objects inside the environment, and the object type reflects the resulted password space.
User’s choice and decision to construct the desired and preferred 3D password