Authentication Systems
Real Time Web-based Audio/Video Communications
Needs
WebRTC lacking an authentication system
Use common third party authentication services may be too constraining
Solution: Guest scenario
Allowing only known users
Allowing an unknown user
That security considerations are not applicable in the case that an unknown user is allowed to.
Is easy to use for a user if no specific authentication is required to start the A/V real time communication in the Web.
The authentication of the client is actually required.
Isolated or Federated scenario is best choices
Differentiation
Those solutions are as much as possible aligned with system security requirements
Closely satisfying user preferences.
Benefits
Meets a higher security level
Fully Usable Speed
Fully Usable Efficiency
Highly Usable Learnability
Highly Usable Memorability
Highly Usable User preferences
Fully Usable Accessibility
User Authentication Method using Topographical Information of Google Maps
Needs
Solution:
Differentiation
Benefits
Using a mobile telephone with Google Maps
The authentication system accesses Google Maps using the address of the user.
It acquires the topographical information as a bitmapped image.
By means of a flood fill algorithm, the system paints the fill area of the address.
The system permits authentication on the constraint that the circle of the location information from a mobile overlaps with the painted fill area
Improved the authentication system
Enhanced the accuracy of authentication
Enables us to pinpoint a student's position with greater accuracy.
E-learning faces a major problem with respect to personal authentication
In distance learning, a teacher does not have the means to identify a student directly
It is practically impossible to monitor many students simultaneously by web camera
With a traditional ID-password pair, we cannot prevent spoofing.
A Secure and Convenient Mobile Solution for Passwords
Needs
Solution: Sesame
Differentiation
Benefits
Password managers rely on one master password to secure all of our passwords. If this master password is compromised then all other passwords can be recovered
secure yet convenient mobile-based, voice-activated password manager
It combines all different methods of user authentication to create a more robust digital vault for personal data
Each password is encrypted with a new fresh key on the user’s mobile device for maximum security.
The keys are stored in our servers in a protected format.
Very secure digital vault that can protect users’ private data.
The user has the option of backing up the encrypted passwords in any cloud service.
The user need not assume any trust to neither our servers nor any cloud storage.
There is no need to enter a master password every time since speaker recognition is used.
Can be generalized for secure cloud storage of any type of data.
A Secure and Practical Authentication Scheme Using Personal Devices
Needs
Solution: authentication protocol
Differentiation
Benefits
Get rid of many issues such as memorizing usernames and passwords
Widespread usage of ubiquitous computing and various intelligent portable and wearable devices
It is secure against password related attacks
It can resist replay attacks, shoulder surfing attacks, phishing attacks, and data breach incidents.
This scheme utilize different cryptographic primitives
Does not require an authentication server to maintain static username and password tables for identifying and verifying the legitimacy of the login users.
Consists of 4 algorithms for authentication scheme
Conventional static username and password protocols suffer from various security issues.
Memorizing usernames and passwords
Legacy authentication methods have failed over and over, and they are not immune against a wide variety of attacks
Leaking or compromising one account could cause an attacker to infiltrate other systems and endanger users’ security and privacy.
Attackers have created numerous high-tech techniques to steal users’ credentials
Novel Authentication Methods and Gradual Security Levels on Smartphones
Needs
Solution: focus group
Differentiation
Benefits
Gradual security is a useful concept and it would help to improve the security of personal data stored on phones.
The qualitative results can not merely be attributed to the specific group characteristics but possess a higher validity
Even if there is a light awareness of possible security threats most of the respondents did not really think about them or their possible consequences.
Smartphones provide different security layers
Fingerprint Authentication with a perceived security of 95%, an overall acceptance of 89% and a willingness of use of 95%
The PIN does not sufficiently protect the personal data stored.
The idea of combining a gradual security system did not meet with great approval.
The participants were clustered into four groups
Focus group discuss about which authentication methods and related issue
A Fair and Dynamic Password Authentication System
Needs
Solution
Differentiation
Benefit
sophisticated cryptosystems or cryptographic protocols
problem of session key exchange and the property of forward secrecy
fair password authentication system
Detect and inspect the real cause of the authentication failure
users were illegal when the authentication failed, being unfair to the users in schemes.
able to resist replay attacks and keylogger attacks
System administrators are unable to obtain or compute the users’ dynamic passwords
The security is based on the theory of quadratic residue and computational infeasibility of the integer factorization problem.
complete authentication simply by showing the password without the necessity to interact with the system.
The user can choose his password freely during registration
Users can use smart cards to save to calculate their passwords, increasing convenience and security.
Authentication System Using Reduced Joint Feature Vector of Iris and Face
Needs
Solution
Differentiation
Benefit
Recognition based on modalities may not be sufficiently robust
Current approaches to the use of single bio metrics in personal identity authentication are limited
No single bio metric is generally considered both sufficiently accurate and user-acceptable for universal application
bio metric authentication system
system based on the fusion of two user-friendly biometric modalities: Iris and Face
This system can operate in two modes: to identify a particular person or to verify a person’s claimed identity.
improve significantly the performance of multimodal identification systems
Iris and face can be used efficiently in multi modal system
can be simultaneously acquired and used to achieve the performance that may not be possible by single biometric alone.
higher discriminating power and lower dimensional
translation and rotation invariant ability
A Network Authentication System with Multi-Bio metrics
Needs
Benefits
Solution
Differentiation
Two authentication models as authentication architectures
CO-located Model
The Separated Model
support various applications where user authentication is necessary.
useful to build a network authentication system with multi-bio metric
schedules jobs to responsible persons.
A larger size of bio metrics data may not enlarge authentication time over a network very much
The role of authentication techniques to prevent unauthorized access by malicious users becomes more significant.
Methods based on human memory and physical devices cannot escape vulnerabilities caused by forgetfulness or losses
User Authentication Methodology Using Numeric Password and Fingerprint Bio metric Information
Needs
Solution
Differentiation
Benefits
that combines numeric-based password and biometric-based fingerprint authentication system
Use the information in the user’s fingerprint, authentication keys to obtain security.
The user cannot change user’s fingerprint information, but the user has a set password to easily change
An attacker does not have the advantage of leaked password
Provides security and flexibility.
it can remove authentication errors
concerning about user information security
user authentication is vulnerable
threat of information leakage
Problem of authenticates a person by machines
Three-Factor User Authentication Method Using Biometrics Challenge Response
Needs
Differentiation
Solution
Benefit
An attacker can remotely change the legitimate user’s call-transfer setting
A three-factor authentication method
Users call the server and the server checks the caller’s number
method enables a biometrics challenge response by using voice recognition and voice print recognition to prevent a replay attack
Is practical due to the use of multiple authentication factors
Crossover error rate of voiceprint authentication on public networks is 6.47%