Upload
ashok-kumar-palaki
View
84
Download
2
Tags:
Embed Size (px)
Citation preview
INTRODUCTION
The 3-D password is a multifactor authentication scheme.
It can combine all existing authentication schemes into a single 3-D virtual environment.
This 3-D virtual environment contains several objects or items with which the user can interact.
The type of interaction varies from one item to another.
The 3-D password is constructed by observing the actions and interactions of the user and by observing the sequences of such actions.
Visit www.seminarlinks.blogspot.com to download
EXISTING SYSTEM
Human Authentication
techniques
Knowledge Based What you
KNOW
Textual Password
Graphical Password
Token Based-What you HAVE
ATM cards
Keys
ID Cards
Biometrics - What you ARE
Fingerprints, Palmprints
Hand geometry
Face, Iris, Voice, Retina recognition
Human Authentication Techniques - Classification
•A 3D password is a multifactor authentication scheme that combine RECOGNITION +RECALL +TOKENS +BIOMETRICS in one authentication system.
3D PASSWORD
BRIEF DESCRIPTION OF SYSTEM
The 3D password presents a virtual environment containing various virtual objects.
The user walks through the environment and interacts with the objects.
It is the combination and sequence of user interactions that occur in the 3D environment.
BRIEF DESCRIPTION OF SYSTEM The user is presented with this 3d virtual environment where the
user navigates and interacts with various objects.
The sequence of actions and interactions towards the objects inside the 3d environment constructs the user’s 3d password.
SYSTEM IMPLEMENTATION
For example, the user can enter the virtual environment and type something on a computer that exists in (x1 , y1 , z1 ) position
then enter a room that has a fingerprint recognition device that exists in a position (x2 , y2 , z2 ) and provide his/her fingerprint.
Then, the user can go to the virtual garage, open the car door, and turn on the radio to a specific channel.
The combination and the sequence of the previous actions toward the specific objects construct the user’s 3D password.
Virtual objects can be any object we encounter in real life: A computer on which the user can type in A fingerprint reader that requires users fingerprint A paper or white board on which user can type An Automated teller(ATM) machine that requires a token A light that can be switched on/off A television or radio A car that can be driven A graphical password scheme
VIRTUAL OBJECTS
• 3-D virtual environment affects the usability, effectiveness, and acceptability of a 3-D password system.
• 3-D environment reflects the administration needs and the security requirements.
3D Virtual Environment
3D VIRTUAL ENVIRONMENT
The design of 3D virtual environments should follow these guidelines:
DESIGN GUIDELINES
Real Life Similarity
Object Uniqueness & Distinction3D Virtual
Environment SizeNumber of objects & their
typesSystem
Importance
ADVANTAGES
Provides security. 3D password can’t take by any other
person.3D graphical password has no limit. Password can change easily.Implementation of the system is
easy. Password can remember easily. Password helps to keep lot of
personal details.
APPLICATIONSThe 3D password’s main application domains are protecting critical systems and resources.
Critical Servers
Nuclear Reactors & military Facilities
Airplanes and missile Guiding
In addition, 3D passwords can be used in less critical systems
A small virtual environment can be used in the following systems like ATM
Personal Digital Assistance
Desktop computers & laptops
Web authentication etc.
ATTACKS AND COUNTERMEASURES
To realize and understand how far an authentication scheme is secure, all possible attack methods should be considered.
Thorough study has to be done , whether the authentication scheme proposed is immune against such attacks or not.
Moreover, if the proposed authentication scheme is not immune, the countermeasures have to be found that prevent such attacks.
Visit www.seminarlinks.blogspot.com to download
ATTACKS AND COUNTERMEASURES Brute Force Attack: The attacker has to try all possible 3-D passwords. This kind
of attack is very difficult for the following reasons: Time required to login
Cost of attacks
Well-Studied Attack: The attacker tries to find the highest probable distribution of 3-D passwords. However, to launch such an attack, the attacker has to acquire knowledge of the most probable 3-D password distributions.
Shoulder Surfing Attack: An attacker uses a camera to record the user’s 3-D password or tries to watch the legitimate user while the 3-D password is being performed. This attack is the most successful type of attack against 3-D passwords and some other graphical passwords.
Timing Attack: In this attack, the attacker observes how long it takes the legitimate user to perform a correct sign-in using the 3-D password. This observation gives the attacker an indication of the legitimate user’s 3-D password length.
CONCLUSION
• The authentication can be improved with 3d password ,because the unauthorized person may not interact with same object at a particular location as the legitimate user.
• It is difficult to crack ,because it has no fixed number of steps and a particular procedure.
• Added with biometrics and token verification this schema becomes almost unbreakable.
The 3-D password is still in its early stages. Designing various kinds of 3-D virtual environments, deciding on password spaces, and interpreting user feedback and experiences from such environments will result in enhancing and improving the user experience of the 3-D password