异源码字信息无序交融机制及其应用

目前利用单模态密码进行身份认证存在输入方式单一、安全性低等缺点。为此,提出一种异源码字可无序交融输入的方法。建立异类模态密码码字产生硬件的融合机制,给出异类模态密码码字信息归一化格式,为不同的模态信息设计不同的前置处理和密码码字分类等算法,通过异源码字公共单元实现异类模态密码码字的无序交融。基于密码键盘与黑箱子指书2类模态码字的无序交融应用实例表明,该机制可以较好地用于多模态密码输入系统。     

多模态生物特征识别技术进展综述

近年来,生物特征识别已经成为一种最具潜力的身份认证技术之一.主要对多模态生物特征识别技术进行概括和总结,同时也介绍了现存若干用于身份识别和验证的多模态生物特征识别系统.经调查研究显示,多模态生物特征识别技术由于在身份认证和识别过程中考虑了个体的多种生理或行为特征,因而表现出了较单生物特征更高的可靠性和安全性,并已成为生物特征识别技术未来发展的趋势之一.     

基于指部关联特征的多模态图像采集系统

针对基于单个生物特征的身份认证安全性和稳定性不足的问题,设计了基于指部关联特征的多模态图像采集系统,采用单个双波段摄像头分时采集同一根手指的指纹、指节纹和指静脉图像。指纹和指节纹采用非接触反射采集方式,指静脉采用单侧近红外光源与反射镜面相结合的透射采集方式,并根据静脉图像质量评价动态调控光源,根据特征点信息量动态调整各个特征的权重。实验结果表明,该多模态采集系统在认证通过率、误识率和拒登率等指标都优于指纹或指静脉的单模态采集系统,认证通过率达到99.1%,误识率为0.000 1%,不存在拒登现象。     

基于动态密码认证和VPN隧道的防水墙研究与实现

用户身份认证作为网络安全和信息安全的第一道屏障,目前防水墙认证主要采用传统的静态密码认证,在身份认证过程中易被窃取,严重危及企业内部信息安全.针对防水墙身份认证的安全需求,提出了扩展硬件身份及基于混沌理论的一次一密动态密码相结合认证,建立基于VPN的网络安全传输通道,实现了身份认证的无约定动态变化,增强了防水墙身份认证的安全性.     

一种基于量子密钥的区块链身份认证方法

针对当前区块链系统存在的用户身份非法访问、身份伪造等影响区块链系统安全的问题,基于量子密钥安全性和可靠性高的特性,提出并设计了一种利用量子密码技术实现区块链系统身份认证的方案,方案中用户每次登录区块链系统时可通过比对客户端量子密钥散列值和量子密钥云服务器散列值的一致性完成身份认证,从而确保了区块链系统每次交易用户身份的合法性和安全性。实验结果表明,利用量子密码技术能够实现区块链系统用户身份安全认证,为区块链身份安全认证提供了一种新的思路。     

P2P信息系统中集中式身份认证的设计

P2P在信息的交流与传递中,容易造成信息非法使用、知识产权被窃取。采用数字证书技术来开发集中式身份认证系统,合理运用数字证书技术,能较好地解决P2P网络中用户身份识别的问题。针对集中式身份认证系统的设计应遵循相对安全性、高可靠性和可扩展性的原则,给出了认证系统的系统结构,充分考虑P2P信息系统认证子系统的安全性。     

Using AT89C52 to Design Disorder Keyboard

针对传统密码键盘的安全性差的缺点，在传统密码键盘的基础上，设计了一种乱序密码输入键盘，增加了新的功能和特性．一方面在键盘数字按键上增加了数码管来显示0至9十个数字，且设计了随机数产生软件实现了随机变位，另一方面在按键上面贴一层特殊的透光材料。使视线具有一定的视角限制，在一定角度之外的人不能看到键盘上的数字。即使他人看到用户所按的键位，由于密码输入完毕后，键位又会重新打乱顺序，因此用户可以安全放心地在键盘前输入密码，不必担心别人通过拍摄或观察人的手型等方法来获取密码，从而大大提高了密码输入的安全性，杜绝了金融领域相关的犯罪现象。     

交通稽征业务指纹认证电子报批系统

交通部门稽征业务电子报批系统中,用户身份的正确有效识别直接关系到整个系统的安全性和可靠性.传统的ID+密码认证方式容易忘记或者被非法破译,而指纹认证技术作为目前简单有效的生物识别技术,具有唯一性和不变性,使用方便、快捷、安全可靠.文中介绍了如何应用指纹认证技术来解决电子政务系统用户的有效身份识别问题,以提高系统的安全可靠性.     

网络安全与身份认证技术探究

身份认证就是证实用户真实身份与其所声称的身份是否相符,以防止非法用户通过身份欺诈访问系统资源的过程。一次性口令身份认证技术安全性高、使用方便、管理简单、成本便宜,具有广泛的应用前景。一次性口令就是在登录过程中加入不确定因素,使每次登录传送的认证信息都不相同,以提高登录过程安全性。本文设计了一个一次性口令身份认证系统,对网络结构工作流程密码算法等进行了详细论述。     

密码真是免费的吗?--RSA信息安全公司谈密码管理背后的成本问题

许多全球知名企业受客户对高安全性和加速电子商务增长的欲望所驱使,正在把强身份认证作为企业电子商务战略的核心。强认证系统与密码管理系统不一样,它为在线商务的顺利实施提供了所需的安全环境。同时,这些企业还发现了意想不到的收益,那就是强身份认证系统大大地降低了运营成本,这是因为实施身份认证的成本低于配置和持续管理免费密码所隐含的成本。     

基于Zigbee技术的液晶显示动态排序密码键盘

介绍了一种液晶显示动态排序的密码键盘,实现了数字显示位置的随机性,并结合了Zigbee技术,实现了密码键盘与上位机之间的无线传输。本系统以ATmega16单片机为中心,控制了密码键盘的显示及其无线射频模块的收发。在一定程度上防止了非法人员窃取信用卡用户密码的行为。     

Improving password security and memorability to protect personal and organizational information

Personal information and organizational information need to be protected, which requires that only authorized users gain access to the information. The most commonly used method for authenticating users who attempt to access such information is through the use of username–password combinations. However, this is a weak method of authentication because users tend to generate passwords that are easy to remember but also easy to crack. Proactive password checking, for which passwords must satisfy certain criteria, is one method for improving the security of user-generated passwords. The present study evaluated the time and number of attempts needed to generate unique passwords satisfying different restrictions for multiple accounts, as well as the login time and accuracy for recalling those passwords. Imposing password restrictions alone did not necessarily lead to more secure passwords. However, the use of a technique for which the first letter of each word of a sentence was used coupled with a requirement to insert a special character and digit yielded more secure passwords that were more memorable.     

A user authentication system using back-propagation network

Information security has been a critical issue in the field of information systems. One of the key factors in the security of a computer system is how to identify the authorization of users. Password-based user authentication is widely used to authenticate a legitimate user in the current system. In conventional password-based user authentication schemes, a system has to maintain a password table or verification table which stores the information of users IDs and passwords. Although the one-way hash functions and encryption algorithms are applied to prevent the passwords from being disclosed, the password table or verification table is still vulnerable. In order to solve this problem, in this paper, we apply the technique of back-propagation network instead of the functions of the password table and verification table. Our proposed scheme is useful in solving the security problems that occurred in systems using the password table and verification table. Furthermore, our scheme also allows each user to select a username and password of his/her choice.     

密码创建方案①

密码是计算机安全的重要组成部分,是保护用户各类账号的前线。本方案的目的在于建立一个创建强密码,保护这些密码以及更换频率的标准。内容有密码的安全性,密码保护标准,密码构造指导方针等。研究了用于个人、基于家用的机器、与工作相关的网络系统的密码方案。     

Token-based graphical password authentication

Given that phishing is an ever-increasing problem, a better authentication system is required. We propose a system that uses a graphical password deployed from a Trojan and virus-resistant embedded device. The graphical password utilizes a personal image to construct an image hash, which is provided as input into a cryptosystem that returns a password. The graphical password requires the user to select a small number of points on the image. The embedded device will then stretch these points into a long alphanumeric password. With one graphical password, the user can generate many passwords from their unique embedded device. The image hash algorithm employed by the device is demonstrated to produce random and unique 256-bit message digests and was found to be responsive to subtle changes in the underlying image. Furthermore, the device was found to generate passwords with entropy significantly larger than that of users passwords currently employed today.     

动态字典破解用户口令与安全口令选择

口令认证一直是最主要的身份认证方式。考虑到口令要满足口令策略和易记忆的要求,用户常常会将个人信息组合起来作为口令。因此,为了调查此类口令的比例,以2011年泄露的四种真实口令集为实验素材,预先设定口令的组合结构和格式,使用程序统计使用个人信息组合作为口令的比例。实验结果表明,使用姓名、电话号码、特殊日期等信息组合而成的口令比例为12.41%~25.53%。根据这一规律,提出了动态字典攻击。攻击者可以在获得用户部分个人信息后,生成具有针对性的动态字词典,并以此来破解用户口令。最后,还讨论了如何选择口令以防止攻击者通过动态字典破解用户口令。     

基于相互认证和3DES加密的智能卡远程支付系统认证方案

针对现有基于智能卡支付系统的安全方案存在密码暴露、信息泄露和身份认证等问题,提出一种新的基于相互认证和3DES加密的智能卡远程支付系统认证方案。分析基于二次剩余的支付认证方案的不足,在注册、登录、身份认证和密码更改阶段对其进行改进,避免密码暴露攻击,提高密码更改阶段的安全性,同时结合3DES加密算法对支付信息进行加密处理。性能分析表明,该方案能有效抵御多种攻击,且用户能够自由地修改密码,同时可对用户信息进行匿名保护。与现有智能卡支付认证方案相比,该方案提高了支付系统的安全性能且具有较小的计算复杂度。     

A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices

Since touch screen handheld mobile devices have become widely used, people are able to access various data and information anywhere and anytime. Most user authentication methods for these mobile devices use PIN-based (Personal Identification Number) authentication, since they do not employ a standard QWERTY keyboard for conveniently entering text-based passwords. However, PINs provide a small password space size, which is vulnerable to attacks. Many studies have employed the KDA (Keystroke Dynamic-based Authentication) system, which is based on keystroke time features to enhance the security of PIN-based authentication. Unfortunately, unlike the text-based password KDA systems in QWERTY keyboards, different keypad sizes or layouts of mobile devices affect the PIN-based KDA system utility. This paper proposes a new graphical-based password KDA system for touch screen handheld mobile devices. The graphical password enlarges the password space size and promotes the KDA utility in touch screen handheld mobile devices. In addition, this paper explores a pressure feature, which is easy to use in touch screen handheld mobile devices, and applies it in the proposed system. The experiment results show: (1) EER is 12.2% in the graphical-based password KDA proposed system. Compared with related schemes in mobile devices, this effectively promotes KDA system utility; (2) EER is reduced to 6.9% when the pressure feature is used in the proposed system. The accuracy of authenticating keystroke time and pressure features is not affected by inconsistent keypads since the graphical passwords are entered via an identical size (50 mm × 60 mm) human–computer interface for satisfying the lowest touch screen size and a GUI of this size is displayed on all mobile devices.     

Encouraging users to improve password security and memorability

Security issues in text-based password authentication are rarely caused by technical issues, but rather by the limitations of human memory, and human perceptions together with their consequential responses. This study introduces a new user-friendly guideline approach to password creation, including persuasive messages that motivate and influence users to select more secure and memorable text passwords without overburdening their memory. From a broad understanding of human factors-caused security problems, we offer a reliable solution by encouraging users to create their own formula to compose passwords. A study has been conducted to evaluate the efficiency of the proposed password guidelines. Its results suggest that the password creation methods and persuasive message provided to users convinced them to create cryptographically strong and memorable passwords. Participants were divided into two groups in the study. The participants in the experimental group who were given several password creation methods along with a persuasive message created more secure and memorable passwords than the participants in the control group who were asked to comply with the usual strict password creation rules. The study also suggests that our password creation methods are much more efficient than strict password policy rules. The security and usability evaluation of the proposed password guideline showed that simple improvements such as adding persuasive text to the usual password guidelines consisting of several password restriction rules make significant changes to the strength and memorability of passwords. The proposed password guidelines are a low-cost solution to the problem of improving the security and usability of text-based passwords.