SlideShare a Scribd company logo

Multilevel Security and Authentication System

P
paperpublications3

Abstract: In an online security, authentication plays a crucial role in shielding resources against unauthorized and illegal use of information. Authentication processes may differ from simple password based authentication system to complex, costly and computation strengthened authentication systems. In recent days, increasing security has always been an important issue since Internet and Web Development came into actuality. Text based password is not enough to counter such problems, which is also an obsolete approach now. Consequently, this demands the need for something more secure along with being more user-friendly. Therefore, we have strained to rise the security by involving a multiple level security tactic, involving Text based using Cryptography, Grid Authentication and Image Based Password. The cryptography technique is very essential for the text based password while encrypting it with the principle of substitution method like Caesar Cipher. Session passwords are also necessary for eliminating the time factor attacks such as Brute Force attack. Grid Authentication makes the system more dynamic due ever changing nature. Image based authentication makes the system more user friendly, reliable and secure.Keywords: Cryptography, Grid Authentication, Image Based Password, Shoulder Attack. Title: Multilevel Security and Authentication System Author: Pratik Anap, Sanjay Gholap, Prasad Anpat, Abhijit Bhapkar International Journal of Recent Research in Mathematics Computer Science and Information Technology ISSN 2350-1022 Paper Publications

Technology
1 of 5
Download to read offline
ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 54 Paper Publications Multilevel Security and Authentication System Pratik Anap1 , Sanjay Gholap2 , Prasad Anpat3 , Abhijit Bhapkar4 1,2,3,4 Department of Computer Engineering, SKN Sinhgad Institute of Technology and Science, Lonavala, University of Pune, India Abstract: In an online security, authentication plays a crucial role in shielding resources against unauthorized and illegal use of information. Authentication processes may differ from simple password based authentication system to complex, costly and computation strengthened authentication systems. In recent days, increasing security has always been an important issue since Internet and Web Development came into actuality. Text based password is not enough to counter such problems, which is also an obsolete approach now. Consequently, this demands the need for something more secure along with being more user-friendly. Therefore, we have strained to rise the security by involving a multiple level security tactic, involving Text based using Cryptography, Grid Authentication and Image Based Password. The cryptography technique is very essential for the text based password while encrypting it with the principle of substitution method like Caesar Cipher. Session passwords are also necessary for eliminating the time factor attacks such as Brute Force attack. Grid Authentication makes the system more dynamic due ever changing nature. Image based authentication makes the system more user friendly, reliable and secure. Keywords: Cryptography, Grid Authentication, Image Based Password, Shoulder Attack. I. INTRODUCTION In Information and Network Security, authentication is an important term for dealing with the secure and confidential information which is of prime importance. Information can be protected with the help of passwords. These days’ passwords are more than just a key. They serve several purposes. They safeguard our privacy, keeping our sensitive information sheltered. Passwords authenticate us to a machine to prove our identity-a secret key that only we should know. They also enforce non disclaimer, preventing us from later declining the legitimacy of transactions authenticated with our passwords. Our username identifies us and the password validates us. But passwords have some flaws: more than one person can possess its knowledge at one time. Moreover, there is a constant threat of losing your password to someone else with fatal intent. Password thefts can and do happen on a regular basis, so we need to protect them. Now merely using some random alphabets grouped together with special characters does not assure safety. We need something mysterious, something different along with being user friendly for our password, to make it secure. Besides being different it should also be light enough to be remembered by you and equally unbreakable to be hacked by someone else. The study describes how the system works and how it eliminates the different attacks at client side, by employing the multilevel security system. II. EXISTING SYSTEM The existing security system consists of the simple level of authentication in which the rate of attacks can be at higher level. The system consists: 1. Simple Text Based Password 2. One Time Password
ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 55 Paper Publications These are not sufficient to encounter the attacks or prevent them. Various attacks such as Shoulder Attack or Tempest Attacks may be possible in this system. To keep the information more secure we have introduced the different levels of security which would be essential to safeguard information. III. PROPOSED SYSTEM The unique and user-friendly levels in the multilevel security system are as follows:  Text Based Authentication using Cryptography and Trusted Third Party Services.  Grid Authentication  Image Based Authentication 1. Text Based Authentication using Cryptography: Security at this level has been imposed by using Text based password, which is a usual and now an anachronistic approach. For the text password to be more secure, use of Trusted Third Party can be done. Cryptography: In modern science, cryptography is the study of techniques for secure communication in presence of Trusted Third Parties. We can construct and analyse the protocols that block the unwanted access to our system in any extreme cases. Two terms in cryptography are very much popular i.e. encryption and decryption. Modern cryptography is based on the mathematical models and scientific terms in computer science. Caesar Cipher: The action of Caesar Cipher is to replace each plain letter with a different one, a fixed number of places down the alphabet. The cipher illustrated here uses a left shift of three, so that each occurrence of E in the plaintext becomes B in the cipher text. Figure 1: Caesar Cipher Technique Technology: To implement this system, here we have used .Net framework 4.0 .NET Framework is Microsoft’s comprehensive and consistent programming model for building applications that have visually stunning user experiences, seamless and secure communication, and the ability to model a range of business processes the .NET Framework 4 works side by side with older Framework versions. Applications that are based on earlier versions of the Framework will continue to run on the version targeted by default. 2. Grid Authentication: In the Grid based authentication system we have grid structure of varying matrix sizes. For authentication system we have 6X6 Grid consisting of 26 alphabets and 0-9 numbers displaying in random manner. While registration, the user is asked to provide a private key which is basically a primary keyword for the grid structure. So, the password may be varying as the grid changes every time when user authenticates in the system. The pattern will be set for password to generate every time as grid shuffles the characters. Grid based authentication is also an example of Session Based Authentication Technique. What are Session Passwords? Session passwords are passwords that are used only one time. Once the session is terminated, the session password is no longer useful. That means next time this password cannot work. For every login process, user’s input different passwords.
ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 56 Paper Publications Algorithm: Pseudo Pair Matching Algorithm Input: Row characters up to uses input and session user id Sid Output: Session string for password matching Step 1: Retrieve initial password from database of Xi user Step 2: load grid GUI with 36 characters and numbers Chars ={a,b,c,d……z},{0,1,2……..9} Step 3: Take a two characters from Sid sessionP ∑ ( ) Step 4: Read the clickthrough from grid as r [] and c [] Step 5: foreach(j:r.length) Foreach (k:c.length) If(sessionP.equals(j,k)) Session follow; Step 6: Repeat this step when Sid!=NULL. Step 7: if all sessions==Sid then Login success; Figure 2: Login Interface 3. Image Based Authentication: In the Image Based Authentication method, user is provided with the unique set of images at the time of registration. When the user selects the image, it is saved in the system as the default password for the next login session. In the image based authentication system, it doesn’t mean to have a single image as password but another methods can also be implemented for registering the user by means of pattern recognition techniques or knowledge based authentication. By use of this technique the user can be prevented from different types of attacks, making the system more user friendly and reliable. Image Based Authentication is performed by using the visual data to indicate that the data is not forgery, it should be ensured that the visual quality of the data is not damaged. At the same time the techniques must indicate the malicious modifications which include removal or insertion of certain frames, change of faces of some individuals, time and background.
ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 57 Paper Publications IV. SECURITY ANALYSIS As the interface changes every time, the session password changes. This technique is resistant to shoulder surfing. Due to dynamic passwords, dictionary attack is not applicable. Hidden camera attacks are not applicable to PDAs because it is difficult to capture the interface in the PDAs. Dictionary Attack: These are attacks directed towards textual passwords. Here in this attack, hacker uses the set of dictionary words and authenticate by trying one word after one. The Dictionary attacks fails towards our authentication systems because session passwords are used for every login. Shoulder Surfing: These techniques are Shoulder Surfing Resistant. In the text based authentication, resistance is provided by the fact that secret pass created during registration phase remains hidden so the user only knows the real key which is to be entered at the time of login session. Even if the other person views the password, it will not be the original password, as it is incremented or decremented during registration. Guessing: Guessing can’t be a threat to the grid based authentication because it is hard to guess secret pass and it is unknown. When the user enters grid password it is remembered on the specific pattern. As each time grid changes, the password key also changes, hence guessing is also prevented in this security system. Brute force attack: These techniques are particularly resistant to brute force due to use of the session passwords. The use of these will take out the traditional brute force attack out of the possibility. Complexity: The Complexity for Pair-Based Authentication Scheme is to be carried over the secret pass. For a secret pass of length 8, the complexity is 368. V. ADVANTAGES 1. The cyber-attacks such as Shoulder Surfing can be prevented by the use of Cryptography in Text Based Authentication. 2. The use of Trusted Third Party Services is more secure method than having the One Time Password in the Authentication System. 3. Use of Session Password makes it more valuable by means of Security prevents from attacks such as Guessing or Dictionary attacks. 4. Image Based Authentication makes the entire security system more user friendly. 5. Various levels of Secure Authentication Techniques make the system more reliable. VI. CONCLUSION The Multilevel Security and Authentication System makes it highly secure along with being more user friendly. This system will definitely help thwarting Shoulder attack, Tempest attack and Brute-force attack at the client side. It is somewhat a time consuming approach, as the user has to traverse through the multiple levels of security. Grid Passwords make the system more secure by the introduction of session passwords. Therefore, this system cannot be a suitable solution for general security purposes, where time complexity will be an issue. But will definitely be a boon in areas where high security is the main issue, and time complexity is secondary, as an example we can take the case of a firm where this system will be available only to some higher designation holding people, who need to store and maintain their critical and confidential data secure. VII. FUTURE ENHANCEMENTS In future, different security levels can be supplementary to the existing levels to increase the performance and security. More features can be added to make our system customizable and user friendly. Various new attacks are being generated time to time, so the Multilevel Security and Authentication System can prove a major encounter by introducing the newer techniques to safeguard the information.
ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 58 Paper Publications REFERENCES [1] Jean Bacon, David Eyers, Thomas F. J.-M. Pasquier, Jatinder Singh, Ioannis Papagiannis, and Peter Pietzuch. “Grid Based Authentication System”, IEEE Transactions on Security and Service Management, Vol. 11, No. 1, March 2014. [2] Surabhi Anand, Priya Jain, Nitin and Ravi Rastogi, “Security Analysis and Implementation of 3-Level Security System Using Image Based Authentication”, 14th International Conference on Modelling and Simulation, 2012. [3] Sonia Chiasson, Elizabeth Stobert, A. Forget, R. Biddle, P.C van Oorschot. “Persuasive Cued Click Points: Design, Implementation and Evaluation of Knowledge-Based Authentication Mechanism”. IEEE Transactions on Dependable and Secure Computing. Vol. 9 No. 2; 2012. [4] S. Singh, G. Agarwal. International Journal of Computer Applications (0975-8887). Vol. 12. No. 9; 2011. [5] www.wikipedia.org/wiki/Caesar_cipher.

Recommended

An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication
IJMER
 
J0704055058
J0704055058J0704055058
J0704055058
IJERD Editor
 
Communication security
Communication securityCommunication security
Communication security
Sotheavy Nhoung
 
3d authentication system
3d authentication system3d authentication system
3d authentication system
Richa Agarwal
 
A survey on encryption algorithms for data security
A survey on encryption algorithms for data securityA survey on encryption algorithms for data security
A survey on encryption algorithms for data security
eSAT Journals
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networks
eSAT Publishing House
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile System
Editor IJCATR
 
Privacy Enhanced Online Payment System
Privacy Enhanced Online Payment SystemPrivacy Enhanced Online Payment System
Privacy Enhanced Online Payment System
Editor IJMTER
 

Recommended

An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication
IJMER
 
J0704055058
J0704055058J0704055058
J0704055058
IJERD Editor
 
Communication security
Communication securityCommunication security
Communication security
Sotheavy Nhoung
 
3d authentication system
3d authentication system3d authentication system
3d authentication system
Richa Agarwal
 
A survey on encryption algorithms for data security
A survey on encryption algorithms for data securityA survey on encryption algorithms for data security
A survey on encryption algorithms for data security
eSAT Journals
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networks
eSAT Publishing House
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile System
Editor IJCATR
 
Privacy Enhanced Online Payment System
Privacy Enhanced Online Payment SystemPrivacy Enhanced Online Payment System
Privacy Enhanced Online Payment System
Editor IJMTER
 
Security for Hard AI Problems Using CaRP Authentication
Security for Hard AI Problems Using CaRP AuthenticationSecurity for Hard AI Problems Using CaRP Authentication
Security for Hard AI Problems Using CaRP Authentication
paperpublications3
 
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
IJERA Editor
 
Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)
Jayanth Dwijesh H P
 
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Fego Ogwara
 
Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...
eSAT Publishing House
 
An improvement to trust based cross layer security protocol against sybil att...
An improvement to trust based cross layer security protocol against sybil att...An improvement to trust based cross layer security protocol against sybil att...
An improvement to trust based cross layer security protocol against sybil att...
Alexander Decker
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriya
janapriyanaidu
 
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
IJERA Editor
 
Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.
Jayanth Dwijesh H P
 
Effectiveness of various user authentication techniques
Effectiveness of various user authentication techniquesEffectiveness of various user authentication techniques
Effectiveness of various user authentication techniques
IAEME Publication
 
Ijcnc050205
Ijcnc050205Ijcnc050205
Ijcnc050205
IJCNCJournal
 
Graphical password authentication using Pass faces
Graphical password authentication using Pass facesGraphical password authentication using Pass faces
Graphical password authentication using Pass faces
IJERA Editor
 
A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...
A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...
A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...
Akhil Kumar Pappula
 
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesVTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
Jayanth Dwijesh H P
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1
Swagato Dey
 
CryptoQR System based on RSA
CryptoQR System based on RSACryptoQR System based on RSA
CryptoQR System based on RSA
IJCSIS Research Publications
 
CNS Solution
CNS SolutionCNS Solution
CNS Solution
Nitin Kanzariya
 
3D Password
3D Password3D Password
3D Password
Shubham Rungta
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing
Adz91 Digital Ads Pvt Ltd
 
Literature Survey: Secure transmitting of data using RSA public key implement...
Literature Survey: Secure transmitting of data using RSA public key implement...Literature Survey: Secure transmitting of data using RSA public key implement...
Literature Survey: Secure transmitting of data using RSA public key implement...
Editor IJCATR
 
A Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart PhonesA Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart Phones
IJERA Editor
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
IJNSA Journal
 

More Related Content

What's hot

Security for Hard AI Problems Using CaRP Authentication
Security for Hard AI Problems Using CaRP AuthenticationSecurity for Hard AI Problems Using CaRP Authentication
Security for Hard AI Problems Using CaRP Authentication
paperpublications3
 
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
IJERA Editor
 
Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)
Jayanth Dwijesh H P
 
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Fego Ogwara
 
Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...
eSAT Publishing House
 
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
IJERA Editor
 
Graphical password authentication using Pass faces
Graphical password authentication using Pass facesGraphical password authentication using Pass faces
Graphical password authentication using Pass faces
IJERA Editor
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1
Swagato Dey
 
CryptoQR System based on RSA
CryptoQR System based on RSACryptoQR System based on RSA
CryptoQR System based on RSA
IJCSIS Research Publications
 
Literature Survey: Secure transmitting of data using RSA public key implement...
Literature Survey: Secure transmitting of data using RSA public key implement...Literature Survey: Secure transmitting of data using RSA public key implement...
Literature Survey: Secure transmitting of data using RSA public key implement...
Editor IJCATR
 

What's hot (20)

Security for Hard AI Problems Using CaRP Authentication
Security for Hard AI Problems Using CaRP AuthenticationSecurity for Hard AI Problems Using CaRP Authentication
Security for Hard AI Problems Using CaRP Authentication
 
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
 
Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)Network and cyber security module(15ec835, 17ec835)
Network and cyber security module(15ec835, 17ec835)
 
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...
 
Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...
 
An improvement to trust based cross layer security protocol against sybil att...
An improvement to trust based cross layer security protocol against sybil att...An improvement to trust based cross layer security protocol against sybil att...
An improvement to trust based cross layer security protocol against sybil att...
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriya
 
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
 
Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.Vtu network security(10 ec832) unit 5 notes.
Vtu network security(10 ec832) unit 5 notes.
 
Effectiveness of various user authentication techniques
Effectiveness of various user authentication techniquesEffectiveness of various user authentication techniques
Effectiveness of various user authentication techniques
 
Ijcnc050205
Ijcnc050205Ijcnc050205
Ijcnc050205
 
Graphical password authentication using Pass faces
Graphical password authentication using Pass facesGraphical password authentication using Pass faces
Graphical password authentication using Pass faces
 
A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...
A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...
A NETWORK CODING AND DES BASED DYNAMIC ENCRYPTION SCHEME FOR MOVING TARGET DE...
 
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesVTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1
 
CryptoQR System based on RSA
CryptoQR System based on RSACryptoQR System based on RSA
CryptoQR System based on RSA
 
CNS Solution
CNS SolutionCNS Solution
CNS Solution
 
3D Password
3D Password3D Password
3D Password
 
Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing Efficient authentication for mobile and pervasive computing
Efficient authentication for mobile and pervasive computing
 
Literature Survey: Secure transmitting of data using RSA public key implement...
Literature Survey: Secure transmitting of data using RSA public key implement...Literature Survey: Secure transmitting of data using RSA public key implement...
Literature Survey: Secure transmitting of data using RSA public key implement...
 

Similar to Multilevel Security and Authentication System

A Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart PhonesA Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart Phones
IJERA Editor
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
IJNSA Journal
 
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Editor IJMTER
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
IJSRD
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
IJSRD
 
Three Step Multifactor Authentication Systems for Modern Security
Three Step Multifactor Authentication Systems for Modern SecurityThree Step Multifactor Authentication Systems for Modern Security
Three Step Multifactor Authentication Systems for Modern Security
ijtsrd
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
IJCST - ESRG Journals
 
Engineering Project of Venkata Krishna
Engineering Project of Venkata KrishnaEngineering Project of Venkata Krishna
Engineering Project of Venkata Krishna
banda5630
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing
Alexander Decker
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing
Alexander Decker
 
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
ADEIJ Journal
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
IJSRD
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
IJSRD
 

Similar to Multilevel Security and Authentication System (20)

A Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart PhonesA Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart Phones
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
 
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
 
IRJET- Password Management Kit for Secure Authentication
IRJET- Password Management Kit for Secure AuthenticationIRJET- Password Management Kit for Secure Authentication
IRJET- Password Management Kit for Secure Authentication
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
 
Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...
 
Three Step Multifactor Authentication Systems for Modern Security
Three Step Multifactor Authentication Systems for Modern SecurityThree Step Multifactor Authentication Systems for Modern Security
Three Step Multifactor Authentication Systems for Modern Security
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
 
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
 
Engineering Project of Venkata Krishna
Engineering Project of Venkata KrishnaEngineering Project of Venkata Krishna
Engineering Project of Venkata Krishna
 
SQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed ApplicationsSQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed Applications
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
 
Single sign on mechanism for distributed computing
Single sign on mechanism for distributed computingSingle sign on mechanism for distributed computing
Single sign on mechanism for distributed computing
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
 
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyGraphical Based Password for Android Phones using Keystroke Dynamics - A Survey
Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey
 

Recently uploaded

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Multilevel Security and Authentication System

  • 1. ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 54 Paper Publications Multilevel Security and Authentication System Pratik Anap1 , Sanjay Gholap2 , Prasad Anpat3 , Abhijit Bhapkar4 1,2,3,4 Department of Computer Engineering, SKN Sinhgad Institute of Technology and Science, Lonavala, University of Pune, India Abstract: In an online security, authentication plays a crucial role in shielding resources against unauthorized and illegal use of information. Authentication processes may differ from simple password based authentication system to complex, costly and computation strengthened authentication systems. In recent days, increasing security has always been an important issue since Internet and Web Development came into actuality. Text based password is not enough to counter such problems, which is also an obsolete approach now. Consequently, this demands the need for something more secure along with being more user-friendly. Therefore, we have strained to rise the security by involving a multiple level security tactic, involving Text based using Cryptography, Grid Authentication and Image Based Password. The cryptography technique is very essential for the text based password while encrypting it with the principle of substitution method like Caesar Cipher. Session passwords are also necessary for eliminating the time factor attacks such as Brute Force attack. Grid Authentication makes the system more dynamic due ever changing nature. Image based authentication makes the system more user friendly, reliable and secure. Keywords: Cryptography, Grid Authentication, Image Based Password, Shoulder Attack. I. INTRODUCTION In Information and Network Security, authentication is an important term for dealing with the secure and confidential information which is of prime importance. Information can be protected with the help of passwords. These days’ passwords are more than just a key. They serve several purposes. They safeguard our privacy, keeping our sensitive information sheltered. Passwords authenticate us to a machine to prove our identity-a secret key that only we should know. They also enforce non disclaimer, preventing us from later declining the legitimacy of transactions authenticated with our passwords. Our username identifies us and the password validates us. But passwords have some flaws: more than one person can possess its knowledge at one time. Moreover, there is a constant threat of losing your password to someone else with fatal intent. Password thefts can and do happen on a regular basis, so we need to protect them. Now merely using some random alphabets grouped together with special characters does not assure safety. We need something mysterious, something different along with being user friendly for our password, to make it secure. Besides being different it should also be light enough to be remembered by you and equally unbreakable to be hacked by someone else. The study describes how the system works and how it eliminates the different attacks at client side, by employing the multilevel security system. II. EXISTING SYSTEM The existing security system consists of the simple level of authentication in which the rate of attacks can be at higher level. The system consists: 1. Simple Text Based Password 2. One Time Password
  • 2. ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 55 Paper Publications These are not sufficient to encounter the attacks or prevent them. Various attacks such as Shoulder Attack or Tempest Attacks may be possible in this system. To keep the information more secure we have introduced the different levels of security which would be essential to safeguard information. III. PROPOSED SYSTEM The unique and user-friendly levels in the multilevel security system are as follows:  Text Based Authentication using Cryptography and Trusted Third Party Services.  Grid Authentication  Image Based Authentication 1. Text Based Authentication using Cryptography: Security at this level has been imposed by using Text based password, which is a usual and now an anachronistic approach. For the text password to be more secure, use of Trusted Third Party can be done. Cryptography: In modern science, cryptography is the study of techniques for secure communication in presence of Trusted Third Parties. We can construct and analyse the protocols that block the unwanted access to our system in any extreme cases. Two terms in cryptography are very much popular i.e. encryption and decryption. Modern cryptography is based on the mathematical models and scientific terms in computer science. Caesar Cipher: The action of Caesar Cipher is to replace each plain letter with a different one, a fixed number of places down the alphabet. The cipher illustrated here uses a left shift of three, so that each occurrence of E in the plaintext becomes B in the cipher text. Figure 1: Caesar Cipher Technique Technology: To implement this system, here we have used .Net framework 4.0 .NET Framework is Microsoft’s comprehensive and consistent programming model for building applications that have visually stunning user experiences, seamless and secure communication, and the ability to model a range of business processes the .NET Framework 4 works side by side with older Framework versions. Applications that are based on earlier versions of the Framework will continue to run on the version targeted by default. 2. Grid Authentication: In the Grid based authentication system we have grid structure of varying matrix sizes. For authentication system we have 6X6 Grid consisting of 26 alphabets and 0-9 numbers displaying in random manner. While registration, the user is asked to provide a private key which is basically a primary keyword for the grid structure. So, the password may be varying as the grid changes every time when user authenticates in the system. The pattern will be set for password to generate every time as grid shuffles the characters. Grid based authentication is also an example of Session Based Authentication Technique. What are Session Passwords? Session passwords are passwords that are used only one time. Once the session is terminated, the session password is no longer useful. That means next time this password cannot work. For every login process, user’s input different passwords.
  • 3. ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 56 Paper Publications Algorithm: Pseudo Pair Matching Algorithm Input: Row characters up to uses input and session user id Sid Output: Session string for password matching Step 1: Retrieve initial password from database of Xi user Step 2: load grid GUI with 36 characters and numbers Chars ={a,b,c,d……z},{0,1,2……..9} Step 3: Take a two characters from Sid sessionP ∑ ( ) Step 4: Read the clickthrough from grid as r [] and c [] Step 5: foreach(j:r.length) Foreach (k:c.length) If(sessionP.equals(j,k)) Session follow; Step 6: Repeat this step when Sid!=NULL. Step 7: if all sessions==Sid then Login success; Figure 2: Login Interface 3. Image Based Authentication: In the Image Based Authentication method, user is provided with the unique set of images at the time of registration. When the user selects the image, it is saved in the system as the default password for the next login session. In the image based authentication system, it doesn’t mean to have a single image as password but another methods can also be implemented for registering the user by means of pattern recognition techniques or knowledge based authentication. By use of this technique the user can be prevented from different types of attacks, making the system more user friendly and reliable. Image Based Authentication is performed by using the visual data to indicate that the data is not forgery, it should be ensured that the visual quality of the data is not damaged. At the same time the techniques must indicate the malicious modifications which include removal or insertion of certain frames, change of faces of some individuals, time and background.
  • 4. ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 57 Paper Publications IV. SECURITY ANALYSIS As the interface changes every time, the session password changes. This technique is resistant to shoulder surfing. Due to dynamic passwords, dictionary attack is not applicable. Hidden camera attacks are not applicable to PDAs because it is difficult to capture the interface in the PDAs. Dictionary Attack: These are attacks directed towards textual passwords. Here in this attack, hacker uses the set of dictionary words and authenticate by trying one word after one. The Dictionary attacks fails towards our authentication systems because session passwords are used for every login. Shoulder Surfing: These techniques are Shoulder Surfing Resistant. In the text based authentication, resistance is provided by the fact that secret pass created during registration phase remains hidden so the user only knows the real key which is to be entered at the time of login session. Even if the other person views the password, it will not be the original password, as it is incremented or decremented during registration. Guessing: Guessing can’t be a threat to the grid based authentication because it is hard to guess secret pass and it is unknown. When the user enters grid password it is remembered on the specific pattern. As each time grid changes, the password key also changes, hence guessing is also prevented in this security system. Brute force attack: These techniques are particularly resistant to brute force due to use of the session passwords. The use of these will take out the traditional brute force attack out of the possibility. Complexity: The Complexity for Pair-Based Authentication Scheme is to be carried over the secret pass. For a secret pass of length 8, the complexity is 368. V. ADVANTAGES 1. The cyber-attacks such as Shoulder Surfing can be prevented by the use of Cryptography in Text Based Authentication. 2. The use of Trusted Third Party Services is more secure method than having the One Time Password in the Authentication System. 3. Use of Session Password makes it more valuable by means of Security prevents from attacks such as Guessing or Dictionary attacks. 4. Image Based Authentication makes the entire security system more user friendly. 5. Various levels of Secure Authentication Techniques make the system more reliable. VI. CONCLUSION The Multilevel Security and Authentication System makes it highly secure along with being more user friendly. This system will definitely help thwarting Shoulder attack, Tempest attack and Brute-force attack at the client side. It is somewhat a time consuming approach, as the user has to traverse through the multiple levels of security. Grid Passwords make the system more secure by the introduction of session passwords. Therefore, this system cannot be a suitable solution for general security purposes, where time complexity will be an issue. But will definitely be a boon in areas where high security is the main issue, and time complexity is secondary, as an example we can take the case of a firm where this system will be available only to some higher designation holding people, who need to store and maintain their critical and confidential data secure. VII. FUTURE ENHANCEMENTS In future, different security levels can be supplementary to the existing levels to increase the performance and security. More features can be added to make our system customizable and user friendly. Various new attacks are being generated time to time, so the Multilevel Security and Authentication System can prove a major encounter by introducing the newer techniques to safeguard the information.
  • 5. ISSN 2350-1022 International Journal of Recent Research in Mathematics Computer Science and Information Technology Vol. 1, Issue 2, pp: (54-58), Month: October 2014 - March 2015, Available at: www.paperpublications.org Page | 58 Paper Publications REFERENCES [1] Jean Bacon, David Eyers, Thomas F. J.-M. Pasquier, Jatinder Singh, Ioannis Papagiannis, and Peter Pietzuch. “Grid Based Authentication System”, IEEE Transactions on Security and Service Management, Vol. 11, No. 1, March 2014. [2] Surabhi Anand, Priya Jain, Nitin and Ravi Rastogi, “Security Analysis and Implementation of 3-Level Security System Using Image Based Authentication”, 14th International Conference on Modelling and Simulation, 2012. [3] Sonia Chiasson, Elizabeth Stobert, A. Forget, R. Biddle, P.C van Oorschot. “Persuasive Cued Click Points: Design, Implementation and Evaluation of Knowledge-Based Authentication Mechanism”. IEEE Transactions on Dependable and Secure Computing. Vol. 9 No. 2; 2012. [4] S. Singh, G. Agarwal. International Journal of Computer Applications (0975-8887). Vol. 12. No. 9; 2011. [5] www.wikipedia.org/wiki/Caesar_cipher.