Graphical Based Authentication (S3PAS)

•Download as PPTX, PDF•

0 likes•46 views

Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme (S3PAS). S3PAS seamlessly integrates both graphical and textual password schemes and provides nearly perfect resistant to shoulder-surfing, hidden-camera and spyware attacks.

Software

Graphical Based Authentication using
S3PAS
Team Members:
Ketan Patil
Suyog Patil
Saurabh Sawant
Anmol Bhole
Department of Computer Engineering
Terna Engineering College
2015-16

Contents
 Aim and objective of project.
 Proposed system and it’s advantages.
 What is S3PAS
 System architecture
 Application

Abstract
• Users tend to pick short passwords or passwords that are easy to
remember.
• Graphical password schemes have been proposed as a possible
alternative to text-based scheme. However, they are mostly vulnerable
to shoulder surfing.
• Scalable Shoulder-Surfing Resistant Textual-Graphical Password
Authentication Scheme (S3PAS) seamlessly integrates both graphical
and textual password schemes and provides nearly perfect resistant to
shoulder-surfing.

Aim and Objective of the project
 Aim of the project
To increase security level in authentication of user, using
Textual Graphical password.
 Objectives
◦ Developing Central server
◦ Textual – Graphical authentication module.
◦ Database interface

Existing system Disadvantages.
•Shoulder surfing attacks.
•Hidden camera and spyware attacks.
•Brute-force attacks.
•Phishing attacks.

Proposed System
 S3PAS seamlessly integrates both graphical and textual
password schemes.
 we will describe a simple and efficient shoulder surfing resistant
graphical password scheme based on texts. The alphabet used in
the propose scheme contains 64 characters, including 26 upper
case letters, 26 lower case letters, 10 decimal digits, and symbols
“.” and “/”.

Proposed System Advantages
 Shoulder surfing resistance.
 Flexibility: It can be easily integrated with other
authentication systems.
 The system is easy to learn for users.
 Without using any physical keyboard or on-screen
keyboard user login into system.

WHAT IS A S3PAS?
 S3PAS is designed to be used in client/server environments as
most password authentication systems. Note that, the S3PAS
system generates the login image locally and transmits the
image specification (e.g., the coordinates of every character or
icon in the image) instead of the entire image pixel-by-pixel
from clients to servers, which greatly reduces communication
overheads and authentication time.
 Textual – Graphical Password.

Client–server model
 A distributed application that partitions tasks or workloads between
the providers of a resource or service, called servers, and service
requesters, called clients.
 A server machine is a host that is running one or more server
programs which share their resources with clients.
 A client does not share any of its resources, but requests a server's
content or service function.

System Architecture Diagram
2nd S3PAS authentication
Server
1st stage username &
password
User
Database
User Inputs
Data collection
Proceed to Site

Applications
 To secure sensitive data and records of a business organization.
 In military for providing security to the data.
 Online banking security.

Conclusion
 S3PAS demonstrates desirable features of a secure authentication
system being immune to shoulder-surfing, hidden-camera, and
spyware attacks.
 S3PAS is scalable in that it seamlessly matches the conventional
text-based passwords and can accommodate various lengths of
textual passwords.

Similar to Graphical Based Authentication (S3PAS)

Efficient Securing System Using Graphical Captcha

Sankar Anand

Fine grained two-factor access control for cloud

allan sam

A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...

IRJET Journal

Cloud Computing intends a trend in computing model arises many security issues in all levels such as: network, application, data and host. These models put up different challenges in security Depending on consumers, models QOS(quality of service) requirements. Privacy, authentication, secre-cy are main concern for both consumers and cloud providers. IaaS serves as base for other models, if the security in this model is uncertain; it will affect the other models too. This paper delivers a examine the countermeasures and exposures. As a research we project security Assessment and improvement in Iaas layer.

Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...

IJIR JOURNALS IJIRUSA

Predix

Sandeep Shabd

website phishing by NR

NARESH GUMMAGUTTA

In attribute based encryption (ABE) scheme, attributes plays a very important role. Attribute –based encryption provides privacy protection for the users by a set of attributes. Now a days as cloud is most widely used in mostly all fields so there is need of keeping data more secure and confidential which is outsourced on the cloud. Security of the data in cloud database server is the key area of concern in the acceptance of cloud. It is required very high degree of privacy and authentication. In existing system used hierarchical authorization structure to reduce the burden and risk of a single authority .this paper proposes a hierarchical attribute based encryption which directly provides attribute value by user as well as data stored in different types of media.

survey paper on cp abe cloud computing

INFOGAIN PUBLICATION

International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.

El35782786

IJERA Editor

Secerno SQLagile datasheet

Paul Tompsett

E-Business And Technology Essay

Pamela Wright

IRJET- Data Centric Access Control Solution with Role baesd Proxy Re-Encryption

IRJET Journal

THE SURVEY ON REFERENCE MODEL FOR OPEN STORAGE SYSTEMS INTERCONNECTION MASS S...

IRJET Journal

BPEL is the de-facto standard for business process modeling in today\\\'s enterprises and is a promising candidate for the integration of business and Grid applications. While BPEL works well for traditional web services, it has a number of drawbacks with respect to the more complex world of WSRF-based Grid computing, especially where security is concerned. In this paper, a solution that extends the BPEL security approach to encompass secure Grid application interactions is presented. The proposed approach is capable of handling both web service and Grid service resources and their corresponding security mechanisms. The BPEL language is extended by security-related settings. An implementation of a GSI-compliant BPEL engine that can also manage the lifetime of proxy certificates is presented.

Composition and Execution of Secure Workflows in WSRF-Grids, IEEE CCGrid 2008...

Dr. Tim Dörnemann

RESUME_NEHA _SELENIUM

Neha Samal

Cloud Computing is going to be very popular technology in IT enterprises. For any enterprise the data stored is very huge and invaluable. Since all tasks are performed through network it has become vital to have the secured use of legitimate data. In cloud computing the most important matter of concern are data security and privacy along with flexibility, scalability and fine grained access control of data being the other requirements to be maintained by cloud systems Access control is one of the prominent research topics and hence various schemes have been proposed and implemented. But most of them do not provide flexibility, scalability and fine grained access control of the data on the cloud. In order to address the issues of flexibility, scalability and fine grained access control of remotely stored data on cloud we have proposed the hierarchical attribute set-based encryption (HASBE) which is the extension of attribute- set-based encryption(ASBE) with a hierarchical structure of users. The proposed scheme achieves scalability by handling the authority to appropriate entity in the hierarchical structure, inherits flexibility by allowing easy transfer and access to the data in case of location switch. It provides fine grained access control of data by showing only the requested and authorized details to the user thus improving the performance of the system. In addition, it provides efficient user revocation within expiration time, request to view extra-attributes and privacy in the intra-level hierarchy is achieved. Thus the scheme is implemented to show that is efficient in access control of data as well as security of data stored on cloud with comprehensive experiments

A Secure, Scalable, Flexible and Fine-Grained Access Control Using Hierarchic...

Editor IJCATR

Flaw less coding and authentication of user data using multiple clouds

IRJET Journal

Ibrahim_Al-amri_CV

Alamer Omani

Introduction to AWS X-Ray

Amazon Web Services

JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...

chennaijp

A scalable server architecture for mobile presence services in social network...

IEEEFINALYEARPROJECTS

Similar to Graphical Based Authentication (S3PAS) (20)

Efficient Securing System Using Graphical Captcha

Fine grained two-factor access control for cloud

A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...

Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...

Predix

website phishing by NR

survey paper on cp abe cloud computing

El35782786

Secerno SQLagile datasheet

E-Business And Technology Essay

IRJET- Data Centric Access Control Solution with Role baesd Proxy Re-Encryption

THE SURVEY ON REFERENCE MODEL FOR OPEN STORAGE SYSTEMS INTERCONNECTION MASS S...

Composition and Execution of Secure Workflows in WSRF-Grids, IEEE CCGrid 2008...

RESUME_NEHA _SELENIUM

A Secure, Scalable, Flexible and Fine-Grained Access Control Using Hierarchic...

Flaw less coding and authentication of user data using multiple clouds

Ibrahim_Al-amri_CV

Introduction to AWS X-Ray

JPJ1407 Expressive, Efficient, and Revocable Data Access Control for Multi-...

A scalable server architecture for mobile presence services in social network...

Recently uploaded

BoxLang: Review our Visionary Licenses of 2024

Ortus Solutions, Corp

The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month. The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies. However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News. Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!

SOCRadar Research Team: Latest Activities of IntelBroker

SOCRadar

2024 RoOUG Security model for the cloud.pptx

Georgi Kodinov

Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.

Enhancing Research Orchestration Capabilities at ORNL.pdf

Globus

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

kalichargn70th171

Large Language Models and the End of Programming

Matt Welsh

Agnieszka Andrzejewska - BIM School Course in Kraków

bim.edu.pl

Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.

How to Position Your Globus Data Portal for Success Ten Good Practices

Globus

Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.

How Recreation Management Software Can Streamline Your Operations.pptx

wottaspaceseo

Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.

Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...

Globus

GlobusWorld 2024 Opening Keynote session

Globus

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

rajkumar669520

This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.

top nidhi software solution freedownload

vrstrong314

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

Abortion Clinic

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2

Into the Box 2024 - Keynote Day 2 Slides.pdf

Ortus Solutions, Corp

Key takeaways: Challenges of building platforms and the benefits of platformless. Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience. How Choreo enables the platformless experience. How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo. Demo of an end-to-end app built and deployed on Choreo.

Accelerate Enterprise Software Engineering with Platformless

WSO2

NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?

Understanding Globus Data Transfers with NetSage

Globus

In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.

First Steps with Globus Compute Multi-User Endpoints

Globus

COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.

Developing Distributed High-performance Computing Capabilities of an Open Sci...

Globus

Recently uploaded (20)

BoxLang: Review our Visionary Licenses of 2024

SOCRadar Research Team: Latest Activities of IntelBroker

2024 RoOUG Security model for the cloud.pptx

Enhancing Research Orchestration Capabilities at ORNL.pdf

A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf

Large Language Models and the End of Programming

Agnieszka Andrzejewska - BIM School Course in Kraków

How to Position Your Globus Data Portal for Success Ten Good Practices

How Recreation Management Software Can Streamline Your Operations.pptx

Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...

GlobusWorld 2024 Opening Keynote session

Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...

top nidhi software solution freedownload

Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

Into the Box 2024 - Keynote Day 2 Slides.pdf

Accelerate Enterprise Software Engineering with Platformless

Understanding Globus Data Transfers with NetSage

First Steps with Globus Compute Multi-User Endpoints

Developing Distributed High-performance Computing Capabilities of an Open Sci...

Graphical Based Authentication (S3PAS)

1. Graphical Based Authentication using S3PAS Team Members: Ketan Patil Suyog Patil Saurabh Sawant Anmol Bhole Department of Computer Engineering Terna Engineering College 2015-16

2. Contents  Aim and objective of project.  Proposed system and it’s advantages.  What is S3PAS  System architecture  Application

3. Abstract • Users tend to pick short passwords or passwords that are easy to remember. • Graphical password schemes have been proposed as a possible alternative to text-based scheme. However, they are mostly vulnerable to shoulder surfing. • Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme (S3PAS) seamlessly integrates both graphical and textual password schemes and provides nearly perfect resistant to shoulder-surfing.

4. Aim and Objective of the project  Aim of the project To increase security level in authentication of user, using Textual Graphical password.  Objectives ◦ Developing Central server ◦ Textual – Graphical authentication module. ◦ Database interface

5. Existing system Disadvantages. •Shoulder surfing attacks. •Hidden camera and spyware attacks. •Brute-force attacks. •Phishing attacks.

6. Proposed System  S3PAS seamlessly integrates both graphical and textual password schemes.  we will describe a simple and efficient shoulder surfing resistant graphical password scheme based on texts. The alphabet used in the propose scheme contains 64 characters, including 26 upper case letters, 26 lower case letters, 10 decimal digits, and symbols “.” and “/”.

7. Proposed System Advantages  Shoulder surfing resistance.  Flexibility: It can be easily integrated with other authentication systems.  The system is easy to learn for users.  Without using any physical keyboard or on-screen keyboard user login into system.

8. WHAT IS A S3PAS?  S3PAS is designed to be used in client/server environments as most password authentication systems. Note that, the S3PAS system generates the login image locally and transmits the image specification (e.g., the coordinates of every character or icon in the image) instead of the entire image pixel-by-pixel from clients to servers, which greatly reduces communication overheads and authentication time.  Textual – Graphical Password.

9. Client–server model  A distributed application that partitions tasks or workloads between the providers of a resource or service, called servers, and service requesters, called clients.  A server machine is a host that is running one or more server programs which share their resources with clients.  A client does not share any of its resources, but requests a server's content or service function.

10. System Architecture Diagram 2nd S3PAS authentication Server 1st stage username & password User Database User Inputs Data collection Proceed to Site

11. Applications  To secure sensitive data and records of a business organization.  In military for providing security to the data.  Online banking security.

12. Conclusion  S3PAS demonstrates desirable features of a secure authentication system being immune to shoulder-surfing, hidden-camera, and spyware attacks.  S3PAS is scalable in that it seamlessly matches the conventional text-based passwords and can accommodate various lengths of textual passwords.

13. Thank You

Graphical Based Authentication (S3PAS)

Recommended

Recommended

More Related Content

Similar to Graphical Based Authentication (S3PAS)

Similar to Graphical Based Authentication (S3PAS) (20)

Recently uploaded

Recently uploaded (20)

Graphical Based Authentication (S3PAS)