Abstract Existing systems of authentication are plagued by many weaknesses. As a high speed cloud infrastructure is being developed and people are informationized, the sensitive data are also engaged in cloud feild. However, the existing cloud sensitive file upload and download on cloud was exposed to the danger of hacking. Recently, the personal information has been leaked by a high degree method such as Phishing or Pharming beyond snatching a user ID and Password. Seeing that most of examples which happened in the file uploading and downloading were caused by the appropriation of ID or Password belonging to others, a safe user confirmation system gets much more essential. In this paper, we propose a new authentication system file uploading and downloading on cloud using HADOOP technique. In HADOOP technique there are 3 technique but we can use HDFS (Hadoop Distributed File System).This authentication system is a combination of a three authentication system i.e. Secure3 in that 1)Textual,2)Chessboard,3)QR-code Authentication. In Textual authentication normal authentication is required to login .i.e username and password. In chessboard authentication user plays a steps of a chessboard and select that steps as authentication. In QR-code used Mobile OTP with the combination of QR-code which is a variant of the 2D barcode. we also include a priority of a sensitive data in that low priority sensitive data have only a Textual authentication system. Medium priority sensitive data have Textual +chessboard authentication system. High priority sensitive data have Textual +chessboard +QR-code authentication system. Keywords: OTP(one Time Password),QR(Quick-Response),CBS(Chess Board System),HDFS (Hadoop Distributed File System),IMEI(International Mobile Center Equipment Identity),AES(Advanced Encryption Standard).
An Enhanced Security System for Web Authentication IJMER
Web authentication has low security in these days. Todays, For Authentication purpose,
Textual passwords are commonly used; however, users do not follow their requirements. Users tend to
choose meaningful words from dictionaries, which make textual passwords easy tobreak and vulnerable
to dictionary or brute force attacks. Also, Textual passwords can be identified by 3rd
party software’s.
Many available graphicalpasswords have a password space that is less than or equal to the textual
passwordspace. Smart cards or tokens can be stolen.There are so many biometric authentications have
been proposed; however, users tend to resistusing biometrics because of their intrusiveness and the effect
on their privacy. Moreover,biometrics cannot be evoked.In this paper, we present and evaluate our
contribution,i.e., the OTP and 3-D password. A one-time password (OTP) is a password that isvalid for
only one login session or transaction. OTPs avoid a number of shortcomingsthat are associated with
traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in
contrast to static passwords, they are not vulnerable to replay attacks. It means that a potential intruder
who manages to record an OTPthat was already used to log into a service or to conduct a transaction
will not be able toabuse it, since it will be no longer valid. The 3-D password is a multifactor
authenticationscheme. To be authenticated, we present a 3-D virtual environment where the
usernavigates and interacts with various objects. The sequence of actions and interactionstoward the
objects inside the 3-D environment constructs the user’s 3-D password.
Effectiveness of various user authentication techniquesIAEME Publication
This document discusses and compares various user authentication techniques. It analyzes one-time password authentication using smart phones (oPass), 3D password authentication using a virtual environment, and smart card-based authentication. oPass requires the user to remember only a long-term password for their phone, while the website generates one-time passwords via SMS. 3D passwords combine multiple authentication methods by having users navigate and interact with virtual objects. Smart card authentication does not store passwords in verification tables and allows password changes for mutual authentication. The document examines the advantages and disadvantages of these approaches.
SECURITY ANALYSIS ON PASSWORD AUTHENTICATION SYSTEM OF WEB PORTALcscpconf
Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. One of the most famous social network service, Facebook subscribers to reach 1.2 billion 30 million people at the time of the February 2014. With the increase in number of users
followed by the diversity in types of services provided by portal sites and SNS, the attack is also increasing. Therefore, the objective of this study lies in analysing whole procedure of password authentication system of portal sites, SNS and analysing the security threat that may occur accordingly. Also, the security requirement corresponding to analysed security threat was extracted and the analysis on implementation of security requirements by portal sites and SNS
was conducted.
Location based authentication new words approch secuiritySarath K
Authentication is accepting proof of identity given by a
credible person who has evidence on the said identity or on the
originator and the object under assessment as his artifact
respectively. Traditional authentication technique generally
requires an id and password to verify the identity of user. By
nature, user is looking for a password that is easy to remember
and secured from any attack. However, remembering many
complicated passwords, especially when user has different
accounts, is not an easy task. Earlier two factor authentication
technique is common in use. In the two factor authentication
individual can be identified by his user name and password. If
username and password is matched then process of
authentication is done and user can access the data. But in this
technique anyone can hack password and access information.
In many cases, users' passwords are stored in plain-text form on
the server machine. Anyone who can gain access to the server's
database has access to enough information to impersonate any
authenticable user. In cases in which users' passwords are stored
in encrypted form on the server machine, plain-text passwords
are still sent across a possibly-insecure network from the client to
the server. Anyone with access to the intervening network may
be able to "snoop” pairs out of conversations and replay them to
forge authentication to the system. Each separate system must
carry its own copy of each user's authentication information. As a
result, users must maintain passwords on each system to which
they authenticate, and so are likely to choose less-than-secure
passwords for convenience. Knowledge based authentication
uses secret information. When user provides some information to
authenticate himself as a legitimate user, the system processes
this information and suggests whether the user is legitimate or
not
The document summarizes a research paper that proposes a method to prevent replay attacks in the Kerberos authentication protocol using triple passwords. The key aspects of the proposed method are:
1) Three passwords are stored on the Authentication Server and two passwords are sent to the Ticket Granting Server encrypted with a shared key.
2) The Ticket Granting Server sends one password to the Application Server encrypted with a shared key and the service ticket encrypted with the password received from the Authentication Server.
3) This prevents replay attacks because the attacker would not know the passwords to decrypt messages at different stages of authentication.
IRJET- Three Step Password Verification by using Random Key OrderIRJET Journal
This document proposes a three step password verification system using random key order to authenticate users. The three steps are: 1) an alphanumeric password, 2) a graphical password using colored boxes and hidden codes, and 3) a virtual numeric keypad with randomly ordered keys generated using a random number algorithm. This system is meant to improve security over traditional passwords by adding additional verification steps and preventing keylogging attacks on the virtual keypad. The document discusses related work on password authentication and security and provides details on the implementation and proposed benefits of the three step system.
Multilevel authentication using gps and otp techniqueseSAT Journals
Abstract Regression Testing is type of testing which is used to cut off the directly price associated with testing of different modules. Generally regression testing performs on test cases so that the resource utilization should be very low. Test cases in it are challenging task to achieve and suitable test cases for regression testing are difficult to judge and process. Optimization of various testing processes is done by optimization algorithms such as Genetic and Ant colony which usually provide solution to the good regression testing. Still these algorithms lack of some features which are required for better optimization of test cases in regression testing. The regression testing is the most expensive phase of the software testing, regression testing reduction eliminates the redundant test cases in the regression testing suite and saves the cost of the regression testing. In our proposed work, we will focus on optimization of regression testing with multi-objective genetic algorithm which will cover parameters like simplicity and complexity for test cases for regression testing. The complexity and simplicity for test cases will be judged and according to a common fitness function threshold we will proceed with optimization of the regression testing phases. Finally the paper evaluates the basic genetic algorithm for optimizing the test cases based on execution time; implement the multi-objective genetic algorithm with simplicity and complexity of the test cases along with execution time for test case prioritization for regression testing. Index Terms: Genetic Algorithm, Regression Testing Reduction, Test Cases, and Fitness Function etc…
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An Enhanced Security System for Web Authentication IJMER
Web authentication has low security in these days. Todays, For Authentication purpose,
Textual passwords are commonly used; however, users do not follow their requirements. Users tend to
choose meaningful words from dictionaries, which make textual passwords easy tobreak and vulnerable
to dictionary or brute force attacks. Also, Textual passwords can be identified by 3rd
party software’s.
Many available graphicalpasswords have a password space that is less than or equal to the textual
passwordspace. Smart cards or tokens can be stolen.There are so many biometric authentications have
been proposed; however, users tend to resistusing biometrics because of their intrusiveness and the effect
on their privacy. Moreover,biometrics cannot be evoked.In this paper, we present and evaluate our
contribution,i.e., the OTP and 3-D password. A one-time password (OTP) is a password that isvalid for
only one login session or transaction. OTPs avoid a number of shortcomingsthat are associated with
traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in
contrast to static passwords, they are not vulnerable to replay attacks. It means that a potential intruder
who manages to record an OTPthat was already used to log into a service or to conduct a transaction
will not be able toabuse it, since it will be no longer valid. The 3-D password is a multifactor
authenticationscheme. To be authenticated, we present a 3-D virtual environment where the
usernavigates and interacts with various objects. The sequence of actions and interactionstoward the
objects inside the 3-D environment constructs the user’s 3-D password.
Effectiveness of various user authentication techniquesIAEME Publication
This document discusses and compares various user authentication techniques. It analyzes one-time password authentication using smart phones (oPass), 3D password authentication using a virtual environment, and smart card-based authentication. oPass requires the user to remember only a long-term password for their phone, while the website generates one-time passwords via SMS. 3D passwords combine multiple authentication methods by having users navigate and interact with virtual objects. Smart card authentication does not store passwords in verification tables and allows password changes for mutual authentication. The document examines the advantages and disadvantages of these approaches.
SECURITY ANALYSIS ON PASSWORD AUTHENTICATION SYSTEM OF WEB PORTALcscpconf
Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. One of the most famous social network service, Facebook subscribers to reach 1.2 billion 30 million people at the time of the February 2014. With the increase in number of users
followed by the diversity in types of services provided by portal sites and SNS, the attack is also increasing. Therefore, the objective of this study lies in analysing whole procedure of password authentication system of portal sites, SNS and analysing the security threat that may occur accordingly. Also, the security requirement corresponding to analysed security threat was extracted and the analysis on implementation of security requirements by portal sites and SNS
was conducted.
Location based authentication new words approch secuiritySarath K
Authentication is accepting proof of identity given by a
credible person who has evidence on the said identity or on the
originator and the object under assessment as his artifact
respectively. Traditional authentication technique generally
requires an id and password to verify the identity of user. By
nature, user is looking for a password that is easy to remember
and secured from any attack. However, remembering many
complicated passwords, especially when user has different
accounts, is not an easy task. Earlier two factor authentication
technique is common in use. In the two factor authentication
individual can be identified by his user name and password. If
username and password is matched then process of
authentication is done and user can access the data. But in this
technique anyone can hack password and access information.
In many cases, users' passwords are stored in plain-text form on
the server machine. Anyone who can gain access to the server's
database has access to enough information to impersonate any
authenticable user. In cases in which users' passwords are stored
in encrypted form on the server machine, plain-text passwords
are still sent across a possibly-insecure network from the client to
the server. Anyone with access to the intervening network may
be able to "snoop” pairs out of conversations and replay them to
forge authentication to the system. Each separate system must
carry its own copy of each user's authentication information. As a
result, users must maintain passwords on each system to which
they authenticate, and so are likely to choose less-than-secure
passwords for convenience. Knowledge based authentication
uses secret information. When user provides some information to
authenticate himself as a legitimate user, the system processes
this information and suggests whether the user is legitimate or
not
The document summarizes a research paper that proposes a method to prevent replay attacks in the Kerberos authentication protocol using triple passwords. The key aspects of the proposed method are:
1) Three passwords are stored on the Authentication Server and two passwords are sent to the Ticket Granting Server encrypted with a shared key.
2) The Ticket Granting Server sends one password to the Application Server encrypted with a shared key and the service ticket encrypted with the password received from the Authentication Server.
3) This prevents replay attacks because the attacker would not know the passwords to decrypt messages at different stages of authentication.
IRJET- Three Step Password Verification by using Random Key OrderIRJET Journal
This document proposes a three step password verification system using random key order to authenticate users. The three steps are: 1) an alphanumeric password, 2) a graphical password using colored boxes and hidden codes, and 3) a virtual numeric keypad with randomly ordered keys generated using a random number algorithm. This system is meant to improve security over traditional passwords by adding additional verification steps and preventing keylogging attacks on the virtual keypad. The document discusses related work on password authentication and security and provides details on the implementation and proposed benefits of the three step system.
Multilevel authentication using gps and otp techniqueseSAT Journals
Abstract Regression Testing is type of testing which is used to cut off the directly price associated with testing of different modules. Generally regression testing performs on test cases so that the resource utilization should be very low. Test cases in it are challenging task to achieve and suitable test cases for regression testing are difficult to judge and process. Optimization of various testing processes is done by optimization algorithms such as Genetic and Ant colony which usually provide solution to the good regression testing. Still these algorithms lack of some features which are required for better optimization of test cases in regression testing. The regression testing is the most expensive phase of the software testing, regression testing reduction eliminates the redundant test cases in the regression testing suite and saves the cost of the regression testing. In our proposed work, we will focus on optimization of regression testing with multi-objective genetic algorithm which will cover parameters like simplicity and complexity for test cases for regression testing. The complexity and simplicity for test cases will be judged and according to a common fitness function threshold we will proceed with optimization of the regression testing phases. Finally the paper evaluates the basic genetic algorithm for optimizing the test cases based on execution time; implement the multi-objective genetic algorithm with simplicity and complexity of the test cases along with execution time for test case prioritization for regression testing. Index Terms: Genetic Algorithm, Regression Testing Reduction, Test Cases, and Fitness Function etc…
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
This document proposes a new 3D password authentication scheme that combines multiple existing authentication methods into a 3D virtual environment to provide stronger security. It describes how a 3D password would be composed of a sequence of actions and interactions with various objects in the virtual world. This increases the complexity of guessing passwords compared to traditional text-based passwords. The document also analyzes the potential password key space, security advantages, and applications of the 3D password scheme for critical systems that require strong authentication.
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
This document summarizes authentication techniques for mobile systems. It discusses single-factor and multi-factor authentication using passwords, tokens, and biometrics. It also reviews RFID authentication protocols like SRAC and ASRAC for secure and low-cost RFID systems. Public key cryptography models using elliptic curve cryptography are proposed for mobile security. Secure authentication provides benefits like protection, scalability, speed, and availability for mobile enterprises. Both encryption and authentication are needed but encryption requires more processing resources so should only be used for critical information.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
Distributed network act as core part to access the various services which are available in the network. But the security related to distributed network is main concern. In this paper single sign-on SSO mechanism is introduced which gives access to all services by allowing to sign on only once by users. In this mechanism once user logs in to the Trusted Authority Center TAC then application or services which are register to trusted center will automatically verifies the user’s credentials details and these credentials like password or digital signature will be only one for all applications or services. Unlike all other previous mechanisms where in, if user wants to have access multiple services then for every service distinct user credentials (username, password) must be required. SSO act as single authentication window to user for admittance multiple service providers in networks. Previously introduced technique based SSO technology proved to be secure over well-designed SSO system, but fails to provide security during communication. So here emphasis is given on authentication as open problem and on to refining the already proposed SSO process. And to do this along with RSA algorithm which was used in previous SSO process, we will be using MAC algorithm, which is intended to provide secured pathway for communication over distributed network.TAC i.e. Trusted Authority Center is used for sending token integrated with private and shared public key to user.
Adapting singlet login in distributed systemseSAT Journals
Abstract In a distributed system, there are numerous service provider. The user must be authenticated to entrance the services provided by the service provider. It is challenging to recall all secret words for users. So to clarify this problem single sign on is used which is an authentication contrivance in that permit a single license to be validated by multiple service provider. The Wang, Yu, and Qi Xie find that Chang – Lee Scheme undergoes from two attacks one of which is that the aggressor is outside service provider converses with the authenticated user twice and get the license necessary to right to use data in distributed systems. The second attack is the outsider easily receiving right to use to, use services without any license by mimicking authenticate user. This violence also associated with Hsu and Chang Scheme. To sidestep these attacks Wang, Yu, and Qi Xie employed RSA-VES. For enhancement and soundness of authentication, this paper services One Time Password to Wang, Yu, and Qi Xie Method. Now a days OTP plays important role in an authentication, so that using OTP for secure single sign on its easy to provide soundness for authentication. Keywords— Authentication, RSA-VES, distributed system, Security, Single Sign On(SSO),One Time Password(OTP).
Unlimited Length Random Passwords for Exponentially Increased SecurityIJCSEA Journal
This document proposes a new method to exponentially strengthen passwords against cracking by injecting random strings of random length at random positions within the password before encrypting it. The random strings are separated from the original password by delimiter strings chosen by the user. When decrypted, the random strings can be identified and removed using the delimiter strings to extract the original password. This method makes password cracking much more difficult by scattering the original password characters and increasing the search space for attackers. Security factors are calculated showing passwords encrypted with this method would take exponentially longer times, such as trillions of years, to crack using brute force attacks compared to traditionally padded passwords. The method can also be applied to encrypt other sensitive data like credit card numbers or cryptocurrency information
Computationally Efficient ID-Based Blind Signature Scheme in E-Votingijsrd.com
Blind signatures introduced by Chaum, allow a user to obtain a signature on a message without revealing anything about the message to the signer. Blind signatures play an important role in plenty of applications such as e-voting, e-cash system where anonymity is of great concern. ID based public key cryptography can be a good alternative for certificate based public key setting, especially when efficient key management and moderate security are required. In this we propose an ID based blind signature scheme from bilinear pairings.
Detection andprevention of fake access point using sensor nodeseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONcscpconf
Phishing, a serious security threat to Internet users is an e-mail fraud in which the perpetrator
sends out an email which looks like legitimate, in an order to gather personal and financial
information of the receiver. It is important to prevent such phishing attacks. One of the ways to
prevent the password theft is to avoid using passwords and to authenticate a user without a text
password. In this paper, we are proposing an authentication service that is image based and
which eliminates the need for text passwords. Using the instant messaging service available in
internet, user will obtain the One Time Password (OTP) after image authentication. This OTP
then can be used by user to access their personal accounts. The image based authentication
method relies on the user’s ability to recognize pre-chosen categories from a grid of pictures.
This paper integrates Image based authentication and HMAC based one time password to
achieve high level of security in authenticating the user over the internet. These algorithms are
very economical to implement provided they are time synchronized with the user.
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...IJNSA Journal
Recently, Li et al. proposed a secure biometric-based remote user authentication scheme using smart cards to withstand the security flaws of Li-Hwang’s efficient biometric-based remote user authentication scheme using smart cards. Li et al.’s scheme is based on biometrics verification, smart card and one-way hash function, and it also uses the random nonce rather than a synchronized clock, and thus it is efficient in computational cost and more secure than Li-Hwang’s scheme. Unfortunately, in this paper we show that Li et al.’s scheme still has some security weaknesses in their design. In order to withstand those weaknesses in their scheme, we further propose an improvement of their scheme so that the improved scheme always provides proper authentication and as a result, it establishes a session key between the user and the server at the end of successful user authentication.
IRJET - RFID based Automatic Entry Restricted Mechanism for Home SecurityIRJET Journal
This document describes a RFID-based automatic door locking system for home security. The system uses an Arduino nano microcontroller, RFID reader and tags, wireless transmitter and receiver modules, NodeMCU for WiFi connectivity, a 3x4 keypad, and servo motor. The system provides three ways to unlock the door - using a password via keypad, detecting an authorized RFID tag, or using a mobile application. It aims to remotely control the door unlock via a web connection and message passing between the owner and door lock for increased security and convenience.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
Enhancing a Dynamic user Authentication scheme over Brute Force and Dictionar...IOSR Journals
This document summarizes a research paper that proposes enhancing user authentication to protect against brute force and dictionary attacks. The paper conducts a review of existing graphical password techniques and proposes a new technique that sends text messages and emails for additional authentication. Key features include challenging hackers with many CAPTCHAs while allowing legitimate users to log in with one CAPTCHA. The technique aims to trace hackers by flooding their IP addresses and locking accounts on machines with many failed login attempts.
Password authentication with smart card is one of the simplest and efficient authentication mechanisms to ensure secure communication over insecure network environments. Recently, Tsai et al. proposed an improved password authentication scheme for smart card. Their scheme is more secure than the other previous schemes. In this paper, we show Tsai et al.’s scheme is vulnerable to password guessing attack and has computational overhead. Furthermore, we propose an enhanced password authentication scheme to eliminate the security vulnerability and enhance the overhead. By presenting concrete analysis of security and performance, we show that the proposed scheme cannot only resist various well known attacks, but also is more efficient than the other related works, and thus is feasible for practical applications.
Securing Messages from Brute Force Attack by Combined Approach of Honey Encry...IRJET Journal
This document presents a study that aims to develop a secure messaging system using honey encryption to prevent brute force attacks. It proposes combining honey encryption with the Blowfish encryption algorithm. The study first describes honey encryption and how it works to thwart brute force attacks by producing plausible-looking fake plaintexts from incorrect decryption keys. It then evaluates using honey encryption with the AES and Blowfish algorithms by implementing them and measuring processing times. The results show that honey encryption with Blowfish has significantly lower processing times than with AES, suggesting Blowfish may be better suited for integration with honey encryption in secure messaging systems.
This document discusses three-factor authentication schemes for automated teller machines (ATMs) and banking operations using universal subscriber identification modules (USIM). It proposes a systematic approach for authenticating clients using three factors: password, smart card, and biometrics. The system would involve clients registering with a server using an initial password and biometrics to receive a smart card. Clients could then log in using their password, smart card, and biometrics. The document outlines several authentication protocols for registration, login, password changing, and biometrics changing. It also discusses technologies involved like smart cards, principal component analysis for face recognition, and security aspects.
Internet security evaluation system documentation nikithaSusmitha Reddy
The document describes an Internet Security Evaluation System (ISES) project that was developed for a client. The project involves encrypting text using various encryption algorithms and decrypting the encrypted text. Key features include encrypting text using Caesar cipher, substitution cipher, Vigenere cipher, and monoalphabetic substitution cipher. The encrypted text is stored and decrypted later using corresponding decoding algorithms and a key. The system also allows editing encrypted text and analyzing the encryption/decryption performance.
IRJET- Graphical Password to Avoid Shoulder SurfingIRJET Journal
This document proposes a graphical password system to avoid shoulder surfing attacks. It involves a wheel divided into inner and outer circles with randomly arranged characters and numbers in each segment. Colors are assigned to each segment. To enter a password character, the user rotates the wheel clockwise or counterclockwise to align the correct color with the character segment, then selects inner or outer circle. This is intended to confuse observers and prevent password detection during entry, improving security for confidential systems while being low-cost. The system aims to provide shoulder surfing resistance without using expensive biometric authentication.
Knock x Knock: The Design and Evaluation of a Unified Authentication Manageme...Jason Hong
We introduce UniAuth, a set of mechanisms for streamlining authentication to devices and web services. With UniAuth, a user first authenticates himself to his UniAuth client, typically his smartphone or wearable device. His client can then authenticate to other services on his behalf. In this paper, we focus on exploring the user experiences with an early iPhone prototype called Knock x Knock. To manage a variety of accounts securely in a usable way, Knock x Knock incorporates features not supported in existing password managers, such as tiered and location-aware lock control, authentication to laptops via knocking, and storing credentials locally while working with laptops seamlessly. In two field studies, 19 participants used Knock x Knock for one to three weeks with their own devices and accounts. Our participants were highly positive about Knock x Knock, demonstrating the desirability of our approach. We also discuss interesting edge cases and design implications.
This document proposes an image-based authentication system for email to increase security. It aims to prevent shoulder surfing, TEMPEST, and brute force attacks. The system uses a three-level security approach involving a text password, image-based authentication where the user selects an image, and a one-time numeric password sent to the user's mobile phone. Communication between the client and server uses AJAX for increased interaction and speed. The system is analyzed against existing password and authentication methods and is concluded to be highly secure and user-friendly while preventing certain attacks. Future work plans to implement more secure encryption algorithms like MD5.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
The Companies Act 2014 aims to consolidate, simplify and reform Irish company law. It introduces a new simplified private limited company structure and a designated activity company structure. Key aspects of the new private limited company include allowing a single director, removing the need for an objects clause, and replacing the memorandum and articles of association with a single constitution document. Directors' duties are also codified under the new Act. All existing private companies must re-register as the new structures by June 2017. Mazars can provide advice and assistance to help companies transition effectively.
This document proposes a new 3D password authentication scheme that combines multiple existing authentication methods into a 3D virtual environment to provide stronger security. It describes how a 3D password would be composed of a sequence of actions and interactions with various objects in the virtual world. This increases the complexity of guessing passwords compared to traditional text-based passwords. The document also analyzes the potential password key space, security advantages, and applications of the 3D password scheme for critical systems that require strong authentication.
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
This document summarizes authentication techniques for mobile systems. It discusses single-factor and multi-factor authentication using passwords, tokens, and biometrics. It also reviews RFID authentication protocols like SRAC and ASRAC for secure and low-cost RFID systems. Public key cryptography models using elliptic curve cryptography are proposed for mobile security. Secure authentication provides benefits like protection, scalability, speed, and availability for mobile enterprises. Both encryption and authentication are needed but encryption requires more processing resources so should only be used for critical information.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
Distributed network act as core part to access the various services which are available in the network. But the security related to distributed network is main concern. In this paper single sign-on SSO mechanism is introduced which gives access to all services by allowing to sign on only once by users. In this mechanism once user logs in to the Trusted Authority Center TAC then application or services which are register to trusted center will automatically verifies the user’s credentials details and these credentials like password or digital signature will be only one for all applications or services. Unlike all other previous mechanisms where in, if user wants to have access multiple services then for every service distinct user credentials (username, password) must be required. SSO act as single authentication window to user for admittance multiple service providers in networks. Previously introduced technique based SSO technology proved to be secure over well-designed SSO system, but fails to provide security during communication. So here emphasis is given on authentication as open problem and on to refining the already proposed SSO process. And to do this along with RSA algorithm which was used in previous SSO process, we will be using MAC algorithm, which is intended to provide secured pathway for communication over distributed network.TAC i.e. Trusted Authority Center is used for sending token integrated with private and shared public key to user.
Adapting singlet login in distributed systemseSAT Journals
Abstract In a distributed system, there are numerous service provider. The user must be authenticated to entrance the services provided by the service provider. It is challenging to recall all secret words for users. So to clarify this problem single sign on is used which is an authentication contrivance in that permit a single license to be validated by multiple service provider. The Wang, Yu, and Qi Xie find that Chang – Lee Scheme undergoes from two attacks one of which is that the aggressor is outside service provider converses with the authenticated user twice and get the license necessary to right to use data in distributed systems. The second attack is the outsider easily receiving right to use to, use services without any license by mimicking authenticate user. This violence also associated with Hsu and Chang Scheme. To sidestep these attacks Wang, Yu, and Qi Xie employed RSA-VES. For enhancement and soundness of authentication, this paper services One Time Password to Wang, Yu, and Qi Xie Method. Now a days OTP plays important role in an authentication, so that using OTP for secure single sign on its easy to provide soundness for authentication. Keywords— Authentication, RSA-VES, distributed system, Security, Single Sign On(SSO),One Time Password(OTP).
Unlimited Length Random Passwords for Exponentially Increased SecurityIJCSEA Journal
This document proposes a new method to exponentially strengthen passwords against cracking by injecting random strings of random length at random positions within the password before encrypting it. The random strings are separated from the original password by delimiter strings chosen by the user. When decrypted, the random strings can be identified and removed using the delimiter strings to extract the original password. This method makes password cracking much more difficult by scattering the original password characters and increasing the search space for attackers. Security factors are calculated showing passwords encrypted with this method would take exponentially longer times, such as trillions of years, to crack using brute force attacks compared to traditionally padded passwords. The method can also be applied to encrypt other sensitive data like credit card numbers or cryptocurrency information
Computationally Efficient ID-Based Blind Signature Scheme in E-Votingijsrd.com
Blind signatures introduced by Chaum, allow a user to obtain a signature on a message without revealing anything about the message to the signer. Blind signatures play an important role in plenty of applications such as e-voting, e-cash system where anonymity is of great concern. ID based public key cryptography can be a good alternative for certificate based public key setting, especially when efficient key management and moderate security are required. In this we propose an ID based blind signature scheme from bilinear pairings.
Detection andprevention of fake access point using sensor nodeseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONcscpconf
Phishing, a serious security threat to Internet users is an e-mail fraud in which the perpetrator
sends out an email which looks like legitimate, in an order to gather personal and financial
information of the receiver. It is important to prevent such phishing attacks. One of the ways to
prevent the password theft is to avoid using passwords and to authenticate a user without a text
password. In this paper, we are proposing an authentication service that is image based and
which eliminates the need for text passwords. Using the instant messaging service available in
internet, user will obtain the One Time Password (OTP) after image authentication. This OTP
then can be used by user to access their personal accounts. The image based authentication
method relies on the user’s ability to recognize pre-chosen categories from a grid of pictures.
This paper integrates Image based authentication and HMAC based one time password to
achieve high level of security in authenticating the user over the internet. These algorithms are
very economical to implement provided they are time synchronized with the user.
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...IJNSA Journal
Recently, Li et al. proposed a secure biometric-based remote user authentication scheme using smart cards to withstand the security flaws of Li-Hwang’s efficient biometric-based remote user authentication scheme using smart cards. Li et al.’s scheme is based on biometrics verification, smart card and one-way hash function, and it also uses the random nonce rather than a synchronized clock, and thus it is efficient in computational cost and more secure than Li-Hwang’s scheme. Unfortunately, in this paper we show that Li et al.’s scheme still has some security weaknesses in their design. In order to withstand those weaknesses in their scheme, we further propose an improvement of their scheme so that the improved scheme always provides proper authentication and as a result, it establishes a session key between the user and the server at the end of successful user authentication.
IRJET - RFID based Automatic Entry Restricted Mechanism for Home SecurityIRJET Journal
This document describes a RFID-based automatic door locking system for home security. The system uses an Arduino nano microcontroller, RFID reader and tags, wireless transmitter and receiver modules, NodeMCU for WiFi connectivity, a 3x4 keypad, and servo motor. The system provides three ways to unlock the door - using a password via keypad, detecting an authorized RFID tag, or using a mobile application. It aims to remotely control the door unlock via a web connection and message passing between the owner and door lock for increased security and convenience.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
Enhancing a Dynamic user Authentication scheme over Brute Force and Dictionar...IOSR Journals
This document summarizes a research paper that proposes enhancing user authentication to protect against brute force and dictionary attacks. The paper conducts a review of existing graphical password techniques and proposes a new technique that sends text messages and emails for additional authentication. Key features include challenging hackers with many CAPTCHAs while allowing legitimate users to log in with one CAPTCHA. The technique aims to trace hackers by flooding their IP addresses and locking accounts on machines with many failed login attempts.
Password authentication with smart card is one of the simplest and efficient authentication mechanisms to ensure secure communication over insecure network environments. Recently, Tsai et al. proposed an improved password authentication scheme for smart card. Their scheme is more secure than the other previous schemes. In this paper, we show Tsai et al.’s scheme is vulnerable to password guessing attack and has computational overhead. Furthermore, we propose an enhanced password authentication scheme to eliminate the security vulnerability and enhance the overhead. By presenting concrete analysis of security and performance, we show that the proposed scheme cannot only resist various well known attacks, but also is more efficient than the other related works, and thus is feasible for practical applications.
Securing Messages from Brute Force Attack by Combined Approach of Honey Encry...IRJET Journal
This document presents a study that aims to develop a secure messaging system using honey encryption to prevent brute force attacks. It proposes combining honey encryption with the Blowfish encryption algorithm. The study first describes honey encryption and how it works to thwart brute force attacks by producing plausible-looking fake plaintexts from incorrect decryption keys. It then evaluates using honey encryption with the AES and Blowfish algorithms by implementing them and measuring processing times. The results show that honey encryption with Blowfish has significantly lower processing times than with AES, suggesting Blowfish may be better suited for integration with honey encryption in secure messaging systems.
This document discusses three-factor authentication schemes for automated teller machines (ATMs) and banking operations using universal subscriber identification modules (USIM). It proposes a systematic approach for authenticating clients using three factors: password, smart card, and biometrics. The system would involve clients registering with a server using an initial password and biometrics to receive a smart card. Clients could then log in using their password, smart card, and biometrics. The document outlines several authentication protocols for registration, login, password changing, and biometrics changing. It also discusses technologies involved like smart cards, principal component analysis for face recognition, and security aspects.
Internet security evaluation system documentation nikithaSusmitha Reddy
The document describes an Internet Security Evaluation System (ISES) project that was developed for a client. The project involves encrypting text using various encryption algorithms and decrypting the encrypted text. Key features include encrypting text using Caesar cipher, substitution cipher, Vigenere cipher, and monoalphabetic substitution cipher. The encrypted text is stored and decrypted later using corresponding decoding algorithms and a key. The system also allows editing encrypted text and analyzing the encryption/decryption performance.
IRJET- Graphical Password to Avoid Shoulder SurfingIRJET Journal
This document proposes a graphical password system to avoid shoulder surfing attacks. It involves a wheel divided into inner and outer circles with randomly arranged characters and numbers in each segment. Colors are assigned to each segment. To enter a password character, the user rotates the wheel clockwise or counterclockwise to align the correct color with the character segment, then selects inner or outer circle. This is intended to confuse observers and prevent password detection during entry, improving security for confidential systems while being low-cost. The system aims to provide shoulder surfing resistance without using expensive biometric authentication.
Knock x Knock: The Design and Evaluation of a Unified Authentication Manageme...Jason Hong
We introduce UniAuth, a set of mechanisms for streamlining authentication to devices and web services. With UniAuth, a user first authenticates himself to his UniAuth client, typically his smartphone or wearable device. His client can then authenticate to other services on his behalf. In this paper, we focus on exploring the user experiences with an early iPhone prototype called Knock x Knock. To manage a variety of accounts securely in a usable way, Knock x Knock incorporates features not supported in existing password managers, such as tiered and location-aware lock control, authentication to laptops via knocking, and storing credentials locally while working with laptops seamlessly. In two field studies, 19 participants used Knock x Knock for one to three weeks with their own devices and accounts. Our participants were highly positive about Knock x Knock, demonstrating the desirability of our approach. We also discuss interesting edge cases and design implications.
This document proposes an image-based authentication system for email to increase security. It aims to prevent shoulder surfing, TEMPEST, and brute force attacks. The system uses a three-level security approach involving a text password, image-based authentication where the user selects an image, and a one-time numeric password sent to the user's mobile phone. Communication between the client and server uses AJAX for increased interaction and speed. The system is analyzed against existing password and authentication methods and is concluded to be highly secure and user-friendly while preventing certain attacks. Future work plans to implement more secure encryption algorithms like MD5.
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive function. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
The Companies Act 2014 aims to consolidate, simplify and reform Irish company law. It introduces a new simplified private limited company structure and a designated activity company structure. Key aspects of the new private limited company include allowing a single director, removing the need for an objects clause, and replacing the memorandum and articles of association with a single constitution document. Directors' duties are also codified under the new Act. All existing private companies must re-register as the new structures by June 2017. Mazars can provide advice and assistance to help companies transition effectively.
Las Tecnologías de la Información y la Comunicación (TIC) son herramientas importantes que pueden usarse para procesar y compartir información. Los docentes necesitan formación técnica en estas herramientas así como formación didáctica para usarlas efectivamente en la enseñanza. El aprendizaje es un proceso natural, social y activo que se puede apoyar mediante el uso de las TIC para permitir nuevas formas de enseñanza y aprendizaje en cualquier momento y lugar.
This document discusses social media safety issues, particularly related to location sharing and targeted threats. It notes that during crises like the Paris attacks, hashtags were used to share safe locations but ended up clogged. The document also discusses the controversy around government screening of social media for immigration and security purposes. It provides an example where a woman who later carried out an attack openly supported jihad online but wasn't flagged. Recommendations include establishing privacy and freedom of speech guidelines if social media screening is allowed.
Flori traveled to Shumen, Bulgaria with teachers Juana and M. del Mar in October 2016. The document describes Flori's activities at a Bulgarian school, including performing traditional dances, visiting classrooms, taking a nap with young children, and sharing Spanish sweets and gifts like ham, sausage, and items with the school's logo. It also mentions being welcomed by their Bulgarian hosts Svetla and Galina and taking a cultural visit.
Gmdes a graph based modified data encryption standard algorithm with enha...eSAT Journals
Abstract Cryptography is one of the prime techniques of secured symbolic data transmission over any communication channel. Security is the most challenging and essential aspects in today’s internet and network applications. Thus, design of a secure encryption algorithm is very necessary which can protect the unauthorized attacks. An encryption algorithm is computationally secure if it cannot be intruded with the standard resources. The algorithm proposed here is graph based. Its efficiency surpasses the standard DES algorithm in general. Graphs can be used for designing block ciphers, stream ciphers or public-key ciphers. The algorithm is graph automorphism based partial symmetric key algorithm and it is not fully depended on secret key and produces different cipher text by applying same key on the same plain text. Keywords: DES, Graph Automorphism, Hamiltonian Cycle, Encryption, Decryption
5 Unthinkable Feats of Creativity in BusinessJay Acunzo
When you're a creator in the business world, you can't seem to escape the same-old same-old examples. And while Red Bull is amazingly creative, and Airbnb and Uber are incredible tech companies, we can do better. We can find a more diverse array of examples and case studies from tech, marketing, design, and more. Here are 5 examples of creators who did the unthinkable: rejected conventional thinking and trusted their own intuition instead.
Ramón es un niño de 6 años de Senegal que recientemente llegó a España solo después de un largo viaje que incluyó cruzar el desierto y el Mar Mediterráneo. Ahora vive en una residencia escolar y asiste a la escuela en España, pero extraña mucho a su familia y amigos que dejó en Senegal.
80 câu hỏi trắc nghiệm mũ, logarit phần 2 - Nhóm Toán | iHoc.me - Tài liệu toán học
Tài liệu gồm 12 trang trong đó trang cuối cùng là đáp án để bạn có thể kiểm tra đáp số bài làm của mình.
Download file tại địa chỉ: http://ihoc.me/
Chia sẻ 321 bài tập trắc nghiệm toán bất phương trình mũ, logarithaic2hv.net
321 bài tập trắc nghiệm toán bất phương trình mũ, logarit được chia sẻ bởi iHoc.me là tài liệu mới nhất về chuyên đề trắc nghiệm mũ, logarit.
Tải về máy tài liệu 321 bai tap trac nghiem toan bat phuong trinh mu, logarit tại địa chỉ:
http://ihoc.me/chia-se-321-bai-tap-trac-nghiem-toan-bpt-mu-logarit/
Ringkasan dokumen tersebut adalah sebagai berikut:
Laporan pertanggungjawaban keuangan dan program kerja BEM FE UJB periode 2015-2016, yang meliputi program-program seperti seminar nasional, study banding, ISMEI, lomba kewirausahaan, bakti sosial, dan LDK, beserta pemasukan dan pengeluarannya.
Japan’s sexual culture is quite unique compared to what would be considered “normal” from the western world. However, it is important consider a contrasting point of view when making a judgement on any culture.
Laporan ini membahas kondisi awal perpustakaan SMA N 1 Banjarnegara dan rencana pengembangan perpustakaan. Laporan dimulai dengan deskripsi singkat tentang profil sekolah, sejarah, struktur pengelola, sarana prasarana perpustakaan saat ini. Kemudian dilanjutkan dengan hasil observasi kondisi awal, rencana pengembangan sarana prasarana, layanan, dan kompetensi SDM perpustakaan. Laporan diakhi
Laporan Pertanggungjawaban Kerja BEM FMIPA UGM 2004/2005Zulfadli .
Laporan ini merangkum kegiatan Badan Eksekutif Mahasiswa Fakultas Matematika dan Ilmu Pengetahuan Alam Universitas Gadjah Mada periode 2004-2005. Laporan ini menjelaskan visi, misi, struktur organisasi, dan arahan kerja BEM FMIPA UGM untuk memajukan mahasiswa dan fakultas.
- ITC Limited is an Indian conglomerate headquartered in Kolkata, West Bengal established in 1910. It has diversified business segments including FMCG, hotels, paperboards & packaging, agri business, and IT.
- Within FMCG, ITC has numerous food brands such as Aashirvaad, Bingo, Candyman, Mint-o, B Natural, Sunfeast, Kitchen of India, and Yippee that produce staples, snacks, confectionaries, juices, and ready meals.
- ITC employs various brand strategies like range brands, product line brands, and sub-brands to organize and market its wide portfolio of food products.
100 câu hỏi trắc nghiệm thể tích khối đa diện có đáp án - iHoc.mehaic2hv.net
100 câu hỏi trắc nghiệm thể tích khối đa diện có đáp án nối tiếp chuyển đề trắc nghiệm toán. Tài liệu là 100 câu hỏi về thể tích khối chóp, khối lăng trụ,..
Tải về máy tài liệu này tại địa chỉ:
http://ihoc.me/100-cau-hoi-trac-nghiem-tich-khoi-da-dien-co-dap-an/
240 bài tập trắc nghiệm thể tích khối nón - trụ - cầu miễn phíhaic2hv.net
240 bài tập trắc nghiệm thể tích khối nón - trụ - cầu miễn phí với 29 trang tài liệu word chắc chắn sẽ rất cần thiết cho các thầy cô đang luyện thi THPT.
Tải về máy tài liệu 240 bai tap trac nghiem the tich khoi non tru cau tại địa chỉ:
http://ihoc.me/240-bai-tap-trac-nghiem-the-tich-khoi-non-tru-cau/
IRJET- Data Security with Multifactor AuthenticationIRJET Journal
This document discusses a multi-factor authentication system for improving data security. It proposes using passwords, one-time passwords via QR codes, and encryption/decryption of stored data. The system uses three stages of verification: login with username and password, verification with a randomly generated OTP QR code, and encrypting uploaded data and decrypting downloaded data with keys. By adding multiple layers of authentication and encrypting data, the system aims to minimize unauthorized access to secure systems and stored information.
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
This document summarizes a research paper about developing an authentication system for banking using implicit passwords. The proposed system uses randomly generated security questions to authenticate users, with answers provided as clickable points on an image instead of text. If the user correctly identifies the points associated with the security question, they are authenticated. The system aims to improve security over traditional username/password schemes while maintaining usability on mobile devices. Key modules described include user profile creation, generation of random authentication questions, comparing login profiles to verify identity, and allowing transactions and balance checks via SMS.
Cued click point image based kerberos authentication protocolIAEME Publication
The document presents a proposed authentication system that combines cued click point (CCP) graphical passwords with the Kerberos authentication protocol. CCP uses a sequence of images where the user selects one click point per image. This is made more secure through the addition of a sound signature. The system aims to address weaknesses in text passwords by leveraging human memory for visual information. It also utilizes Kerberos to provide network security and mutual authentication between clients and servers. The proposed model would allow administrators to assign user credentials for system access. Users would select a tolerance level and set graphical passwords by choosing images and click points. Their profile would be generated and the entire login process secured using Kerberos authentication.
This document presents a mobile data encryption algorithm that aims to securely store sensitive data on mobile devices.
- It uses a symmetric encryption approach where the same secret key is used to encrypt and decrypt data. The secret key is randomly generated from the ASCII values of the plain text itself.
- Encryption occurs on a server to avoid overburdening the mobile device. The encrypted ciphertext and secret key are sent back and stored on the mobile application.
- Decryption reverses the encryption process by using the ciphertext and secret key to derive the original plaintext. The processes aim to produce different ciphertext and keys each time to prevent pattern analysis attacks.
A secure communication in smart phones using two factor authenticationseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
A secure communication in smart phones using two factor authenticationeSAT Journals
Abstract Most secure systems face security attacks mainly at the client side. Two Factor Authentication (TFA) provides improved protection to the system at the client side by prompting to provide something they know and something they have. This system uses a one time password(OTP) generation method which doesn’t require client-server communication, which frees the system from cost of sending a dynamic password each time the client wants to login. The OTP generation uses the factors that are unique to the user and is installed on a smart phone in Android platform owned by the user. An OTP is valid for a minutes time, after which, is useless. The system thus provides better client level security – a simple low cost method which protects system from hacking techniques like key logging, phishing, shoulder surfing, etc. Keywords—Authentication, OTP, key logging, phishing
IRJET- Security Empowerment using QR Code and Session Tracking for Cued R...IRJET Journal
This document proposes security improvements to a password authentication system called SYNTHIMA that uses cues from a user's contact list to help them recall passwords. It discusses:
1. Extracting user information stored in SYNTHIMA's database and converting it to QR codes for more secure storage and transmission.
2. Developing a Java-based QR code generator to easily generate QR codes for secure data.
3. Sending updated user information or contact list changes via QR codes embedded in text messages or emails.
4. Implementing a session tracking technique to monitor each user's login sessions and ensure no unauthorized access.
The proposed changes aim to increase security of SYNTHIMA's database
This document discusses using one-time password (OTP) grid cards for strong authentication in online applications in Mongolia. It proposes a system where OTPs are generated from grid cards containing numbers and letters. When logging in, a user must provide their password and the contents of a randomly selected cell from their unique grid card. Adding salt passwords and generating challenges from least-used cells increases security by preventing prediction of responses. The system aims to improve online banking security in Mongolia by providing multi-factor authentication without specialized hardware tokens.
This document discusses enhancing security through token generation in a distributed environment. It proposes a new token generation scheme to encrypt user data with specified key parameters, making resources more robust. The token generation scheme would add security for both authentication and authorization. Existing algorithms focus on encrypting data on the user side, which incurs high computational and communication costs. The document suggests a token generation algorithm for distributed data files that provides secure and dependable server storage while maintaining low overhead. It analyzes related work on token-based authentication and security techniques to provide context.
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...IRJET Journal
This document proposes enhancements to password security by generating "honeywords" from existing user passwords. Honeywords aim to detect unauthorized access by including fake passwords (honeywords) along with real user passwords. If an attacker cracks the password file and tries logging in with a honeyword, an alarm is triggered. The proposed system would generate honeywords using existing user passwords and track internet protocol addresses and locations to identify attackers. It also introduces a new "video click based captcha" scheme to authenticate humans and prevent machine/robot attacks by having users click on points in a video. This overall architecture is intended to better protect user data and applications on online networks against unauthorized access.
IRJET - Graphical Password Authentication for Banking SystemIRJET Journal
This document describes a proposed system for enhancing authentication security for banking transactions through the use of graphical passwords. The system uses a two-step verification process, with pass-point authentication to validate the user during login by requiring them to click on a sequence of points on an image. For transactions, a color palette technique is used where the user must enter a pin number by selecting the corresponding color pairs. The system aims to improve security over traditional text passwords and prevent fraud by automatically filing a complaint if unauthorized access is detected and notifying the user via mobile if a transaction is halted.
Advanced Security System for Bank Lockers using Biometric and GSMIRJET Journal
This document proposes an advanced security system for bank lockers using biometric authentication and GSM technology. The system aims to provide more secure access to bank lockers than traditional key-based systems. It works by enrolling users through fingerprint scanning and storing their fingerprint data and mobile number in a database. When a user wants to open their locker, the system verifies their identity by matching their fingerprint and sends a one-time password via SMS to their registered mobile number. The user then enters this password to unlock the locker, providing two-factor authentication through biometrics and mobile verification. The system is designed to address security issues with lost or duplicated keys and keep pace with digital authentication methods.
Efficient Multi Server Authentication and Hybrid Authentication MethodIJCERT
Password is used for authentication on many major client-server system, websites etc. Client and a server share a password using Password-authenticated key exchange to authenticate each other and establish a cryptographic key by exchanging generated exchanges. In this scenario, all the passwords are stored in a single server which will authenticate the client. If the server stopped working or compromised, for example, hacking or even insider attack, passwords stored in database will become publicly known. This system proposes that setting where multiple servers which are used to, so that the password can be split in these servers authenticate client and if one server is compromised, the attacker still cannot be able to view the client’s information from the compromised server. This system uses the Advance encryption standard algorithm encryption and for key exchange and some formulae to store the password in multiple server. This system also has the hybrid authentication as another phase to make it more secure and efficient. In the given authentication schema we also use SMS integration API for two step verification.
AWS Cloud Based Encryption Decryption SystemIRJET Journal
This document describes an AWS cloud-based encryption and decryption system. The system uses a web app that allows users to easily encrypt and decrypt files for added security and privacy. Files are encrypted using the XOR cipher and SHA-512 hashing algorithm, making them very difficult to decrypt without the proper password. Encrypted files can only be decrypted using the web app. The system aims to increase security awareness and provide a simple encryption tool for common users to protect their confidential data.
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...IRJET Journal
1) The document proposes a password manager that stores user passwords securely and implements two-factor authentication using fingerprint biometrics for increased security.
2) It describes a web application to store passwords and auto-fill login information, along with an Android app for fingerprint authentication. Users set a master password to access passwords, and must also verify with fingerprint scanning.
3) The system aims to help users create strong, unique passwords for each account, securely store passwords in one place, and prevent phishing and keylogging attacks through auto-fill and two-factor authentication.
Protection Saving Positioned Multi-Keyword Scan for Different Information in ...IRJET Journal
This document proposes a privacy-preserving ranked multi-keyword search system (PRMSM) for distributed cloud computing. It addresses challenges in allowing multiple data owners to securely share encrypted data and enable keyword searches without revealing sensitive information. The system uses a dynamic key generation protocol and new user authentication protocol to prevent attackers from accessing secret keys or impersonating valid users. It also supports efficient user revocation. PRMSM constructs a secure search protocol that allows the cloud server to perform searches without knowing keyword or trapdoor details, while preserving privacy of relevance scores between keywords and files. This enhances security and practicality for multi-owner cloud-based data sharing and search.
IRJET- Password Management Kit for Secure AuthenticationIRJET Journal
This document proposes a passwordless authentication system using unique identification tokens. It discusses the limitations of traditional password-based authentication systems, including susceptibility to phishing and users reusing passwords across multiple accounts. The proposed system would generate a unique token during authentication on the server-side rather than requiring the user to store and enter multiple passwords. This token would be included in the authorization header for authentication to protected routes on the server. The system aims to provide a more secure and usable authentication method compared to existing password-based systems.
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITYNexgen Technology
This document discusses cost-effective and anonymous data sharing using forward secure identity-based ring signatures. It proposes a new notion of forward secure ID-based ring signatures that allow ID-based ring signature schemes to provide forward security. This is the first scheme to provide this feature for ring signatures in an ID-based setting. The scheme provides unconditional anonymity and can be proven to be forward-securely unforgeable in the random oracle model under the RSA assumption. It is efficient, requiring only one exponentiation for key updates and no pairings. This scheme enables authentic and anonymous data sharing in large-scale systems like smart grids.
Cost effective authentic and anonymousnexgentech15
Nexgen Technology Address:
Nexgen Technology
No :66,4th cross,Venkata nagar,
Near SBI ATM,
Puducherry.
Email Id: praveen@nexgenproject.com.
www.nexgenproject.com
Mobile: 9751442511,9791938249
Telephone: 0413-2211159.
NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km
Cost-Effective Authentic and Anonymous Data Sharing with Forward Securitynexgentechnology
bulk ieee projects in pondicherry,ieee projects in pondicherry,final year ieee projects in pondicherry
Nexgen Technology Address:
Nexgen Technology
No :66,4th cross,Venkata nagar,
Near SBI ATM,
Puducherry.
Email Id: praveen@nexgenproject.com.
www.nexgenproject.com
Mobile: 9751442511,9791938249
Telephone: 0413-2211159.
NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km
Similar to Secure3 authentication for sensitive data on cloud using textual, chessboard and qr code password system (20)
Mechanical properties of hybrid fiber reinforced concrete for pavementseSAT Journals
Abstract
The effect of addition of mono fibers and hybrid fibers on the mechanical properties of concrete mixture is studied in the present
investigation. Steel fibers of 1% and polypropylene fibers 0.036% were added individually to the concrete mixture as mono fibers and
then they were added together to form a hybrid fiber reinforced concrete. Mechanical properties such as compressive, split tensile and
flexural strength were determined. The results show that hybrid fibers improve the compressive strength marginally as compared to
mono fibers. Whereas, hybridization improves split tensile strength and flexural strength noticeably.
Keywords:-Hybridization, mono fibers, steel fiber, polypropylene fiber, Improvement in mechanical properties.
Material management in construction – a case studyeSAT Journals
Abstract
The objective of the present study is to understand about all the problems occurring in the company because of improper application
of material management. In construction project operation, often there is a project cost variance in terms of the material, equipments,
manpower, subcontractor, overhead cost, and general condition. Material is the main component in construction projects. Therefore,
if the material management is not properly managed it will create a project cost variance. Project cost can be controlled by taking
corrective actions towards the cost variance. Therefore a methodology is used to diagnose and evaluate the procurement process
involved in material management and launch a continuous improvement was developed and applied. A thorough study was carried
out along with study of cases, surveys and interviews to professionals involved in this area. As a result, a methodology for diagnosis
and improvement was proposed and tested in selected projects. The results obtained show that the main problem of procurement is
related to schedule delays and lack of specified quality for the project. To prevent this situation it is often necessary to dedicate
important resources like money, personnel, time, etc. To monitor and control the process. A great potential for improvement was
detected if state of the art technologies such as, electronic mail, electronic data interchange (EDI), and analysis were applied to the
procurement process. These helped to eliminate the root causes for many types of problems that were detected.
Managing drought short term strategies in semi arid regions a case studyeSAT Journals
Abstract
Drought management needs multidisciplinary action. Interdisciplinary efforts among the experts in various fields of the droughts
prone areas are helpful to achieve tangible and permanent solution for this recurring problem. The Gulbarga district having the total
area around 16, 240 sq.km, and accounts 8.45 per cent of the Karnataka state area. The district has been situated with latitude 17º 19'
60" North and longitude of 76 º 49' 60" east. The district is situated entirely on the Deccan plateau positioned at a height of 300 to
750 m above MSL. Sub-tropical, semi-arid type is one among the drought prone districts of Karnataka State. The drought
management is very important for a district like Gulbarga. In this paper various short term strategies are discussed to mitigate the
drought condition in the district.
Keywords: Drought, South-West monsoon, Semi-Arid, Rainfall, Strategies etc.
Life cycle cost analysis of overlay for an urban road in bangaloreeSAT Journals
Abstract
Pavements are subjected to severe condition of stresses and weathering effects from the day they are constructed and opened to traffic
mainly due to its fatigue behavior and environmental effects. Therefore, pavement rehabilitation is one of the most important
components of entire road systems. This paper highlights the design of concrete pavement with added mono fibers like polypropylene,
steel and hybrid fibres for a widened portion of existing concrete pavement and various overlay alternatives for an existing
bituminous pavement in an urban road in Bangalore. Along with this, Life cycle cost analyses at these sections are done by Net
Present Value (NPV) method to identify the most feasible option. The results show that though the initial cost of construction of
concrete overlay is high, over a period of time it prove to be better than the bituminous overlay considering the whole life cycle cost.
The economic analysis also indicates that, out of the three fibre options, hybrid reinforced concrete would be economical without
compromising the performance of the pavement.
Keywords: - Fatigue, Life cycle cost analysis, Net Present Value method, Overlay, Rehabilitation
Laboratory studies of dense bituminous mixes ii with reclaimed asphalt materialseSAT Journals
Abstract
The issue of growing demand on our nation’s roadways over that past couple of decades, decreasing budgetary funds, and the need to
provide a safe, efficient, and cost effective roadway system has led to a dramatic increase in the need to rehabilitate our existing
pavements and the issue of building sustainable road infrastructure in India. With these emergency of the mentioned needs and this
are today’s burning issue and has become the purpose of the study.
In the present study, the samples of existing bituminous layer materials were collected from NH-48(Devahalli to Hassan) site.The
mixtures were designed by Marshall Method as per Asphalt institute (MS-II) at 20% and 30% Reclaimed Asphalt Pavement (RAP).
RAP material was blended with virgin aggregate such that all specimens tested for the, Dense Bituminous Macadam-II (DBM-II)
gradation as per Ministry of Roads, Transport, and Highways (MoRT&H) and cost analysis were carried out to know the economics.
Laboratory results and analysis showed the use of recycled materials showed significant variability in Marshall Stability, and the
variability increased with the increase in RAP content. The saving can be realized from utilization of recycled materials as per the
methodology, the reduction in the total cost is 19%, 30%, comparing with the virgin mixes.
Keywords: Reclaimed Asphalt Pavement, Marshall Stability, MS-II, Dense Bituminous Macadam-II
Laboratory investigation of expansive soil stabilized with natural inorganic ...eSAT Journals
This document summarizes a study on stabilizing expansive black cotton soil with the natural inorganic stabilizer RBI-81. Laboratory tests were conducted to evaluate the effect of RBI-81 on the soil's engineering properties. The tests showed that with 2% RBI-81 and 28 days of curing, the unconfined compressive strength increased by around 250% and the CBR value improved by approximately 400% compared to the untreated soil. Overall, the study found that RBI-81 effectively improved the strength properties of the black cotton soil and its suitability as a soil stabilizer was supported.
Influence of reinforcement on the behavior of hollow concrete block masonry p...eSAT Journals
Abstract
Reinforced masonry was developed to exploit the strength potential of masonry and to solve its lack of tensile strength. Experimental
and analytical studies have been carried out to investigate the effect of reinforcement on the behavior of hollow concrete block
masonry prisms under compression and to predict ultimate failure compressive strength. In the numerical program, three dimensional
non-linear finite elements (FE) model based on the micro-modeling approach is developed for both unreinforced and reinforced
masonry prisms using ANSYS (14.5). The proposed FE model uses multi-linear stress-strain relationships to model the non-linear
behavior of hollow concrete block, mortar, and grout. Willam-Warnke’s five parameter failure theory has been adopted to model the
failure of masonry materials. The comparison of the numerical and experimental results indicates that the FE models can successfully
capture the highly nonlinear behavior of the physical specimens and accurately predict their strength and failure mechanisms.
Keywords: Structural masonry, Hollow concrete block prism, grout, Compression failure, Finite element method,
Numerical modeling.
Influence of compaction energy on soil stabilized with chemical stabilizereSAT Journals
This document summarizes a study on the influence of compaction energy on soil stabilized with a chemical stabilizer. Laboratory tests were conducted on locally available loamy soil treated with a patented polymer liquid stabilizer and compacted at four different energy levels. The study found that increasing the compaction effort increased the density of both untreated and treated soil, but the rate of increase was lower for stabilized soil. Treating the soil with the stabilizer improved its unconfined compressive strength and resilient modulus, and reduced accumulated plastic strain, with these properties further improved by higher compaction efforts. The stabilized soil exhibited strength and performance benefits compared to the untreated soil.
Geographical information system (gis) for water resources managementeSAT Journals
This document describes a hydrological framework developed in the form of a Hydrologic Information System (HIS) to meet the information needs of various government departments related to water management in a state. The HIS consists of a hydrological database coupled with tools for collecting and analyzing spatial and non-spatial water resources data. It also incorporates a hydrological model to indirectly assess water balance components over space and time. A web-based GIS portal was created to allow users to access and visualize the hydrological data, as well as outputs from the SWAT hydrological model. The framework is intended to facilitate integrated water resources planning and management across different administrative levels.
Forest type mapping of bidar forest division, karnataka using geoinformatics ...eSAT Journals
Abstract
The study demonstrate the potentiality of satellite remote sensing technique for the generation of baseline information on forest types
including tree plantation details in Bidar forest division, Karnataka covering an area of 5814.60Sq.Kms. The Total Area of Bidar
forest division is 5814Sq.Kms analysis of the satellite data in the study area reveals that about 84% of the total area is Covered by
crop land, 1.778% of the area is covered by dry deciduous forest, 1.38 % of mixed plantation, which is very threatening to the
environmental stability of the forest, future plantation site has been mapped. With the use of latest Geo-informatics technology proper
and exact condition of the trees can be observed and necessary precautions can be taken for future plantation works in an appropriate
manner
Keywords:-RS, GIS, GPS, Forest Type, Tree Plantation
Factors influencing compressive strength of geopolymer concreteeSAT Journals
Abstract
To study effects of several factors on the properties of fly ash based geopolymer concrete on the compressive strength and also the
cost comparison with the normal concrete. The test variables were molarities of sodium hydroxide(NaOH) 8M,14M and 16M, ratio of
NaOH to sodium silicate (Na2SiO3) 1, 1.5, 2 and 2.5, alkaline liquid to fly ash ratio 0.35 and 0.40 and replacement of water in
Na2SiO3 solution by 10%, 20% and 30% were used in the present study. The test results indicated that the highest compressive
strength 54 MPa was observed for 16M of NaOH, ratio of NaOH to Na2SiO3 2.5 and alkaline liquid to fly ash ratio of 0.35. Lowest
compressive strength of 27 MPa was observed for 8M of NaOH, ratio of NaOH to Na2SiO3 is 1 and alkaline liquid to fly ash ratio of
0.40. Alkaline liquid to fly ash ratio of 0.35, water replacement of 10% and 30% for 8 and 16 molarity of NaOH and has resulted in
compressive strength of 36 MPa and 20 MPa respectively. Superplasticiser dosage of 2 % by weight of fly ash has given higher
strength in all cases.
Keywords: compressive strength, alkaline liquid, fly ash
Experimental investigation on circular hollow steel columns in filled with li...eSAT Journals
Abstract
Composite Circular hollow Steel tubes with and without GFRP infill for three different grades of Light weight concrete are tested for
ultimate load capacity and axial shortening , under Cyclic loading. Steel tubes are compared for different lengths, cross sections and
thickness. Specimens were tested separately after adopting Taguchi’s L9 (Latin Squares) Orthogonal array in order to save the initial
experimental cost on number of specimens and experimental duration. Analysis was carried out using ANN (Artificial Neural
Network) technique with the assistance of Mini Tab- a statistical soft tool. Comparison for predicted, experimental & ANN output is
obtained from linear regression plots. From this research study, it can be concluded that *Cross sectional area of steel tube has most
significant effect on ultimate load carrying capacity, *as length of steel tube increased- load carrying capacity decreased & *ANN
modeling predicted acceptable results. Thus ANN tool can be utilized for predicting ultimate load carrying capacity for composite
columns.
Keywords: Light weight concrete, GFRP, Artificial Neural Network, Linear Regression, Back propagation, orthogonal
Array, Latin Squares
Experimental behavior of circular hsscfrc filled steel tubular columns under ...eSAT Journals
This document summarizes an experimental study that tested circular concrete-filled steel tube columns with varying parameters. 45 specimens were tested with different fiber percentages (0-2%), tube diameter-to-wall-thickness ratios (D/t from 15-25), and length-to-diameter (L/d) ratios (from 2.97-7.04). The results found that columns filled with fiber-reinforced concrete exhibited higher stiffness, equal ductility, and enhanced energy absorption compared to those filled with plain concrete. The load carrying capacity increased with fiber content up to 1.5% but not at 2.0%. The analytical predictions of failure load closely matched the experimental values.
Evaluation of punching shear in flat slabseSAT Journals
Abstract
Flat-slab construction has been widely used in construction today because of many advantages that it offers. The basic philosophy in
the design of flat slab is to consider only gravity forces; this method ignores the effect of punching shear due to unbalanced moments
at the slab column junction which is critical. An attempt has been made to generate generalized design sheets which accounts both
punching shear due to gravity loads and unbalanced moments for cases (a) interior column; (b) edge column (bending perpendicular
to shorter edge); (c) edge column (bending parallel to shorter edge); (d) corner column. These design sheets are prepared as per
codal provisions of IS 456-2000. These design sheets will be helpful in calculating the shear reinforcement to be provided at the
critical section which is ignored in many design offices. Apart from its usefulness in evaluating punching shear and the necessary
shear reinforcement, the design sheets developed will enable the designer to fix the depth of flat slab during the initial phase of the
design.
Keywords: Flat slabs, punching shear, unbalanced moment.
Evaluation of performance of intake tower dam for recent earthquake in indiaeSAT Journals
Abstract
Intake towers are typically tall, hollow, reinforced concrete structures and form entrance to reservoir outlet works. A parametric
study on dynamic behavior of circular cylindrical towers can be carried out to study the effect of depth of submergence, wall thickness
and slenderness ratio, and also effect on tower considering dynamic analysis for time history function of different soil condition and
by Goyal and Chopra accounting interaction effects of added hydrodynamic mass of surrounding and inside water in intake tower of
dam
Key words: Hydrodynamic mass, Depth of submergence, Reservoir, Time history analysis,
Evaluation of operational efficiency of urban road network using travel time ...eSAT Journals
This document evaluates the operational efficiency of an urban road network in Tiruchirappalli, India using travel time reliability measures. Traffic volume and travel times were collected using video data from 8-10 AM on various roads. Average travel times, 95th percentile travel times, and buffer time indexes were calculated to assess reliability. Non-motorized vehicles were found to most impact reliability on one road. A relationship between buffer time index and traffic volume was developed. Finally, a travel time model was created and validated based on length, speed, and volume.
Estimation of surface runoff in nallur amanikere watershed using scs cn methodeSAT Journals
Abstract
The development of watershed aims at productive utilization of all the available natural resources in the entire area extending from
ridge line to stream outlet. The per capita availability of land for cultivation has been decreasing over the years. Therefore, water and
the related land resources must be developed, utilized and managed in an integrated and comprehensive manner. Remote sensing and
GIS techniques are being increasingly used for planning, management and development of natural resources. The study area, Nallur
Amanikere watershed geographically lies between 110 38’ and 110 52’ N latitude and 760 30’ and 760 50’ E longitude with an area of
415.68 Sq. km. The thematic layers such as land use/land cover and soil maps were derived from remotely sensed data and overlayed
through ArcGIS software to assign the curve number on polygon wise. The daily rainfall data of six rain gauge stations in and around
the watershed (2001-2011) was used to estimate the daily runoff from the watershed using Soil Conservation Service - Curve Number
(SCS-CN) method. The runoff estimated from the SCS-CN model was then used to know the variation of runoff potential with different
land use/land cover and with different soil conditions.
Keywords: Watershed, Nallur watershed, Surface runoff, Rainfall-Runoff, SCS-CN, Remote Sensing, GIS.
Estimation of morphometric parameters and runoff using rs & gis techniqueseSAT Journals
This document summarizes a study that used remote sensing and GIS techniques to estimate morphometric parameters and runoff for the Yagachi catchment area in India over a 10-year period. Morphometric analysis was conducted to understand the hydrological response at the micro-watershed level. Daily runoff was estimated using the SCS curve number model. The results showed a positive correlation between rainfall and runoff. Land use/land cover changes between 2001-2010 were found to impact estimated runoff amounts. Remote sensing approaches provided an effective means to model runoff for this large, ungauged area.
Effect of variation of plastic hinge length on the results of non linear anal...eSAT Journals
Abstract The nonlinear Static procedure also well known as pushover analysis is method where in monotonically increasing loads are applied to the structure till the structure is unable to resist any further load. It is a popular tool for seismic performance evaluation of existing and new structures. In literature lot of research has been carried out on conventional pushover analysis and after knowing deficiency efforts have been made to improve it. But actual test results to verify the analytically obtained pushover results are rarely available. It has been found that some amount of variation is always expected to exist in seismic demand prediction of pushover analysis. Initial study is carried out by considering user defined hinge properties and default hinge length. Attempt is being made to assess the variation of pushover analysis results by considering user defined hinge properties and various hinge length formulations available in literature and results compared with experimentally obtained results based on test carried out on a G+2 storied RCC framed structure. For the present study two geometric models viz bare frame and rigid frame model is considered and it is found that the results of pushover analysis are very sensitive to geometric model and hinge length adopted. Keywords: Pushover analysis, Base shear, Displacement, hinge length, moment curvature analysis
Effect of use of recycled materials on indirect tensile strength of asphalt c...eSAT Journals
Abstract
Depletion of natural resources and aggregate quarries for the road construction is a serious problem to procure materials. Hence
recycling or reuse of material is beneficial. On emphasizing development in sustainable construction in the present era, recycling of
asphalt pavements is one of the effective and proven rehabilitation processes. For the laboratory investigations reclaimed asphalt
pavement (RAP) from NH-4 and crumb rubber modified binder (CRMB-55) was used. Foundry waste was used as a replacement to
conventional filler. Laboratory tests were conducted on asphalt concrete mixes with 30, 40, 50, and 60 percent replacement with RAP.
These test results were compared with conventional mixes and asphalt concrete mixes with complete binder extracted RAP
aggregates. Mix design was carried out by Marshall Method. The Marshall Tests indicated highest stability values for asphalt
concrete (AC) mixes with 60% RAP. The optimum binder content (OBC) decreased with increased in RAP in AC mixes. The Indirect
Tensile Strength (ITS) for AC mixes with RAP also was found to be higher when compared to conventional AC mixes at 300C.
Keywords: Reclaimed asphalt pavement, Foundry waste, Recycling, Marshall Stability, Indirect tensile strength.
Gas agency management system project report.pdfKamal Acharya
The project entitled "Gas Agency" is done to make the manual process easier by making it a computerized system for billing and maintaining stock. The Gas Agencies get the order request through phone calls or by personal from their customers and deliver the gas cylinders to their address based on their demand and previous delivery date. This process is made computerized and the customer's name, address and stock details are stored in a database. Based on this the billing for a customer is made simple and easier, since a customer order for gas can be accepted only after completing a certain period from the previous delivery. This can be calculated and billed easily through this. There are two types of delivery like domestic purpose use delivery and commercial purpose use delivery. The bill rate and capacity differs for both. This can be easily maintained and charged accordingly.
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...PriyankaKilaniya
Energy efficiency has been important since the latter part of the last century. The main object of this survey is to determine the energy efficiency knowledge among consumers. Two separate districts in Bangladesh are selected to conduct the survey on households and showrooms about the energy and seller also. The survey uses the data to find some regression equations from which it is easy to predict energy efficiency knowledge. The data is analyzed and calculated based on five important criteria. The initial target was to find some factors that help predict a person's energy efficiency knowledge. From the survey, it is found that the energy efficiency awareness among the people of our country is very low. Relationships between household energy use behaviors are estimated using a unique dataset of about 40 households and 20 showrooms in Bangladesh's Chapainawabganj and Bagerhat districts. Knowledge of energy consumption and energy efficiency technology options is found to be associated with household use of energy conservation practices. Household characteristics also influence household energy use behavior. Younger household cohorts are more likely to adopt energy-efficient technologies and energy conservation practices and place primary importance on energy saving for environmental reasons. Education also influences attitudes toward energy conservation in Bangladesh. Low-education households indicate they primarily save electricity for the environment while high-education households indicate they are motivated by environmental concerns.
Build the Next Generation of Apps with the Einstein 1 Platform.
Rejoignez Philippe Ozil pour une session de workshops qui vous guidera à travers les détails de la plateforme Einstein 1, l'importance des données pour la création d'applications d'intelligence artificielle et les différents outils et technologies que Salesforce propose pour vous apporter tous les bénéfices de l'IA.
Mechatronics is a multidisciplinary field that refers to the skill sets needed in the contemporary, advanced automated manufacturing industry. At the intersection of mechanics, electronics, and computing, mechatronics specialists create simpler, smarter systems. Mechatronics is an essential foundation for the expected growth in automation and manufacturing.
Mechatronics deals with robotics, control systems, and electro-mechanical systems.
Software Engineering and Project Management - Software Testing + Agile Method...Prakhyath Rai
Software Testing: A Strategic Approach to Software Testing, Strategic Issues, Test Strategies for Conventional Software, Test Strategies for Object -Oriented Software, Validation Testing, System Testing, The Art of Debugging.
Agile Methodology: Before Agile – Waterfall, Agile Development.
Secure3 authentication for sensitive data on cloud using textual, chessboard and qr code password system
1. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
_______________________________________________________________________________________
Volume: 04 Issue: 05 | May-2015, Available @ http://www.ijret.org 499
SECURE3 AUTHENTICATION FOR SENSITIVE DATA ON CLOUD
USING TEXTUAL, CHESSBOARD AND QR CODE PASSWORD
SYSTEM
V. R. Waghmare1
, Bhushan Shinde2
, Pankaj Patil3
, Puja Kasbe4
, Sharad Ghodake5
1
IT, Savitribai Phule Pune University, India, (MMIT, Lohgaon)
2
IT, Savitribai Phule Pune University, India (MMIT, Lohgaon)
3
IT, Savitribai Phule Pune University, India (MMIT, Lohgaon)
4
IT, Savitribai Phule Pune University, India (MMIT, Lohgaon)
5IT, Savitribai Phule Pune University, India (MMIT, Lohgaon)
Abstract
Existing systems of authentication are plagued by many weaknesses. As a high speed cloud infrastructure is being developed and
people are informationized, the sensitive data are also engaged in cloud feild. However, the existing cloud sensitive file upload
and download on cloud was exposed to the danger of hacking. Recently, the personal information has been leaked by a high
degree method such as Phishing or Pharming beyond snatching a user ID and Password. Seeing that most of examples which
happened in the file uploading and downloading were caused by the appropriation of ID or Password belonging to others, a safe
user confirmation system gets much more essential. In this paper, we propose a new authentication system file uploading and
downloading on cloud using HADOOP technique. In HADOOP technique there are 3 technique but we can use HDFS (Hadoop
Distributed File System).This authentication system is a combination of a three authentication system i.e. Secure3 in that
1)Textual,2)Chessboard,3)QR-code Authentication. In Textual authentication normal authentication is required to login .i.e
username and password. In chessboard authentication user plays a steps of a chessboard and select that steps as authentication.
In QR-code used Mobile OTP with the combination of QR-code which is a variant of the 2D barcode. we also include a priority of
a sensitive data in that low priority sensitive data have only a Textual authentication system. Medium priority sensitive data have
Textual +chessboard authentication system. High priority sensitive data have Textual +chessboard +QR-code authentication
system.
Keywords: OTP(one Time Password),QR(Quick-Response),CBS(Chess Board System),HDFS (Hadoop Distributed
File System),IMEI(International Mobile Center Equipment Identity),AES(Advanced Encryption Standard).
--------------------------------------------------------------------***------------------------------------------------------------------
1. INTRODUCTION
File uploading and downloading is most sensitive task
performed by general internet User. In this paper, we propose
authentication system for sensitive data uploading and
downloading on cloud based hadoop Distributed File
System(HDFS).Cloud network which can provide greater
security and convenience to user for sensitive information by
Secure 3 authentication system i.e. textual password,
chessboard system and mobile OTP with the QR-code. Once
the user enter a textual password it matches with the users
original password if it correct then user goes to chessboard
authentication. In chessboard authentication user plays a
chess game on one side and opposite side moves
automatically plays by AI system and stores the playing
moves password in a database. Only user moves are stored as
a password. When user login to his account this time he play
this moves again if this moves is match with database stored
moves then he goes to QR code authentication. QR code
authentication is very secure system in that OTP is used. OTP
is a combination of a user mobile IMEI no and a selected
random number. OTP is send on users mobile. In QR code
users mobile IMEI no is added with random no between (0-
9999) this number store in database.
2. RELATED WORK
Authentication is accepting proof of identity given by a
credible person who has evidence on the said identity or on
the originator and the object under assessment as his artifact
respectively. Traditional authentication technique generally
requires an id and password to verify the identity of user. By
nature, user is looking for a password that is easy to
remember and secured from any attack. However,
remembering many complicated passwords, especially when
user has different accounts, is not an easy task. Earlier two
factor authentication technique is common in use. In the two
factor authentication individual can be identified by his user
name and password. If username and password is matched
then process of authentication is done and user can access the
data. But in this technique anyone can hack password and
access information. In many cases, users' passwords are
stored in plain-text form on the server machine. Anyone who
can gain access to the server's database has access to enough
information to impersonate any authenticable user. In cases in
which users' passwords are stored in encrypted form on the
server machine, plain-text passwords are still sent across a
possibly-insecure network from the client to the server.
Anyone with access to the intervening network may be able
2. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
_______________________________________________________________________________________
Volume: 04 Issue: 05 | May-2015, Available @ http://www.ijret.org 500
to "snoop” pairs out of conversations and replay them to
forge authentication to the system. Each separate system must
carry its own copy of each user's authentication information.
As a result, users must maintain passwords on each system to
which they authenticate, and so are likely to choose less-than-
secure passwords for convenience. Knowledge based
authentication uses secret information. When user provides
some information to authenticate himself as a legitimate user,
the system processes this information and suggests whether
the user is legitimate or not.
3. PROBLEM STATEMENTS
In this paper, we propose a new authentication system file
uploading and downloading on cloud using HADOOP
technique(HDFS).This authentication system is a
combination of a three authentication system i.e. Secure3 in
that 1)Textual,2)Chessboard,3)QR-code Authentication. In
textual authentication is required to login .i.e username and
password. In chessboard authentication user plays a steps of a
chessboard and select that steps as authentication. In QR-
code used Mobile OTP with the combination of QR-code
which is a variant of the 2D barcode. We also include a
priority of a sensitive data in that low priority sensitive data
have only a normal authentication system. Medium priority
sensitive data have textual +chessboard authentication
system. High priority sensitive data have textual +chessboard
+QR-code authentication system. The following requirements
are satisfied in the proposed scheme .
1. The new scheme provide secrets that are easy to remember
and very difficult for intruders to guess.
2. The new scheme provides secrets that are not easy to write
down on paper. Moreover, the scheme secrets should be
difficult to share with others.
3. The new scheme provides secrets that can be easily
revoked or changed
4. OBJECTIVES
4.1 Authentication
We provide 3 authentication system i.e. Textual, Chess Board
and QR Code password system.
4.2 Registration
In this authentication system we provide user registration in
that users details, (i.e. UserID ,LoginName, FullName,
MobNo, IMEINo) and play chess board moves for password.
This information and password stored in database at the time
of registration.
1. File Upload:-
File send and upload user itself and compose to
other user. For upload a file on cloud we can provide
priorities on the basis of importance of data. And
HDFS Techniques.
2. File Download:-
File download by user itself using a hadoop
distributed file system.
3. File Encryption:-
We provide encryption algorithm i.e. AES for
textual password. This algorithm provides more
security for textual password.
4. File Decryption:-
We provide decryption algorithm i.e. AES for
textual password. This algorithm provides more
security for textual password.
5. QR Code Encoder/Decoder:-
QR code encoder and decoder is used to encode and
decode the QR code.
6. Chess Board Environment:-
User play a moves of a chessboard at the same time
AI player also play a chessboard game but only user
game is stored in database in encrypted format.
5. PROPOSED WORK AND METHODS
Here the designs secure3 system of two 3D environments are
specified ,and one normal environment is specified. The first
is a normal authentication system the second one being a
chess game and the third being a OTP with QR code. In the
chess game, the password is based on placing the chess
pieces in predefined positions on the chess board and in the
case of the QR code, the password is constructed base on
mobile IMEI no. adding a random number(0-9999)on mobile
IMEI no.
5.1. Environment1-Textual Login:
When a new user enters in the environment, the user must
initially enter all users details in the registration form. The
user must then click on the CHECK LOGIN button to select
the chess environment. Figure1 below shows an environment
for a Textual-Login, having its username and password.
Password should contain character, number and special
symbols.
5.1.1 Encryption
The process of converting plain text to cipher text is known
as encryption. In this system the password of that user will
send or receive will be in encrypted format. To achieve this
we will be using AES (Advanced Encryption Standard)
algorithm which is advanced version of DES (Data
Encryption Standard).The main advantages of AES are that
its resistance against all known attacks; speed and code
compactness on a wide range of platforms; design simplicity .
3. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
_______________________________________________________________________________________
Volume: 04 Issue: 05 | May-2015, Available @ http://www.ijret.org 501
Fig 1:-Textual Login
5.1.2 Decryption:
The process of converting Cipher text to Plain text is known
as Decryption. In this system the password of that user will
be receive in Decrypted format. To achieve this we will be
using AES (Advanced Encryption Standard) algorithm which
is advanced version of DES (Data Encryption Standard).The
main advantages of AES are that its resistance against all
known attacks; speed and code compactness on a wide range
of platforms; design simplicity .
5.2. Environment 2 – Chess Board
When a new user enters the environment, the user must
initially enter all user details in the registration form. As well
as user plays a moves of a chessboard this moves and user
details are stored in database. The user must then click on the
CHECK LOGIN button to select the chess environment.
Figure2 below shows an environment for a chess game,
having a total of 32 objects, out of which 16 are red and 16
are white. It also encloses three buttons all together namely,
start game, stop game, and close the game.
5.2.1 Encryption
Encryption algorithm is used for encrypting a chessboard
password. We are using a AES for encrypting a chessboard
password.
5.2.2 Decryption
Decryption algorithm is used for decrypting a chessboard
password. We are using a AES for encrypting a chessboard
password.
Each button works as specified below:-
1. Start Game:-
This button can be used by user to start playing of
chessboard game at the registeration time and at the login
time of a user. Once this button is clicked, the user can moves
the chessboard objects.
2. Stop Game:-
This button is used to end the sequence of actions and
interactions. Clicking this button stops recording the users
movements and the recorded actions and interactions are
saved as a 3D password in the form of a string.
3. Close:-
Once clicked, the environment is closed and control returns
to the registration form. Following diagram shows how actual
ChessBoard password is stored in the database. ChessBoard
password is stored matrix format in a database. Source and
destination point of a object is selected as a password of one
moving object. Same as a second moving object. This process
is continuous till last moving object. This password is stored
in a encrypted format in a database.
Fig 2:- ChessBoard Login
Fig 3:-PWD Matrix format of chessboard
4. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
_______________________________________________________________________________________
Volume: 04 Issue: 05 | May-2015, Available @ http://www.ijret.org 502
5.3 Environment 3 –QR Code
5.3.1 OTP and QR Scanner
An OTP is a generated password which only valid once and
QR Scanner is an android application for scanning QR Code.
The users mobile that can generate an OTP using an
algorithm of permute string and cryptographic keys by
scanning the QR code by the QR Scanner. On the server side,
an authentication server can check the validity of the
password by sharing the same algorithm and keys. Mobile
QR Code Scanner application can be used to generate the
OTP, The OTP is a combination of a user mobile IMEI-NO
and randomly selected number. Any random number is added
on a users mobile IMEI no. This password is valid only one
time. To generate a OTP permute string algorithm logic is
used to send a OTP.
5.3.2 QR_Code
Fig 4:-QR Code Login
There are two buttons are used in a QR code:-
1. Check:-
This button is check whether user enter OTP is correct or
not.
2. Close:-
This button is used to close the QR-Code environment.
5.3.3 Structure of QR-Code
QR code (abbreviated from Quick Response Code) is the
trademark for a type matrix barcode(or two-dimensional
barcode). A QR code uses four standardized encoding modes
(numeric, alphanumeric, byte / binary) to efficiently store
data; extensions may also be used The QR Code system
became popular outside the automotive industry due to its
fast readability and greater storage capacity compared to
standard UPC Barcode . Applications include product
tracking, item identification, time tracking, document
management, and general marketing.. A QR code consists of
black modules (square dots) arranged in a square grid on a
white background, which can be read by an imaging device
(such as a camera) and processed using Reed error correction
until the image can be appropriately interpreted. The required
data are then extracted from patterns present in both
horizontal and vertical components of the image.
Fig 5:-QR Code.
5.4 File Upload and Download using HDFS
We use HDFS for uploading and downloading file on cloud
for more security .HDFS means Hadoop Distributed File
System is more useful for to produce the bulk filename of
the uploaded file on cloud server. For that we can provide
more security to the our personal information or data on the
cloud storage. HDFS has a master/slave architecture.HDFS
cluster consists of a single Name Node, a master server that
manages the file system namespace and regulates access to
files by clients. In addition, there are a number of Data
Nodes, usually one per node in the cluster, which manage
storage attached to the nodes that they run on. HDFS exposes
a file system namespace and allows user data to be stored in
files. Internally, a file is split into one or more blocks and
these blocks are stored in a set of Data Nodes. The Name
Node executes file system namespace operations like
opening, closing, and renaming files and directories. It also
determines the mapping of blocks to Data Nodes. The Data
Nodes are responsible for serving read and write requests
from the file system’s clients. The Data Nodes also perform
block creation, deletion, and replication upon instruction
from the Name Node.
5.5 QR Code Scanner
We take a application of QR code scanner and in capture
activity develop a algorithm of permute string. This same
algorithm is developed in login code of a client side. A OTP.
is a combination of a beginning string +ending string.
Beginning string is a IMEI no and ending string is an random
number
5. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
_______________________________________________________________________________________
Volume: 04 Issue: 05 | May-2015, Available @ http://www.ijret.org 503
5.6 HDFS (Hadoop Distributed File System)
We create a HDFS virtually in the system. We install HDFS
in linux OS.
5.7 Architecture of Proposed System
The proposed system have required first user registration. In
user registration required users login name and password is
stored in the database at the time of a registration. As well as
in the time of registration user play a chessboard game and
this chessboard moves also stored in a user database. The
user registration nothing but a personnel information of a
user. When this information is fill then user account will be
created. Then user do their personnel work like file uploading
and downloading of a sensitive data on cloud using HDFS.
The proposed system is more secure than a other
authentication system. The proposed authentication system
requires a three step authentication.
First authentication is normal. In textual authentication user
requires his username and password at the time of login. If
user entered username and password is correct then he moves
from chessboard otherwise he display a message incorrect
username or password. After completion of first environment
user goes to a chessboard environment in this environment he
plays a chessboard moves played moves is matches with the
database stored password. When this moves is correct he
goes to a QR code environment otherwise he goes to a
normal login. After completion of a chessboard user goes to a
QR code environment in that environment user requires a
OTP. When this password is correct then user have a
permission to do their work(File Uploading and File
Downloading)on cloud using a hadoop framework.
Algorithm of QR Code Scanner
1. Start.
2. Accept beginning and ending string.(i.e. IMEI no and
selected random no.)
3. If ending string <=1 thengotostep5
4.OTP=BigInteger.valueOf((Long.valueOf(beginningString))
+ Integer.parseInt(endingString));
5. else
for (int i = 0; i <= endingString.length(); i++) Increment a
ending string one at a time
6. Original OTP=ipermuteString(beginningString +
endingString.charAt(i), newString);
7. Stop.
Fig 6:-System Architechture
6. IJRET: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308
_______________________________________________________________________________________
Volume: 04 Issue: 05 | May-2015, Available @ http://www.ijret.org 504
6. ADVANTAGES
1. It is more secure system.
2. Used for sensitive data.
3. Used to store personnel information on cloud.
4. Three authentication system is used so it is more secure
than other authentication system.
7. BENIFITS OF PROPOSED SYSTEM
1. Critical server many large organizations have critical
servers that are usually protected by a textual password. A
secure 3 password authentication proposes a sound
replacement for a textual password.
2. Nuclear and military facilities such facilities should be
protected by the most Powerful authentication systems. The
secure 3 password has a very large probable password
space, and since it can contain token, biometrics, recognition
and knowledge based Authentications in a single
authentication system, it is a sound choice for high level
security locations.
3. Airplanes and jet fighters Because of the possible threat
of misusing airplanes and jet fighters for religion, political
agendas, usage of such airplanes should be protected by a
powerful authentication system. In addition, 3D passwords
can be used in less critical systems because the 3D virtual
environment can be designed to fit to any system needs.
4. A small virtual environment can be used in the following
systems like
4.1 Personal Digital Assistance
4.2 Desktop Computers laptop logins
4.3 Web Authentication
4.4 Security Analysis
8. CONCLUSION
We proposed a system called Secure 3 authentication system
using textual, chessboard , and QR code password system.
In this we provide 3 authentication system step by step (one
level after another level).
First we provide a user registration for new user. In user
registration all user details is _lled by user. In the time of
user registration chessboard password moves will be saves
in a database. First level of authentication is a textual login.
In textual login we provide username and password that
password is stored in database in encrypted format. We have
use a AES algorithm for encryption and decryption of
textual password. Second level of authentication is
chessboard authentication. If user enter a username and
password is correct then he goes to chessboard login. In
chessboard login user plays a moves of chessboard that
move store in database in matrix format. Third level of
authentication is QR code login. In QR code we have use a
2D barcode format. QR code is captured by QR code
scanner this password 68 is only valid for only one time. QR
code password is a combination of a user IMEI no and a
random number. The random number is between the (0-
9999). We give one QR code scanner android application
from google apps and developed a one algorithm in that
application i.e Permute String. Permute string is a
combination of a IMEI no and a selected random number
from(0-9999).
We use HDFS (hadoop distributed _le system) for _le
uploading and downloading from cloud. Bulk name is
assigned for every _le in HDFS. Our systems provide the
security or authentication for sensitive data as the hacker
will have to go through three levels of authentication in
which the complexity level increases at every step.
REFERENCES
[1]. William Stallings, "Cryptography and Network
Security: Principles and Practice", Sixth, 2013.
[2]. William Stallings, "Cryptography and network
security", Sixth, 2013.
[3]. Mohammad Mannan, P. C. Van Oorschot, "Security and
Usability: The Gap in Real-World Online Banking", NSPW
07, North Conway, NH, USA, Sep. 18-21, 2012., 175-191.
[4]. Anti Phishing Group, Phishing Activity Trends Report ,
from: http://www.antiphishing.org, Dec. 2008.
[6]. Sang-Il Cho, Hoon Jae Lee, Hyo-Taek Lim, Sang-Gon
Lee , OTP Authentication Protocol Using Stream Cipher
with Clock-Counter, October,2009.
[7]. Jean-Daniel Aussel, Smart Cards and Digital Identity ,
Telektronikk 3/4. 2010. ISSN 0085-7130.
[8]. Jose Rouillard, Contextual QR Codes , Proceedidngs of
the Third International Multi-Conference on Computing in
the Global Information Technology (ICCCGI2008), Athens,
Greece, July 27-Augst 1, 2012.67
[9]. IETF RFC 4226, HOTP: An HMAC-Based One-Time
Password Algorithm, Dec. 2011,
[10]. ISO/IEC 16022:2000, Information Technology
International Symbology Specification Data Matrix, 2008.