O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
INTRODUCTIONCurrent Authentification suffer from many weakness.Textual passwords are commonly used,users do not follow their requirements.Users tends to choose meaningful words from dictionaries,which makes the textual passwords easy to break and vulnerable to dictionary or brute force attacks.In this paper,we present and evaluate our contribution i.e. the 3D password
Existing SystemTextual passwordGraphical PasswordBiometricsToken Based
PASSWORD •How secure is your password? Now with the technology change, fast processors and many tools on the Internet, cracking password has become a Childs Play. Ten years back Klein performed such tests and he could crack 10-15 passwords per day.
•The 3D passwords which are more customizable,and very interesting way of authentication.•A 3D password is a multifactorauthentication scheme thatcombine RECOGNITION +RECALL +TOKENS +BIOMETRICS in one authentication system.
The 3D password presents a virtual environment containing various virtual objects. The user walks through the environment and interacts with the objects.It is the combination and sequence of user interactions that occur in the 3D environment.
Brief Description of SystemThe user is presented with this 3d virtual environment where the user navigates and interacts with various objects.The sequence of actions and interactions towards the objects inside the 3d environment constructs the user’s 3d password.
System ImplementationFor example, the user can enter the virtual environment and type something on a computer that exists in (x1 , y1 , z1 ) position, then enter a room that has a fingerprint recognition device that exists in a position (x2 , y2 , z2 ) and provide his/her fingerprint. Then, the user can go to the virtual garage, open the car door, and turn on the radio to a specific channel. The combination and the sequence of the previous actions toward the specific objects construct the user’s 3D password
Virtual objectsVirtual objects can be any object we encounter in real life: A computer on which the user can type in A fingerprint reader that requires users fingerprint A paper or white board on which user can type An Automated teller(ATM) machine that requires a token A light that can be switched on/off A television or radio A car that can be driven A graphical password scheme
Snapshot of a proof - of - concept virtual art gallery , which contains 36 pictures and six computers
3D Virtual Environment•3-D virtual environment affects the usability, effectiveness, andacceptability of a 3-D password system.• 3-D environment reflects the administration needs and the securityrequirements. 3D Virtual Environment
The design of 3D virtualenvironments should followthese guidelines:Real Life SimilarityObject Uniqueness & Distinction3D Virtual Environment SizeNumber of objects & their typesSystem Importance
Advantages Flexibility Strength Ease to Memorize Respect of Privacy
Applications The 3D password’s main application domains are protecting critical systems and resources. Critical Servers Nuclear Reactors & military Facilities Airplanes and missile Guiding
A small virtual environment can be used in the following systems like-AtmPersonal digital assistanceDesktop computers & laptopsWeb authentication etc.
Attacks and CountermeasuresBrute Force AttackWell studied Attack Shoulder-surfing Attack
Conclusion •The authentication can be improved with 3d password ,because the unauthorized person may not interact with same object at a particular location as the legitimate user. •It is difficult to crack ,because it has no fixed number of steps and a particular procedure. •Added with biometrics and token verification this schema becomes almost unbreakable.