SECURE AUTHENTICATION FOR BUSINESS MANAGEMENT SYSTEM USING COLOR PASS
Keywords:Color PIN, Shoulder Surfing Attack, Password, Partially Observable, Board Of Directors
Security in Business Management System is an important aspect in maintaining confidentiality of company’s essential data. Thereby, a more secure authentication scheme is required. Classical PIN entry mechanism is widely used for authenticating a user. It is a popular scheme because it nicely balances the usability and security aspects of a system. However, this scheme may suffer from shoulder surfing attack. In this attack, an unauthorized user can fully or partially observe the login session. Even the activities of the login session can be recorded which the attacker can use it later to get the actual PIN. We propose an intelligent user interface, known as Color Pass to resist the shoulder surfing attack so that any genuine user can enter the session PIN without disclosing the actual PIN. The Color Pass is based on a partially observable attacker model. The experimental analysis shows that the Color Pass interface is safe and easy to use even for novice users.
M.M. Group, http://www.internetworldstats.com/stats.htm,June2012.searchsecurity.techtarget.com/definition/man-in-the-middle-attack(last access october, 2013).
C. Herley, P. C. Oorschot, and A. S. Patrick, Passwords: If were so smart, why are we still using them?, in Financial Cryptography,pp.,2009.
H. Tao and C. Adams, Pass-Go: A proposal to improve the usability of graphical passwords, International Journal of Network Security, vol. 7,no. 2, pp.273292, 2008.
T.Perkovic, M. Cagalj, and N.Saxena, Shouldr-surng safe login in a partially observable attacker model, in Sion, R.(eds.) FC 2010. LNCS, pp. 351358,
How to Cite
Copyright (c) 2021 International Education and Research Journal (IERJ)
This work is licensed under a Creative Commons Attribution 4.0 International License.