期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于图形口令的认证方案及其在电子商务中的应用 被引量:3

A Graphic Password Based Authentication Scheme and Applications in E-Commerce
下载PDF
导出
摘要 提出一种新的图形口令认证方案,用于解决电子商务网站中用户登录认证过程不安全和二次验证过程繁琐的问题.针对文本口令易受攻击的特点,使用基于图形口令的认证方案,并且在选择图形口令时增加文字提示,解决图形记忆困难的问题.另外,使用随机模糊图形认证方案来抵制猜测攻击.实验结果表明,该认证方案在注册时间、登录成功率、认证时间和尝试次数方面明显优于传统方案.猜测攻击实验和理论分析结果表明,该认证方案可有效解决文本口令安全性低和二次验证过程繁琐的问题,符合电子商务网站的安全强度需求,同时具有安全、便易的特点. In order to simplify the complexity of authentication and re-certification process in electronic commerce,a new authentication scheme based on graphical password was proposed.To overcome the problem of being easy attacked in text authentication,agraphical password was used along with text prompts for identifying and memory in the authentication process.And a random fuzzy graphics authentication scheme was used to resist educated guess attacks.Experiment results show that,the authentication scheme based on random fuzzy graphics is safe and easy to operate in re-certification and to resist guessing attacks in the electronic commerce websites.Results also demonstrate that the proposed scheme is superior to the traditional scheme in terms of the time of registration,the success rate of login,the authentication time and the number of attempts.Thus it is efficient,effective,and suitable in E-commerce applications.
作者 张振江 刘昆 程军军 刘卿
机构地区 北京交通大学软件学院 北京交通大学电子信息工程学院 中国信息安全测评中心 中国电力建设股份有限公司
出处 《北京理工大学学报》 EI CAS CSCD 北大核心 2017年第12期1253-1258,共6页 Transactions of Beijing Institute of Technology
基金 国家自然科学基金资助项目(61371071) 中央高校基本科研业务费专项资金资助项目(W16JB00160)
关键词 信息安全 图形口令 身份认证 二次验证 电子商务 information security graphical password identity authentication re-certification electronic commerce
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献1

二级参考文献15

  • 1Suo X,Zhu Y,Owen.O S.Graphical passwords:A survey[C].21st Annual Computer Security Applications Conference (ACSAC'05),2005:463-472.
  • 2Sobrado L,Birget J C.Graphical passwords[J].An Electronic Bulletin for Undergraduate Research,2002(4):19-23.
  • 3Birget J C,Hong D,Memon N.Graphical passwords based on robust discretization[C].IEEE Transactions on Information Forensics and Security,2006:395-399.
  • 4Perrig A,Song D.Hash visualization:A new technique to improve real-world security[C].Proceedings of the 1999 International Workshop on Cryptographic Techniques and E-Commerce,1999:35-39.
  • 5RealUser[EB/OL].http://www.realuser.com,2007-11-01.
  • 6Jermyn I,Mayer A,Monrose F,et al.The design and analysis of graphical passwords[C].Proc Symposium,1999:13-16.
  • 7Thorpe J,Oorschot P C.Graphical dictionaries and the memoruble space of graphical passwords[C].San Deign:Proceedings of the 13th USENIX Security Symposium.USA:USENIX,2004:66-70.
  • 8Wiedenbe.ck S,Waters J,Birget J C,et al.Authentication using graphical passwords:Effects of tolerance and image choice[C].Symposium on Usable Privacy and Security(SOUPS).USA:Pittsburgh,2005:103-107.
  • 9Sonia Chiasson,RoBert Biddle,van Oorschot P C.A second look at the usability of click-based graphical passwords[C].Symposium On Usable Privacy and Security(SOUPS).USA:Pittsburgh,2007:18-20.
  • 10Nali D,Thorpe J.Analyzing user choice in graphical passwords[R].Canada:School of Informatinn Technology and Engineering,University of Ottawa,2004.

共引文献6

同被引文献18

引证文献3

二级引证文献8

北京理工大学学报
2017年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部