SESSION BASED DATA SHARING WITH SESSION BASED PASSWORD

Author’s Name : Jaffar Jasmine Begum | R Sujitha

Volume 01 Issue 03  Year 2014  ISSN No:  2349-3828  Page no:  20-23

Abstract:

When we consider the online service or desktop application there is major issue of security breaching. Old password schemes has some drawbacks like hacking of password, shoulder-surfing attack as far as password is concern, online password guessing attack, relay attack. Hence there must be system that provides good solution for such password cracking attacks. There are many solutions for it and various password schemes available that achieves this. The main drawback of these schemes is users have to deal with complicated and tedious steps as far as registration and login of user is concern as its logic contains some intense AI processes. In our proposed scheme introduced a session password is a password uniquely generated for every session. The scheme allows the system to automatically generate a session password each time the user logs in. The session password is generated randomly based on the randomly generated grid. The grid is used as a medium for password generation. Now the system stores this password and uses it to generate a unique session password while user logs in the next time. This session based authentication system uses the user password and compares alphabets contained alongside a 6*6 grid with letters a-z and numbers 0-9. The user needs to know the original password and the generation scheme to enter the exact password. Further graphical passwords are coming to the existence but the graphical passwords have their own disadvantages like they require more time to Authenticate and the usability issues. Thus we proposed a session password scheme in which the passwords are used only once for each and when session is terminated the password is no longer in use. it provides all benefits of session and make system more powerful from security point of view.

Keywords:

Security, Password Authentication, Anonymity, Smart Card

References:

1. A. Valenzano, L. Durante, and M. Cheminod, “Review of security issues in industrial networks,” IEEE Trans. Ind. Inf., vol.9, no. 1, pp. 277-293, 2013.
2. V. C. Gungor, and G. P. Hancke, “Industrial wireless sensor networks: challenges, design principles and technical approaches,” IEEE Trans. Ind. Electron., vol. 56, no. 10, pp. 4258-4265, Oct. 2009.
3. D. Liu, M. C. Lee, and D. Wu, “A Node-to-Node Location Verification Method,” IEEE Trans. Ind. Electron., vol. 57, no. 5, pp. 1526 – 1537, May 2010.
4. C. Chang and C. Lee, “A secure single sign-on mechanism for distributed computer networks,” IEEE Trans. Ind. Electron., vol. 59, no. 1, pp. 629-637, Jan. 2012.
5. G. Wang, J. Yu, and Q. Xie, “Security analysis of a single sign-On Mechanism for Distributed Computer Networks,” IEEE Trans. Ind. Inf., vol. 9, no. 1, pp. 294-302, 2013.
6. L. Barolli and F. Xhafa, “JXTA-OVERLAY: A P2P platform for distributed, collaborative and ubiquitous computing,” IEEE Trans. Ind. Electron., vol. 58, no. 6, pp. 2163-2172, Oct. 2010.
7. Y. Huang, W. Lin, and H. Li, “Efficient Implementation of RFID Mutual Authentication Protocol,” IEEE Trans. Ind. Electron., vol. 59, no. 12, pp. 4784 – 4791, 2012.
8. B.Wang and M. Ma, “A server independent authentication scheme for RFID systems,” IEEE Trans. Ind. Inf., vol. 8, no. 3, pp. 689-696, Aug. 2012.
9. B. Fabian, T. Ermakova, and C. Muller, “SHARDIS: A privacy enhanced discovery service for RFID-based product information,” IEEE Trans. Ind. Inf., vol. 8, no. 3, pp. 707-718, Aug. 2012.
10. M. Hwang, and L. Li, “A new remote user authentication scheme using smart cards,” IEEE Trans. Consum. Electron., 2000, 46(1): 28-30.