Divide and Conquer Approach for Solving Security and Usability Conflict in User Authentication

Abstract

Knowledge based authentication schemes are divided into textual password schemes and graphical password schemes. Textual password schemes are easy to use but have well known security issues, such as weak against online security attacks. Graphical password schemes are generally weak against shoulder surfing attacks. Usability is another issue with most of the graphical password schemes. For improving security of knowledge-based authentication schemes complex password entry procedures are used, which improve security but weakens useability of the authentication schemes. In order to resolve this security and usability conflict, a user authentication scheme is proposed, which contains one registration and two login screens called easy and secure login screens. Easy login screen provides easy and quick way of authentication while secure login screen is resilient to different online security attacks. A user has to decide based upon the authentication environment, which login screen to be used for authentication. For secure environment, where chances of security attacks are less easy login screen is recommended. For insecure environments where chances of security attacks are high, secure login screen is recommended for authentication. In the proposed scheme, image based passwords can also be set along with alphanumeric passwords. Results suggest that proposed scheme improves security against offline and online attacks.

Authors and Affiliations

Shah Zaman Nizamani, Waqas Ali Sahito, Shafique Awan

Keywords

Related Articles

Big-Learn: Towards a Tool Based on Big Data to Improve Research in an E-Learning Environment

In the area of data management for information system and especially at the level of e-learning platforms, the Big Data phenomenon makes the data difficult to deal with standard database or information management tools....

REVIEW ON ASPECT ORIENTED PROGRAMMING

Aspect-oriented programming (AOP) has been introduced as a potential programming approach for the specification of nonfunctional component properties, such as fault-tolerance, logging and exception handling. Such propert...

Complexity of Network Design for Private Communication and the P-vs-NP Question

We investigate infeasibility issues arising along network design for information-theoretically secure cryptography. In particular, we consider the problem of communication in perfect privacy and formally relate it to gra...

Outsourcing of Secure k-Nearest Neighbours Interpolation Method

Cloud computing becomes essential in these days for the enterprises. Most of the large companies are moving their services and data to the cloud servers which offer flexibility and efficiency. Data owner (DO) hires a clo...

Confinement for Active Objects

In this paper, we provide a formal framework for the security of distributed active objects. Active objects com-municate asynchronously implementing method calls via futures. We base the formal framework on a security mo...

Download PDF file
  • EP ID EP319109
  • DOI 10.14569/IJACSA.2018.090564
  • Views 88
  • Downloads 0

How To Cite

Shah Zaman Nizamani, Waqas Ali Sahito, Shafique Awan (2018). Divide and Conquer Approach for Solving Security and Usability Conflict in User Authentication. International Journal of Advanced Computer Science & Applications, 9(5), 489-495. https://europub.co.uk/articles/-A-319109