Publicação
Multi-Factor graphical user authentication for web applications
| Resumo: | Nowadays everybody uses web applications and need to protect their accounts with strong authentication methods. Following this need, this work research problems and solutions related with the authentication, specially concerning textual and graphical passwords. The common problem among the users is the difficulty remembering a textual password that is long and random-looking. Because of the visual aspect, graphical passwords are more easy to remember. This work proposes a recognition and recall based graphical authentication methods that can be used as a challenge to authenticate users. A security analysis is made to check the correctness of the proposed solution and how it minimizes the vulnerabilities of the authentication process. These analysis will enable us to implement these challenges in future work as an extension to authentication, authorization and accounting services, supporting a multi-factor authentication and combining theses challenges with others already available. The idea is to extend an authentication method on Apache Shiro to provide developers with a common framework to develop secure web application with strong authentication, authorization and accounting. |
|---|---|
| Autores principais: | Hasmik, Badikyan |
| Assunto: | Aplicações Web |
| Ano: | 2017 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Instituto Politécnico de Bragança |
| Idioma: | inglês |
| Origem: | Biblioteca Digital do IPB |
| Resumo: | Nowadays everybody uses web applications and need to protect their accounts with strong authentication methods. Following this need, this work research problems and solutions related with the authentication, specially concerning textual and graphical passwords. The common problem among the users is the difficulty remembering a textual password that is long and random-looking. Because of the visual aspect, graphical passwords are more easy to remember. This work proposes a recognition and recall based graphical authentication methods that can be used as a challenge to authenticate users. A security analysis is made to check the correctness of the proposed solution and how it minimizes the vulnerabilities of the authentication process. These analysis will enable us to implement these challenges in future work as an extension to authentication, authorization and accounting services, supporting a multi-factor authentication and combining theses challenges with others already available. The idea is to extend an authentication method on Apache Shiro to provide developers with a common framework to develop secure web application with strong authentication, authorization and accounting. |
|---|