25-08-2014, 03:19 PM
Image Based Registration and Authentication System
Image Based.pdf (Size: 147.86 KB / Downloads: 148)
Abstract
Security-sensitive environments protect their resources against unauthorized
access by enforcing access control mechanisms. Text based passwords are not
secure enough for such applications. User authentication can be improved by
using both text passwords and structured images. Our image based registration
and authentication system is called IBRAS. The system developed displays an
image or set of images to the user, who would then select one to identify them.
The system uses such image based passwords and integrates image registration
and notification interfaces. Image registration enables users to have their favorite
image. The paper will describe our experience and future work.
Introduction
Authentication plays an important role in protecting resources against
unauthorized use. Many authentication processes exist from simple password
based authentication system to costly and computation intensive Biometric
authentication systems. But still the most widely used authentication system is
based on the use of text passwords [2] [4]. Text based passwords are not secure
enough for many applications that enforce security by access control mechanisms.
Authentication based on text based passwords has major drawbacks. More
sophisticated authentication process is costly and may need additional equipment
or hardware. To overcome such drawbacks we developed a system for verification
of personal identity using Java. In this project we have investigated how the
security of user authentication can be improved by using both text passwords and
structured images. Our registration and authentication algorithm is called IBRAS.
The purpose of this paper is to present the authentication process IBRAS which is
simple enough, cost effective and does not need any additional hardware. This
IBRAS can be used in educational institutions as well as corporate world with
ease. The paper is organized in to many sections. Firstly we present the
authentication problem and different authentication processes. The next section
explains the advantages and disadvantages of existing authentication systems.
Then we present our solution authentication system.
Implementation
The system has a very user friendly graphical user interface GUI. The main
window has options for a new user or an existing user. A user has to register
before he can log into the system. A user is registered using his first name, middle
name, last name, user name and an image. All the fields except middle name are
required fields. Once the user selects the image, it is displayed on the window for
the user to verify his image. The image is user’s choice. He can bring his own
image in a storage device.
The system does not store the images. The images are read byte wise and hashed
using a secure hashing function SHA-1. Images are large files. But SHA-1
algorithm produces a 20 byte output which is very secure and requires less
memory.
Summary and Future Enhancements
In this paper we proposed integrating text based passwords with images to
strengthen the security of systems. The process was enhanced by using a hash
function for authentication. Also, we briefly discussed how the proposed
authentication system could help enhance existing popular systems. This design
can be further improved to enhance security. The current system is not built with
complete Object Oriented design. Our next step is to rebuild the system using OO
methodology using the popular required design patterns. The IBRAS tool can be
very well developed to perform role based access control. The database can be
maintained as relational database by connecting the system to the database using
JDBC connectivity. Our future work would focus on improving the database by
providing the persistent storage. Our present system is developed as a stand-alone
application. It can be deployed on the Internet easily. It can be integrated with
simple biometric systems to enhance the security of the system. The system can
be enhanced to make them suitable for small devices like cell phones and PDA’s.