27-09-2016, 03:55 PM
[attachment=71808]
ABSTARCT
The topic of this paper is to transfer a file within users and groups with secure login. Now a day’s people are using characters, numbers and some special characters for password procedures. But now in this project we use alternative leys for password. The alternative keys are like ctrl, alt, space bar, delete, esc, backspace and other keyboard keys. In this we send files to other users and to groups with this password procedure. For this we used MD5 and key stroke algorithm to change the password keys to password divert so nobody can hack the user password.
INTRODUCTION
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take.The act of providing trust of the information, that the Confidentiality, Integrity and Availability (CIA) of the information are not violated. E.g.-ensuring that data is not lost when critical issues arise. These issues include, but are not limited to: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. Since most information is stored on computers in our modern era, information assurance is typically dealt with by IT security specialists. A common method of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arises and can be protected from hacking using passwords.
A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource (example: an access code is a type of password), which should be kept secret from those not allowed access.
The use of passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword, and would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user has passwords for many purposes: logging into accounts, retrieving e-mail, accessing applications, databases, networks, web sites, and even reading the morning newspaper online.
Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The terms passcode and passkey are sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed.
Most organizations specify a password policy that sets requirements for the composition and usage of passwords, typically dictating minimum length, required categories (e.g. upper and lower case, numbers, and special characters), prohibited elements (e.g. own name, date of birth, address, telephone number). Some governments have national authentication frameworks that define requirements for user authentication to government services, including requirements for passwords.
The easier a password is for the owner to remember generally means it will be easier for an attacker to guess. However, passwords which are difficult to remember May also reduce the security of a system because (a) users might need to write down or electronically store the password, (b) users will need frequent password resets and © users are more likely to re-use the same password. Similarly, the more stringent requirements for password strength, e.g. "have a mix of uppercase and lowercase letters and digits" or "change it monthly", the greater the degree to which users will subvert the system. Others argue longer passwords provide more security (e.g., entropy) than shorter passwords with a wide variety of characters.
In The Memorability and Security of Passwords, Jeff Yan et al. examine the effect of advice given to users about a good choice of password. They found that passwords based on thinking of a phrase and taking the first letter of each word are just as memorable as naively selected passwords, and just as hard to crack as randomly generated passwords.
Combining two or more unrelated words is another good method, but a single dictionary word is not. Having a personally designed algorithm for generating obscure passwords is another good method.
However, asking users to remember a password consisting of a "mix of uppercase and lowercase characters" is similar to asking them to remember a sequence of bits: hard to remember, and only a little bit harder to crack (e.g. only 128 times harder to crack for 7-letter passwords, less if the user simply capitalises one of the letters). Asking users to use "both letters and digits" will often lead to easy-to-guess substitutions such as 'E' → '3' and 'I' → '1', substitutions which are well known to attackers. Similarly typing the password one keyboard row higher is a common trick known to attackers.
EXISTING SYSTEM
In existing system the files are shared on the network between the client and the server and to other users and also in the groups using IP and MAC address. In network hackers may attack the server using client machine password, so files may get misused. The paper tells about traitor tracing in particular bias-based traitor tracing codes as introduced by tardos.
Traitor tracing is a copyright infringement detection system which works by tracing the source of leaked files rather than by direct copy protection. The method is that the distributor adds a unique salt to each copy given out. When a copy of it is leaked to the public, the distributor can check the value on it and trace it back to the "leaker".
They constructed a score a score system from the Neyman-Pearson hypothesis test (whichis known to be the most powerful test possible) into which we feedmore evidence than in previous work, in particular the symbol tallies for all columns of the code matrix. As far as we know, until now simple decoders using Neyman-Pearson have taken into consideration only the code word of a single user, namely the user under scrutiny. The Neyman–Pearson score needs as input the attack strategy of the colluders, which typically is not known to the tracer. We insert the interleaving attack, which plays a very special role in the theory of bias-based traitor tracing by virtue of being part of the asymptotic (i.e., large coalition size) saddle-point solution. The score system obtained in this way is universal: effective not only against the interleaving attack, but against all other attack strategies as well. Our score function for one user depends on the other users’ codewords in a very simple way through the symbol tallies, which are easily computed. We present bounds on the false positive probability and show receiver operating characteristic curves obtained from simulations. We investigate the probability distribution of the score. Finally, we apply our construction to the area of (medical) group testing, which is related to traitor tracing.
In this existing system there is no security to prevent the password.
In this exiting system the password is only in characters, both in lower case and in uppercase, numbers and in some special characters which is easy to hack by the hackers. This doesn’t provide a solution for secure login.
ABSTARCT
The topic of this paper is to transfer a file within users and groups with secure login. Now a day’s people are using characters, numbers and some special characters for password procedures. But now in this project we use alternative leys for password. The alternative keys are like ctrl, alt, space bar, delete, esc, backspace and other keyboard keys. In this we send files to other users and to groups with this password procedure. For this we used MD5 and key stroke algorithm to change the password keys to password divert so nobody can hack the user password.
INTRODUCTION
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take.The act of providing trust of the information, that the Confidentiality, Integrity and Availability (CIA) of the information are not violated. E.g.-ensuring that data is not lost when critical issues arise. These issues include, but are not limited to: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. Since most information is stored on computers in our modern era, information assurance is typically dealt with by IT security specialists. A common method of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arises and can be protected from hacking using passwords.
A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource (example: an access code is a type of password), which should be kept secret from those not allowed access.
The use of passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword, and would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user has passwords for many purposes: logging into accounts, retrieving e-mail, accessing applications, databases, networks, web sites, and even reading the morning newspaper online.
Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The terms passcode and passkey are sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed.
Most organizations specify a password policy that sets requirements for the composition and usage of passwords, typically dictating minimum length, required categories (e.g. upper and lower case, numbers, and special characters), prohibited elements (e.g. own name, date of birth, address, telephone number). Some governments have national authentication frameworks that define requirements for user authentication to government services, including requirements for passwords.
The easier a password is for the owner to remember generally means it will be easier for an attacker to guess. However, passwords which are difficult to remember May also reduce the security of a system because (a) users might need to write down or electronically store the password, (b) users will need frequent password resets and © users are more likely to re-use the same password. Similarly, the more stringent requirements for password strength, e.g. "have a mix of uppercase and lowercase letters and digits" or "change it monthly", the greater the degree to which users will subvert the system. Others argue longer passwords provide more security (e.g., entropy) than shorter passwords with a wide variety of characters.
In The Memorability and Security of Passwords, Jeff Yan et al. examine the effect of advice given to users about a good choice of password. They found that passwords based on thinking of a phrase and taking the first letter of each word are just as memorable as naively selected passwords, and just as hard to crack as randomly generated passwords.
Combining two or more unrelated words is another good method, but a single dictionary word is not. Having a personally designed algorithm for generating obscure passwords is another good method.
However, asking users to remember a password consisting of a "mix of uppercase and lowercase characters" is similar to asking them to remember a sequence of bits: hard to remember, and only a little bit harder to crack (e.g. only 128 times harder to crack for 7-letter passwords, less if the user simply capitalises one of the letters). Asking users to use "both letters and digits" will often lead to easy-to-guess substitutions such as 'E' → '3' and 'I' → '1', substitutions which are well known to attackers. Similarly typing the password one keyboard row higher is a common trick known to attackers.
EXISTING SYSTEM
In existing system the files are shared on the network between the client and the server and to other users and also in the groups using IP and MAC address. In network hackers may attack the server using client machine password, so files may get misused. The paper tells about traitor tracing in particular bias-based traitor tracing codes as introduced by tardos.
Traitor tracing is a copyright infringement detection system which works by tracing the source of leaked files rather than by direct copy protection. The method is that the distributor adds a unique salt to each copy given out. When a copy of it is leaked to the public, the distributor can check the value on it and trace it back to the "leaker".
They constructed a score a score system from the Neyman-Pearson hypothesis test (whichis known to be the most powerful test possible) into which we feedmore evidence than in previous work, in particular the symbol tallies for all columns of the code matrix. As far as we know, until now simple decoders using Neyman-Pearson have taken into consideration only the code word of a single user, namely the user under scrutiny. The Neyman–Pearson score needs as input the attack strategy of the colluders, which typically is not known to the tracer. We insert the interleaving attack, which plays a very special role in the theory of bias-based traitor tracing by virtue of being part of the asymptotic (i.e., large coalition size) saddle-point solution. The score system obtained in this way is universal: effective not only against the interleaving attack, but against all other attack strategies as well. Our score function for one user depends on the other users’ codewords in a very simple way through the symbol tallies, which are easily computed. We present bounds on the false positive probability and show receiver operating characteristic curves obtained from simulations. We investigate the probability distribution of the score. Finally, we apply our construction to the area of (medical) group testing, which is related to traitor tracing.
In this existing system there is no security to prevent the password.
In this exiting system the password is only in characters, both in lower case and in uppercase, numbers and in some special characters which is easy to hack by the hackers. This doesn’t provide a solution for secure login.