ABCD Analysis Of Fingerprint Hash Code, Password And OTP .

2y ago
36 Views
2 Downloads
329.96 KB
16 Pages
Last View : 2d ago
Last Download : 2m ago
Upload by : Olive Grimm
Transcription

Saudi Journal of Business and Management Studies (SJBMS)Scholars Middle East PublishersDubai, United Arab EmiratesWebsite: http://scholarsmepub.com/ISSN 2415-6663 (Print)ISSN 2415-6671 (Online)ABCD Analysis of Fingerprint Hash Code, Password and OTP Based MultifactorAuthentication ModelKrishna Prasad K1 , P. S. AITHAL21Research Scholar, College of Computer and Information Science, Srinivas University, Mangaluru, Karnataka, India.2College of Computer and Information Science, Srinivas University, Mangaluru, Karnataka, India.*Corresponding authorKrishna Prasad KArticle HistoryReceived: 10.01.2018Accepted: 20.01.2018Published: 30.01.2018DOI:10.21276/sjbms.2018.3.1.10Abstract: Authentication is the usage of one or multiple mechanisms to show thatwho you declare or claim to be. Authentication ensures that users are granted tosome resources or services after verifying their identity. The essential characteristicsof every authentication system are to provide high security for their users.Multifactor authentication model always improves or enhances the securitycompared to single-factor authentication model. This new model makes use of threefactors-biometric Fingerprint Hash code, One Time Password (OTP), and Password.Fingerprints are not fully secret compare to passwords, because if passwords areleaked which can be easily revocable using another password and which is not truein case of fingerprint biometric security system. If an authentication system usesonly fingerprint biometric features, it is not easy to change fingerprint, becausefingerprint is static biometric, which never change much throughout the lifespan. Inthis paper, as per ABCD analysis various determinant issues related to MultifactorAuthentication Model for Verification/Authentication purpose are: (1) Securityissues, (2) User-friendly issues, (3) Input issues, (4) Process issues, (5) PerformanceEvaluation matrix Issues. The constituent critical elements of MultifactorAuthentication model determinant issues are listed under the four constructs advantages, benefits, constraints and disadvantages of the ABCD technique andtabulated. The analysis has brought out many critical constituent elements, which isone of the proofs for the success of the new methodology.Keywords: Multifactor Authentication Model, Fingerprint Hash Code, ABCDanalysis, Constituent Critical Elements.INTRODUCTIONBy definition, authentication is using one ormultiple mechanisms to show that who you declare orclaim to be. As soon as the identity of the human ormachine is demonstrated, then human or machine isauthorized to grant some services. Three worldwidereferred authentication process are (1) Token supportedauthentication, (2) Biometric supported authentication,and (3) Knowledge supported authentication.Token supported authentication makes use ofkey cards, bank cards, and smart cards. Tokensupported authentication system sometimes usesknowledge supported techniques to improve security.Biometric supported authentication strategies, togetherwith fingerprints, iris scan and facial reputation aren'tyet extensively adopted [1, 2]. The essential flaws ofthis technique are that such systems can be costly, andthe identification process may be slow and regularlyunreliable. However, this form of technique presents thehighest level of protection. Knowledge supportedauthentication is most commonly and widely usedauthentication technique and encompass both text-basedAvailable Online: http://scholarsmepub.com/sjbms/and image-based passwords. The image-basedtechniques can be further subdivided into two classes:recognition-primarily based and recall based graphicaltechniques. The use of recognition based strategies, aperson is provided with a set of images and the user isauthenticated through recognizing and identifying theimages, which is registered at the time of registrationprocess. In recall based techniques it's essential thatuser has to reproduce something like a pattern, which iscreated or drawn at the time of registration process.One time password can be generated in twoforms. (1) Time-synchronized OTP: In timesynchronized OTPs the person has to enter thepassword within a time frame or within a stipulatedtime, in other words, OTP having lifespan only for fewamount of time after that time it will get expired andanother OTP will be generated. (2) Countersynchronized OTP: In Counter-synchronized OTP,instead of regenerating OTP after the stipulated time, acounter variable is coordinated or synchronizedbetween client device and server.65

Krishna Prasad K et al., Saudi J. Bus. Manag. Stud., Vol-3, Iss-1 (Jan, 2018): 65-80Automatic Fingerprint Identification Systemimproved further. It is what our mind tells ultimate and(AFIS) consists of different techniques likewhich reached the pinnacle of success in the respectivepreprocessing, enhancement, segmentation, thinning,field, which can be compared to all other systems offeature extraction, post-processing, minutiae orientationsimilar type, which lacks in some qualities [16]. Theand alignment [3-10]. Fingerprint Hash code acts as theless-efficient system can be converted into the idealkey, which can uniquely identify every person. So it cansystem with the aid of research and continuousbe replaceable with user-id or username and can workinnovation in that field. Many objects we can consideralong with text-based or picture based or pattern basedas ideals like an ideal gas, ideal fluid, ideal engine, idealpasswords. The fingerprint hash code is not constantswitch, ideal voltage source, ideal current source, idealwith biometric sensors or readers. There are many typessemiconductor and ideal communication technologyof research are carried out translation and rotationand all of these are considered as standards to improveinvariant fingerprint hash code generation but eventhe quality and performance of similar type. Recentlysmall or pixel changes cause a difference in Hash codemany ideal systems are studied, which includes ideal[11-14]. Based on the different Methods of Fingerprintbusiness system [16], ideal education system [17-20],Hash code generation, it reveals that fingerprint hashideal technology system [15], ideal strategy [21], idealcode does not suit exclusively for authentication orenergy source [22], ideal library system [23], idealsecurity purpose. But it uniquely identifies an individualbanking system [24, 25], ideal software [26], idealperson or human being through a Hash code key.optical limiter [27], ideal analysis model [28] and idealmobile banking system [29]. The ideal system of anyIt is well known that we can improve thekind can be placed in mind, while improving theperformance of any system by comparing it with acharacteristics of practical devices/ systems and reachhypothetical, predicted system of that kind called Idealideal system or considered to be a pinnacle of success.system [15]. The word Ideal system refers to the systemSome of the ideal systems with respect towhich has utmost characteristics, which cannot beAuthentication System are listed in Table-1.SL.No1234567891011Table-1: List of Ideal components with respect to Authentication SystemIdealSystemComponents/ CharacteristicsIdeal SpeedThe time taken by the Automatic Verification orAuthentication System to authenticate the registered user.Ideal Data Transfer RateAny amount of data can be transferred from source todestination without any delay or within null unit of timeduration (In client Server Model)Ideal Signalling efficiencyThe quality of signal is 100% efficient in all aspects.Ideal Security100% protection of Registered user means no intrudercan able to break the system anyway.Ideal AvailabilityService can be available any part of the world anytime.Ideal BandwidthThe volume of Information per unit of time that a systemcan handle is unlimited or uncountable.Ideal False Acceptance RateThe percentage of system incorrectly classifies the inputpattern to an unregistered user is zero.Ideal False Rejection RateThe probability that the Authentication framework unableto identify a match between the authentic people isalways zero.Ideal Equal Error RateAcceptance and rejection mistakes are identical in thesystem and which is equal to zero.Ideal Failure to Enroll RateThe unsuccessful attempt made to enrol in database ortemplate of an Automatic Fingerprint IdentificationSystem by the input is zero.Ideal Accuracy RateBecause of False Rejection Rate and False AcceptanceRate is zero, the accuracy of the system becomes high.In this paper, a new Multifactor AuthenticationModel based on Fingerprint Hash Code, Password, andOTP is discussed. In this model fingerprint Hash code isused as index-key or identity key. Initially, the userloads static Fingerprint image and which is converted toHash Code through the programme. Later timesynchronized OTP is checked and verified and the lastAvailable Online: http://scholarsmepub.com/sjbms/password is prompted by the server and verified by theserver. Finally, the password is prompted and verifiedby the server. The remaining part of the paper isorganized as follows. Section 2 explains about ABCDModel. Section 3 describes Multifactor Authenticationmodel. Section 4 describes OTP generation. Section 5describes ABCD analysis of new Multifactor66

Krishna Prasad K et al., Saudi J. Bus. Manag. Stud., Vol-3, Iss-1 (Jan, 2018): 65-80Authentication Model. Section 6 identifies the criticalor analyzed using critical constituent elements. In theconstituent elements of these determinant factors.quantitative evaluation the use of ABCD frameworkSection 7 concludes the paper.[31], can be used to assign appropriate score or ratingfor each critical constituent elements, which iscalculated through empirical research. The final score isABCD Analysis FrameworkMany techniques are available in the literature,calculated and based on the score the new idea or newto investigate the individual characteristics, systemsystem or new strategy or new generation or new modeltraits, and effectiveness of an idea or concept, theor new concept can be accepted or rejected.effectiveness of a method to know its merits andConsequently, ABCD evaluation framework may bedemerits and also business value in the society. Theused as a research tool in these regions and is easy butindividual traits or organizational effectiveness &systematic study or analyzing method is essential fortechniques in a given surroundings may be studied thebusiness concept or systems or models or ideas orusage of SWOT analysis, SWOC evaluation, PESTstrategy evaluation [30-46].analysis, McKinsey7s framework, ICDT version,Portor's 5 force model and so on. Recently a new modelMultifactor Authentication Model Using Fingerprintis introduced to these analysis areas called ABCDHash Code, OTP, and Passwordanalysis framework [30], which is used for analyzingFigure-1 shows Dataflow Diagram ofbusiness concept, business system, new technology,Multifactor Authentication model used in this study.new model, new idea/concept etc. In the qualitativeInitially on the client side using an interface user loadsevaluation the use of ABCD framework, the new ideafingerprint image into the system. First, using Euclideanor new system or new strategy or new generation ordistance fingerprint image features are extracted, whichnew model or new concept is further analyzed studiedis explained in Section 3 and 4.Fig-1: Dataflow Diagram of Proposed Multifactor AuthenticationAvailable Online: http://scholarsmepub.com/sjbms/67

Krishna Prasad K et al., Saudi J. Bus. Manag. Stud., Vol-3, Iss-1 (Jan, 2018): 65-80These features are encrypted and sent to theserver. As soon as these features arrive at a server inencrypted form, the server receives that and request forOne Time Password from OTP generator. OTPgenerator is a module or function, which is located atserver machine. Time synchronized OTP is sent to theregistered mobile phone user. Client system prompts amessage to enter OTP, which is received to theregistered mobile phone of the user.Step-5: A 4 4 sized matrices of the randomnumber is generated.Step-6: Date and Time are converted intostring data type.Step-7: Random matrix is concatenated withDate and Time string.Step-8: Hash code of the input fingerprintimage is concatenated with result of Step-7.Step-9: Hash code is generated for combinedstring obtained from Step-8.Step-10: A random number is generatedbetween1 to 32.Step-11: If the random number is in between 1to 8 (including both) then extracts first 8characters ofthe Hash code of size 32characters generated in Step-8.Step-12: If the random number is in between 9to 16 (including both) then extract next 8characters (from position 9 to 16) of the Hashcode of size 32 characters generated in Step-8.Step-13: If the random number is in between17 to 24 (including both) then extract next 8characters from position 17 to 24) of the Hashcode of size 32 characters generated in Step-8.Step 14: If the random number is in between24 to 32 (including both) then extract next 8characters from position 24 to 32) of the Hashcode of size 32 characters generated in Step-8.The user enters that OTP through the clientinterface and this OTP is compared with servergenerated OTP at the server side. If OTP is verified,server requests for the password, the user enters thepassword through a client-side interface and enteredpassword reaches to the server. The server verifies theuser entered a password with the already storedpassword in its database. Since database password isstored in encrypted format. The password which isstored in the database in encrypted form and fingeruser-id hash code is encrypted one again to enhancesecurity.So if an intruder gets stored hash codes fromthe database, still authentication cannot becomesuccessful. If both password and Fingerprint Hash codematch them user is considered as an authenticated user.In other words authentication process successfullycompletes when OTP, Password, and Fingerprint Hashcode matches. If anyone out of Fingerprint Hash codeor Password does not matches user is considered anunauthorized user. If OTP not matches then the user isblocked from further steps in the authentication process.In this research study, this is not implemented as serverand client in different machines. The model of thisapproach is implemented on the same machine usingMATLAB 2015a.One Time Password GeneratorIn this research work, One Time PasswordGenerator is responsible for generating OTP. This is afunction located on the server. In this study, Timesynchronized OTP is generated by combining somefeatures. The time for which OTP is valid isadministrative specific, for simplicity we consider inthis work as 2 minutes. The algorithm for generatingOTP is explained below.Algorithm:Step-1: Generate the Hash code for inputfingerprint using MD5 Hash Function.Step-2: Extract system Date and Time.Step-3: Extract seconds separately.Step-4: Consider only integer part of theseconds.Available Online: http://scholarsmepub.com/sjbms/ABCDModelAnalysis of Multifactor AuthenticationMultifactor Authentication Model used in thisresearch work can be analyzed using ABCD AnalysisAithal, P. S. et al., [30], proposed ABCD analyzingframework to analyze a new model to observe andunderstand its effectiveness in imparting value to itsstakeholders. The ABCD analysis effects in anorganized listing of Business or new Model withadvantages, Benefits, constraints, and disadvantages ina systematic way or form. The complete framework isdivided into various issues, the area which new model isfocused. Various key properties and affecting the areaof the new model may be identified and analyzed undereach area of issues identified before.Later some of the critical constituent elementfor each identified issue is recognized and analyzed andwhich is shown in Figure 2. This method of analysis issimple and also offers a guideline to identify andexamine the effectiveness of the new model in thiscontext. As per ABCD analysis various determinantissues related to Multifactor Authentication Model forVerification/Authentication purpose are: (1) Securityissues, (2) User-friendly issues, (3) Input issues, (4)Process issues, (5) Performance Evaluation matrixIssues.68

Krishna Prasad K et al., Saudi J. Bus. Manag. Stud., Vol-3, Iss-1 (Jan, 2018): 65-80Fig-2: Block diagram of Issues affecting the Fingerprint Hash code, Password, OTP based MultifactorAuthentication Model(1) Security IssuesSecurity is very important in theAuthentication process. An ideal security refers that asystem which is impossible for an intruder to break orimpossible for the unregistered user to access thesystem. In the Authentication process, security referssafeguarding the user personal data used for theauthentication process, which includes, FingerprintHash code, Password, One Time Password (OTP). Theaffecting factors of Security issues include FingerprintHash code, Password, and OTP under key properties orlevels like user level, network level, and Database ortemplate level are determinant factors under theconstructs Advantages, Benefits, Constraints, andDisadvantages of the new model.input, Input Selectivity, Ubiquitous Data, Reliability,Usability, Efficiency, Input security and execution timeare determinant factors under the constructsAdvantages, Benefits, Constraints, and Disadvantagesof the new model.(2) User-friendly ion Model signifies that user should able toget access to the system effortless or easily withoutremembering anything or very minimum amount ofdata. The affecting factors under key properties likeResponse time, Access time, Automatic Process, Speed,and Availability are determinant factors under theconstructs Advantages, Benefits, Constraints, andDisadvantages of the new model.(5) Performance Evaluation matrix issues referall the performance evaluation matrices normally usedfor the authentication system. The affecting factorsunder key properties like False Acceptance Rate, FalseRejection Rate, Equal Error Rate, Failure to enroll rate,Accuracy Rate, and Execution are determinant factorsunder the constructs Advantages, Benefits, Constraints,and Disadvantages of the new model.(3) Input IssuesInput ensures that registered user should ableto get access to the system or authenticated with veryless or no input or automatically. The affecting factorsunder key properties like Minimum Possession, LeastAvailable Online: http://scholarsmepub.com/sjbms/(4) Process IssuesProcess Issues ensures that user should able tocomplete authentication process without any fault, fastand completely. The affecting factors under keyproperties like Atomicity, Consistency, Isolation,Availability, effort free, and High durability aredeterminant factors under the constructs Advantages,Benefits, Constraints, and Disadvantages of the newmodel.Each determinant issue has sub-issues calledkey attributes used for analyzing the advantages,benefits, constraints and disadvantages, the fourconstructs of the framework.The factors affecting the various determinantissues of Multifactor Authentication Model for each key69

Krishna Prasad K et al., Saudi J. Bus. Manag. Stud., Vol-3, Iss-1 (Jan, 2018): 65-80attributes under four constructs are derived by agroup method and are listed in Table-2.qualitative data collection instrument namely, focusTable-2: Analysis of Fingerprint Hash code, Password, and OTP-Multifactor Authentication Model forVerification DisadvantagesIssuesAttributesSecurityUserlevel Easy to secure using increases demand High Security of Acceptance by theIssuessecurity (For personaldevices CloudDrive, the Cloud Drive, userBiometriclike mobile phone, Mobile, Pen drive, USBdevice,Image-HashLaptop, USB drive, and laptopLaptop,andcode)and private cloudMobile Phone isdrivequestionableNetworkNonreversible, Customerfaith tampering of dataNetworkfailureLevelNo

authentication, (2) Biometric supported authentication, and (3) Knowledge supported authentication. Token supported authentication makes use of key cards, bank cards, and smart cards. Token supported authentication system sometimes uses kno

Related Documents:

Non Veh C4 C5 C6 C7 C8 Pred Normal IL-17 mRNA bcd acd abcd abc abd abcd abd abd abc 0.000 0.100 0.200 0.300 0.400 0.500 n h C4 C5 C6 C7 C8 P d l OD (IL-17 /-actin) (a) IL-17 Non Veh C4 C5 C6 C7 C8 Pred Normal-Actin IL-17 protein bcd acd abcd abcd abcd abcd abcd abd abc 0.000 0.040 0.080 0.120 0.160 n h C4 C

One-trill songs Two-trill songs Three-trill songs Totals i3BC Ab 13 12 9 7 4 2 1 48 AB ABC AbC AbCd aBC aBcD aBCd 5 ABC 2 AbCD 2 ABCd 1 ABcD 1 AbCDe 1 ABcDe 12 67 * Trills are represented by capital letters, and phrases by small letters. GENERAL DESCRIPTION OF THE SONG PATTERN

Given input {4371, 1323, 6173, 4199, 4344, 9679, 1989} and a hash function h(x) x mod 10, show the resulting: a. Separate chaining hash table. b. Hash table using linear probing. c. Hash table using quadratic probing. d. Hash table with second hash function h2 (x) 7 (x mod 7).File Size: 687KBPage Count: 18

CSci 335 Software Design and Analysis 3 Chapter 5 Hashing and Hash ablesT Prof. Stewart Weiss Hashing and Hash Tables 1 Introduction A hash table is a look-up table that, when designed well, has nearly O(1) average running time for a nd or insert operation. More precisely, a hash table is an array of xed size containing data

hash value ranges [256,1024), then the adversary needs to store all the hash values from 256-bit to 1024-bit (the hash value size can range between 256-bit and 1024-bit). It is computationally infeasible to store all such variants of hash values on a server. Moreover, a key can have (1024 256) 768 correct

hash es lo que se conoce como la "resis-tencia a la colisión". Esto es la capacidad del hash para que nadie pueda encon-trar dos entradas distintas que generen un hash idéntico. Por esta razón el hash es una herramienta para comprobar la autenticidad de las cosas. Descubriendo las claves de Blockchain

(c) Paul Fodor (CS Stony Brook) & Pearson Hash codes Hash codes: hashCodemethod is defined in the Objectclass The hash codes of two objects must be the same if the two objects are equal Two unequal objects may have the same hash code, but you should implement the hashCodemethod to avoid too many such cases API Java hashcode examples: hashCodein the Integerclass returns its intvalue

in high-security applications. SHA-2, using 256 and 512 bit hash functions is now recommended as the best hash function for normal use [14], but with the penalty of reduced processing speed. It is noted in [15] that performing a hash function with SHA-2 takes the same length of time as