Computer Science ›› 2015, Vol. 42 ›› Issue (6): 145-150.doi: 10.11896/j.issn.1002-137X.2015.06.032

Previous Articles     Next Articles

Risk Analysis and Countermeasure for User Password Authentication in Big Data Environment

FU Yong-gui and ZHU Jian-ming   

  • Online:2018-11-14 Published:2018-11-14

Abstract: Authentication is one of the basic service for information security,and password authentication is the most common authentication method,but currently there is much risk in setting user password.On the basis of analyzing the current setting user password problem,we presented user password protection’s offensive-defensive game model in big data environment,and pointed attacker could improve ability for deciphering user password with big data analysis technology.However,for user to ensure security or reduce risk,more effective password,identity cross-certification techno-logy or dynamic track user access information system behavior technology,as well as lower big data analysis cost are needed.Countermeasure was presented and user data portrait thinking was used to establish information system user identity cross-certification model in big data environment.Validity of model was verified through simulation experiment.

Key words: Big data,Password authentication,Risk analysis,Data portrait,Identity cross-certification model

[1] 李海健.CSDN:互联网服务端近80%密码库可破解[J].移动通信,2012(Z1):112 Li H J.CSDN:nearly 80 percent of password databases can be cracked in internet server[J].mobile communication,2012(Z1):112
[2] 杨汛,王珑锟.泄密用户七成未改密码[N].北京日报,2012-01-12(14) Yang X,Wang L K.seven tenths leaked users unchanged password[N].Beijing Daily,2012-01-12(14)
[3] Hong J,Reed D.Passwords Getting Painful,Computing StillBlissful[J].Communications of the ACM,2013,6(3):10-11
[4] 魏为民,陈为召,李红娇.国内网络用户密码分析[J].上海电力学院学报,2013,9(6):584-587 Wei W M,Chen W Z,Li H J.domestic network users password analysis[J].electronic college journal of shanhai,2013,9(6):584-587
[5] Cheswick W.Rethinking Passwords[J].Communications of the ACM,2013,6(2):40-44
[6] Brown A S,Bracken E,Zoccoli S,et al.generating and remembering passwords[J].Applied Cognitive Psychology,2004,8(6):641-651
[7] Zviran M,Haga W J.password security:an empirical study[J].Journal of Management Information Systems,1999,5(4):161-185
[8] AI-Jarrah M M.a multi-factor authentication scheme using keystroke dynamics and two-part passwords[J].International Journal of Academic Research,2013,5(3):98-102
[9] Gyorffy J,Tappenden A,Miller J.Token-based graphical password authentication[J].International Journal of Information Security,2011,0(6):321-336
[10] Nguyen T A,Zeng Y.A vision based graphical password[J].Journal of Integrated Design and Process Science,2010,4(2):43-52
[11] Mannan M,van Oorschot P C.Leveraging personal devices for stronger password authentication from untrusted computers[J].Journal of Computer Security,2011,9(4):703-750
[12] 邹静,林东岱,郝春辉.一种基于结构划分概率的口令攻击方法[J].计算机学报,2014,7(5):1206-1214 Zou J,Lin D D,Hao C H.a password attack method based on structural division probability[J].Chinese journal of computers,2014,7(5):1206-1214
[13] 徐迪威.大数据与科技管理[J].科技管理研究,2013(24):216 Xu D W.Big Data and Technology Management[J].Technology Management Research,2013(24):216
[14] 董杨慧,谢友宁.大数据视野下的数据泄露与安全管理[J].情报杂志,2014,3(11):154-158 Dong Y H,Xie Y N.Data Disclose and Secure Management in Gig Data Vision[J].Information Magazine,2014,3(11):154-158
[15] 朱建明,宋彪,黄启发.基于系统动力学的网络安全攻防演化博弈模型[J].通信学报,2014,5(1):54-60 Zhu J M,Song B,Huang Q F.Evolution Game Model of Offense-defense for Network Security Based on System Dynamics[J].Journal on Communications,2014,5(1):54-60
[16] 黄启发,朱建明,宋彪,等.社交网络用户隐私保护的博弈模型[J].计算机科学,2014,1(10):184-189 Huang Q F,Zhu J M,Song B,et al.game model of user’s privacy-preserving in social networks[J].Computer Science,2014,1(10):184-189

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .