Vishwakarma Institute of Technology, Pune-37.

Token Based Authentication System
Software Project Synopsis

27/09/2011

Approvals Signature Block

Project Responsibility V.S.BABANNE

Signature

Date 28-9-2011

Department of Computer Engineering

....... Tokens and cards) and universal identity (i..... These solutions make cheaper and flexible strong authentication for user as well as for the service provider and reduces worry of carrying extra hardware for identification only.. Strong authentication is an approach to extend security level and try to achieve security requirement....... These are the way to prove that......... CONTEXT . 1....2 1.... People like to store passwords into diary or take common password for all... three universally recognized philosophy are used for digital identification: what we know (i. CONTEXT The enrichment of Internet.. The resistance behind security token is......... which is easy to guess and remember. 2 v....... 3... recent work has been done on the field of virtual identification approach (i..... solutions rely on “static password” to establish trust and verify user authenticity........e................. trying to access the account is authentic... online services... these are susceptible for password leek..... server synchronization and worry to carry multiple tokens for multiple solutions. These virtual tokens not only help to reduce extra cost but also overcome the problem of remembrance and keeping the token. Static passwords are known as one of the easier target for attackers....Project Synopsis Table of Contents 1..... Sometime user derive password from what they have in there mind............... which requisite digital identification for making proof of authenticity..............1 SOLUTION ...1 PROBLEM ........ Biometric characteristics). government portals..................... information portals are replacing the traditional way of working and the communication. social networking sites.... [1] Most of the solutions comprise personal details.... Currently..... business solutions.......... application and mobiles phones........ further biometric readers are very costly and not feasible for web applications..... password).. @my$sit13*) is tiresome to remember and demands hard time to handle it........ mail system could be great solution............. Authentication helps to establish proof of identity. Strong password (i............. Identification and authorization is the key requirement of security.... operational credits.. exchanging or selling products or services but also important to maintain decency of information and system. 2.e.. User chooses password............ Security tokens are great way to make strong authentication and ascertain runtime interaction to increase identification strength.. 2.....e..... relevant information or common for all authentication process.. Today...... There is no clear definition for strong authentication.e. certified information or services........... to address the strong authentication and replace security token... the user..... It is also important to establish network and communication between PCs............ what we have (i.......... Security is not only meant for buying............0 2006 ...... Accordingly.............. virtual token)..e................. PROBLEM The concept of security is not only important but mandatory to the success of digital solution. In order to extend authentication strength and make work more flexible and strong... servers. cost...........

which offers access to a system. and then you might present your token and ask Server X to perform some user-specific action. 4. SOLUTION A token is a piece of data which only Server X could possibly have created. profile study and many more. Allow users to enter their username and password in order to obtain a token which allows them to fetch a specific resource . It consists of the following elements: 1. 3. If you decide to go and create your own token system. 3. The server help to generate mail to send dynamic password to the user. Visitor password register (VPR) is a temporary register used to store username and dynamic password for current session.0 2006 . Furthermore. 2. These study conclude that. surfing. predicting. The general overview of strong authentication is shown. The general concept behind a token-based authentication system is simple. Once their token has been obtained. Tokens are created using various combinations of various techniques from the field of cryptography as well as with input from the wider field of security research. 1 6 6 User Account 5 Networ k Server VPR Database User 7 8 9 4 2 Application 4 3 Password Algorith m 3 v. and which contains enough data to identify a particular user. and common techniques can be used. brute forcing .without using their username and password. User is the key element. Password algorithm is the proposed algorithm design to generate dynamic password for each digital identification process. wants to get access of application and connect with application or node with any network technology. the user can offer the token . You might present your login information and ask Server X for a token. work demand an interactive security process which should be variant in each identification. eavesdropping.Project Synopsis Weak authentication scheme may cause to exploit access level vulnerability and liable for information leek. 1. you had best be really smart. Attack methods are generally unique to the targeted application or system. Attacker have multiple option to steel passwords like spoofing.

Password algorithm is derived to generate dynamic password for token authentication. access would be granted. work starts with the review of current schemes and explores the security architecture for strong authentication with token. Now application will store this dynamic password into VPR. 4 v. 1. Thereafter. After getting positive verification. 9. Application server will look out user’s existence from database and find its authorization. 7. The user makes a URL request and sends its general identity (i. Then it gives identification request with user name and dynamic password. 3. 2.Project Synopsis The sequence of events during the strong authentication is as follow: 1. In order to establish standard for token. it describes the various test cases and evolutionary result of various attacks on suggested schemes. At the end. Now. Afterwards. server verifies the given password with stored one form VPR. Thereafter explore various authentication mechanisms to implement token on different prospective. user id & static password) to the application server.0 2006 . user retrieves the dynamic password from mail. 4.e. 8. 6. it sends password request & static password to the password algorithm to generate dynamic password for particular user. 5. Thereafter server send dynamic password to the user Via network.

75947.9438890288250 4 :80789403907907:8073.3/.344    !.3/.8$07..07  94 5071472 8420 :807 850..439./0391. 902547.3/ 5./-089-070. 7084:7. 4.7 708907 :80/ 94 89470 :8073.9434734/09.70 0307..9403 -.8847/147..20..9.08/74553 -7:90147.07 .943  %4038 .9..70.0 41 89743 .:797080.943 00  :79072470  99.8847/    &807 55.42-3.8847/  3.3/ ..943 .80 $07.70 .8847/ ..42243 90.3/.943..43$07.943 8 843  9 ..2.3/ .-..943 479    &807 2   .90 /3.. 2094/8 ..5.5.7.-0 147 31472.411078..8847/ 708907 '!#  8 .943 47 88902  . 94 /0391 .84:/-0.88902     $ &%  94038.4:/5488-.90/ . 14:/0.:307.48902 94 109.1.088 0..2.-9. 850..088.79.0.4792 8 90 5745480/ .8847/9490:807    '8947 5.3/ .2../0944.74:890.:9039.4:39       0947  .3/9034:2957080394:79403.3 3907...4330.904:7439403 88902 4:. .3930.041/.943574./0391.0 907 9403.3/ 2.8847/8 0854413 8:713 0..3/ .36:0817429010/41.3  570/.07.0  94:9 :83 907 :8073.088 41 ..:9039. 5..93  57410 89:/ ..30/ 90:807.088   %0807.38 034: /.5.!740.70.4792 /083 94 0307.3/ /3..74:8 .9 9 .82.:77039808843          !...55.0 .55.07147.9  47 /02./9.3.55.3 2470  %080 89:/ .50.79   %0 0307.:.90/ :83 ..8847/ 1470.20 .94803//3.80.059-03/.80/.9403.    .36:08 .9$34588 0.8 $07.:9039.:/0 9.0705940307.7.8847/347/07944-9...9.70.341107909403 .43.20 .943   %00307..8-0034-9..020 2. ..3 -0 :80/  99.07 '!#       .07. 5.7090/ .:80940549.:79574.. :36:0 94 90 9.943 8..1.9403.0 2:950459439489005.9.08894.438898 41 90 14430020398   &807 8 90 0 002039 .3/ ..8935:9 174290/0710/4180.943841.3/5.902.43. .33094790.080..398 94 09 .7 :807  4: 29 5708039 4:7 43 31472.

:947.190705470.0410.1907807.3/0.8847/.8847/   4 807.041.55.8847/989470/4301472'!#   190709935489.0398/:739089743.8847/94905.7-0890.47928/07.9..3/ 803/8 98 0307.:9039.5.4:943.0/940307.5..74:8.30947   1907.5.:79.9.9$34588 %0806:03.9.74:8.071.0 1742 /.1907 9803/85.0208     .8847/9490:807'.90.0890/3.943706:0899:8073..7/8 :80770970.55.07  44 4:9 :807 8 08903.2.:9039.7708:941 .943807.9.07.90/3.2..79.07803//3. /0399  0  :807 /  89.3/0547089080.   %039.5.8847/1475.:9039.99.035..390/  347/0794089.3/..8847/706:089 89.:.9438947098/3.9438.2.9:7014789743.20.-889.07    55...8847/.2.74:89089.943  %070.-.479294 0307.    .80 .3828942502039940343/1107039 574850.7:807   4.. 5..0208..5..2.0884:/-07.8847/1479403.5.7..08/0391.5.943 807.943   %070.943 .2..8847/394'!#   %070.808.08 .94320..0.0710890.94399403  !.7/1479403 4789.:9039...8847/17422.90/3.0 99003/ 9/08.!740.3/ 13/ 98 .8438:0890/8.3//3.79899070. &# 706:089 .8847/ 9490.8144   %0 :807 2.:77039 8.

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.