Journal of Innovation in Computer Science and Engineering
  • Year: 2016
  • Volume: 5
  • Issue: 2

Secured Activity Based Authentication System

  • Author:
  • Y Ragavendra Rao1, G Annapurna2, Ch Ravindra2, T Janrandhan Rao3
  • Total Page Count: 4
  • Page Number: 1 to 4

1California University of Management & Science, USA. Email: gummadiannapurna@gmail.com

2Research Scholor, KL Univesity, Guntur, Andhra Pradesh, India. changalaravindra@gmail.com

3Associate Professor, Department of Information Technology, Guru Nanak Institutions Technical Campus, Hyderabad, Telangana, India. gnijanardhan@gmail.com

Online published on 27 June, 2017.

Abstract

One of the most imperative topics in information security today is user authentication & authorization. In today's insecure information world any login activity must be secure from hackers who can access the authorized system in an unauthorized manner. Authentication is protecting any system from unauthorized access. Current authentication mechanisms suffer from many flaws. With the express growth of internet and its usage, there is probability for hackers to obtain the textual passwords with ease because most of the users choose their textual passwords which are usually the common words from dictionary or phrases from day to day life; which can be easily obtained by shoulder surfing attack or by guess. To overcome the shoulder surfing attacks we propose an idea that makes use of activity based secure login mechanism which is a pre-defined collection of activities. In activity based login the user needs to select the activity for each login attempt after entering user name and password which is predefined by the user during sign up process. Though the text password is known to the unauthorized user he/she will not be able to login because the unauthorized user is not aware of activity that should be chosen for the current attempt. The user should choose the activity from the activity list as per login attempt. The user may be allowed to choose any number of activity types and any number of activity objects in each activity type during the registration. In the initial development phase of the proposed idea we plan to choose only on activity type and three objects of that activity type.

Keywords

Authentication, Authorization, Activity-Type, Activity-Object