請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/37778
標題: | 使用者可定義之肩窺抵禦通行機制 User Defined Pass Mechanism with Shoulder-Surfing Resistant Functionality |
作者: | Wen-Feng Yang 楊文鋒 |
指導教授: | 鄭士康(Shyh-Kang Jeng) |
關鍵字: | 圖形密碼,肩窺問題,身分認證,側錄問題,鍵盤記錄器,使用者可定義通行機制, Graphical Passwords,Shoulder Surfing Problem,Authentication,Keyboard Logger,User Defined Pass Mechanism, |
出版年 : | 2008 |
學位: | 碩士 |
摘要: | 從1990年末開始有人開始思考文字通行碼(Textual Password)之外的替代方法,以彌補文字通行碼的不足之處,諸如文字記錄器的側錄問題、字典檔的攻擊問題。這其中被討論最多的且最具代表性的或許就是圖形化密碼(Graphical Password),因其獨有的一些特性使被側錄的難度大幅提高,進而增加了某些方面的安全性。在此論文中,我們首先回顧現存的通行機制與什麼是肩窺(Shoulder Surfing)問題的核心本質,進而分析目前存在各式各樣可抵禦肩窺的認證機制,並比較其異同優劣之處。另外對於目前許多關於肩窺發表的文章之盲點提出了次肩窺抵禦(偽肩窺抵禦)的概念。最後提出幾套具肩窺抵禦功能的使用者可定義通行碼機制,並比較其與現存的其他方法之優劣。此篇論文中,我們也同時提出了使用者可定義通行機制的許多優勢。此篇論文所要討論的則不包含生物特徵(Biometric Based Authentication)等包含個人特定身份資訊或實體裝置(Token Based Authentication)的認證方式;而專注在知識基礎認證 (Knowledge Based Authentication) 的討論。 From the late 1990’s, researchers have dedicated to find the alternative authentication methods for Textual Password to solve the many shortcuts in it such as the keyboard logger and dictionary attack threats. Among many of these methods, the most represented one might be graphical password. Based on some of the specific qualities of it, the security level increases. In this thesis, we first review many related authentication method now presented and what shoulder surfing problem is, analyzing them and their difference. In the awareness of nowadays misuse of the word ‘shoulder surfing resistant’, we presented ‘sub shoulder surfing resistant’ concept. In last, we present a user defined pass mechanism authentication method and compare it to the many methods now existed. We also explain what user defined pass mechanism’s advantage is. What we are going to discuss in this thesis does not contain those bio-authentication method containing person-to-person variant information. The most widely discussed and most representative method might be Graphical Password since some of its unique features make logging more difficult for mal-intention attackers. |
URI: | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/37778 |
全文授權: | 有償授權 |
顯示於系所單位: | 電機工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-97-1.pdf 目前未授權公開取用 | 593.15 kB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。