The aim of 3D password scheme is to propose and evaluate a new scheme of authentication. This scheme is based on a virtual three dimensional environment. Users navigate through the virtual environment and interact with items inside the virtual three dimensional environment. The combination of all interactions, actions and inputs towards the items and towards the virtual three dimensional environment constructs the user’s 3D password. The 3D password combines most existing authentication schemes such as textual passwords, graphical passwords, and biometrics into one virtual three dimensional environment. The 3D password’s main application is the protection of critical resources and systems.
Authentication is the process of validating who you are to whom you claimed to be. In general, there are four human authentication techniques:
- What you know (knowledge based).
- What you have (token based).
- What you are (biometrics).
- What you recognize (recognition based).
As explained above there are four different categories of authentication schemes.They are listed as following
Knowledge based schemes
Knowledge based techniques are the most widely used authentication techniques and include both text-based and picture-based passwords. The picture-based techniques can be further divided into two categories: recognition-based and recall-based graphical techniques.Many graphical passwords schemes like Pass-faces,DAS etc. have been proposed.
The strength of graphical passwords comes from the fact that users can recall and recognize pictures more than words. Using recognition-based techniques, a user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he or she selected during the registration stage. Using recall-based techniques, a user is asked to reproduce something that he or she created or selected earlier during the registration stage. Textual passwords are the most common authentication techniques used in the computer world. Textual password has two conflicting requirements,passwords should be easy to remember and hard to guess.
Shortcomings of knowledge based schemes is that it relies on precise recall of the secret information. If the user makes a small error in entering the secret, the authentication fails.The human limitation of precise recall is in direct conflict with the requirement of strong passwords. Most graphical passwords are vulnerable for shoulder surfing attacks, where an attacker can observe or record the legitimate users graphical password by camera.
Token based schemes
Token based techniques includes key cards, bank cards and smart cards. Many token-based authentication systems also use knowledge based techniques to enhance security. For example, ATM cards are generally used together with a PIN number. Shortcomings of token based schemes are Tokens are vulnerable to loss or theft. Moreover, the user has to carry the token whenever access required.
Biometrics based schemes
Biometric based authentication techniques includes authentication through fingerprints, iris scan, or facial recognition. The major drawback of this approach is that such systems can be expensive, and the identification process can be slow and often unreliable.
Attached report describes about the schemes, security analysis, experimental results and discusses conclusion and future works related with 3D Password.