I have developed a graphical password technique to over come weakness we face with text password such as shoulder surfing attack, dictionary attack etc. I have implemented the technique in php used mysql and html. I want to know where this technique lies in the big picture of network security and network communication.
我已经开发了一种图形密码技术来克服我们面对的弱点,如文本密码,如肩膀冲浪攻击,字典攻击等。我已经在php中使用mysql和html实现了这项技术。我想知道这种技术在网络安全和网络通信的大局中所处的位置。
If i assume pre shared key for encryption and my proposed graphical password for authentication, can I call it together Application layer protocol ? If yes why and if no Why not?
如果我假设加密的预共享密钥和我提出的用于身份验证的图形密码,我可以将它一起调用应用层协议吗?如果是,为什么,如果没有为什么不呢?
and how this scheme related to authentication protocols (mutual and one way authentication) and kerberos? Thank you in advance
以及该方案如何与认证协议(相互和单向认证)和kerberos相关?先感谢您
1 个解决方案
#1
Such logging technique need to be put at the operatingSystem logon screen, where user logs into his/her account, by implementing custom credentials provider. To find out how you may read very good resources listed at Documentation for creating a Custom Credential Provider in Windows
需要将此类日志记录技术放在operatingSystem登录屏幕上,用户通过实现自定义凭据提供程序登录到他/她的帐户。要了解如何阅读文档中列出的用于在Windows中创建自定义凭据提供程序的非常好的资源
During this logon system creates a Kerberos TGS ticket and stores it in Kerberos cache. Afterwards, once user is logged in to her/his account and opens a webpage with SSO, a browser uses underlying mechanisms, which (using this TGS ticket from cache) obtain for the browser a Kerberos service ticket, which browser uses to log into a website.
在此登录系统期间,会创建Kerberos TGS票证并将其存储在Kerberos缓存中。之后,一旦用户登录到他/她的帐户并打开带有SSO的网页,浏览器就会使用底层机制(使用此缓存中的TGS票证)为浏览器获取Kerberos服务票证,该浏览器用于登录网站。
#1
Such logging technique need to be put at the operatingSystem logon screen, where user logs into his/her account, by implementing custom credentials provider. To find out how you may read very good resources listed at Documentation for creating a Custom Credential Provider in Windows
需要将此类日志记录技术放在operatingSystem登录屏幕上,用户通过实现自定义凭据提供程序登录到他/她的帐户。要了解如何阅读文档中列出的用于在Windows中创建自定义凭据提供程序的非常好的资源
During this logon system creates a Kerberos TGS ticket and stores it in Kerberos cache. Afterwards, once user is logged in to her/his account and opens a webpage with SSO, a browser uses underlying mechanisms, which (using this TGS ticket from cache) obtain for the browser a Kerberos service ticket, which browser uses to log into a website.
在此登录系统期间,会创建Kerberos TGS票证并将其存储在Kerberos缓存中。之后,一旦用户登录到他/她的帐户并打开带有SSO的网页,浏览器就会使用底层机制(使用此缓存中的TGS票证)为浏览器获取Kerberos服务票证,该浏览器用于登录网站。