Simple Authentication Technique for Session Management Using Odd and Even Pair of Random Text and Color Password in Cloud Computing

Abstract

While some legal challenges in cyberspace have started to become clearer, the use of cloud computing and hosted applications adds a new dimension of legal risk. Compliance, privacy, and security problems are compounded by the use of remote, distributed services operated by third parties. Businesses employing these new technologies must look a new at their online risk, and learn how to assess and manage it. Authentication is the first line of defense against compromising confidentiality and integrity. Though traditional login/password based schemes are easy to implement, they have been subjected to several attacks. Textual-based password authentication scheme tends to be more vulnerable to attacks such as shoulder surfing and hidden camera. To overcome the vulnerabilities of traditional methods, visual or graphical password schemes have been developed as possible alternative solutions to text-based password schemes. Because simply adopting graphical password authentication also has some drawbacks, schemes using graphic and text have been developed. In this paper, we propose a hybrid password authentication scheme based on equal number of Random color and text. It uses color and text on the grid as the origin passwords and allows users to login with text passwords via traditional input devices. The method provides strong resistant to hidden-camera and shoulder-surfing. Moreover, the scheme has high scalability and flexibility to enhance the authentication process security. The analysis of the security level of this approach is also discussed.