Password

About: Password is a research topic. Over the lifetime, 35069 publications have been published within this topic receiving 389691 citations. The topic is also known as: pwd & p.

Automatic teller machine

Abstract: PROBLEM TO BE SOLVED: To provide an automatic teller machine which does not perform deposit and payment processing, especially payment of cash to a person who operates the automatic teller machine with his/her face hidden. SOLUTION: The automatic teller machine 100 has: a camera 106 which photographs an operator; an input part 202 which accepts an input operation by the operator; an authentication part 203 which performs authentication by input of a password from the input part 202 and does not authenticate the operator even when the password is correctly input according to a degree of exposure of the face of the operator photographed by the camera 106 as an authorized person and a deposit and payment part 206 which performs the deposit and payment processing of the cash according to the operation by the operator only when the operator is authenticated by the authentication part 203. COPYRIGHT: (C)2007,JPO&INPIT

Information providing system, information providing method, storage medium and program

Abstract: An information providing system capable of sending and receiving electronic data from a server in which the electronic data is registered includes a delivering unit for delivering electronic data registered in the server, a connecting unit for connecting a portable device possessed by an individual to a communication network for communicating electronic information, a sending unit for sending information for identifying an individual stored in the portable device, an authenticating unit for receiving the information for identifying an individual sent from the sending unit, and determining whether or not the delivering unit is available to a user, and a registering unit for receiving a password or ID information required when a user acquires electronic data by the delivering unit, and registering the password or ID information in the portable device possessed by. the individual.

Privacy information protection method and device as well as electronic equipment

Abstract: The embodiment of the invention discloses a privacy information protection method and device as well as electronic equipment. The method comprises the steps of when a system is in a screen-locking state or is started for the first time, receiving a system screen-locking password, and if the received system screen-locking password is the same as any system screen-locking password in a preset system screen-locking password set, entering the system according to a user scene mapped by the received system screen-locking password; if the user scene is a single instance scene, receiving an application lock password input for accessing to an application by a user; and if the input application program lock password is the same as any application lock password in a preset application lock password set, starting the access to the application according to a user account mapped by the input application lock password. By applying the privacy information protection method and device as well as the electronic equipment, the privacy information security can be improved.

Simple Group Password-based Authenticated Key Agreements for the Integrated EPR Information System

Abstract: The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

A Spoofing Attack against a Cancelable Biometric Authentication Scheme

Abstract: ID/password-based authentication is commonly used in network services. Some users set different ID/password pairs for different services, but other users reuse a pair of ID/password to other services. Such recycling allows the list attack in which an adversary tries to spoof a target user by using a list of IDs and passwords obtained from other system by some means (an insider attack, malwares, or even a DB leakage). As a countermeasure agains the list attack, biometric authentication attracts much attention than before. In 2012, Hattori et al. proposed a cancelable biometrics authentication scheme (fundamental scheme) based on homomorphic encryption algorithms. In the scheme, registered biometric information (template) and biometric information to compare are encrypted, and the similarity between these biometric information is computed with keeping encrypted. Only the privileged entity (a decryption center), who has a corresponding decryption key, can obtain the similarity by decrypting the encrypted similarity and judge whether they are same or not. Then, Hirano et al. showed the replay attack against this scheme, and, proposed two enhanced authentication schemes. In this paper, we propose a spoofing attack against the fundamental scheme when the feature vector, which is obtained by digitalizing the analogue biometric information, is represented as a binary coding such as Iris Code and Competitive Code. The proposed attack uses an unexpected vector as input, whose distance to all possible binary vectors is constant. Since the proposed attack is independent from the replay attack, the attack is also applicable to two revised schemes by Hirano et al. as well. Moreover, this paper also discusses possible countermeasures to the proposed spoofing attack. In fact, this paper proposes a countermeasure by detecting such unexpected vector.