A second look at the usability of click-based graphical passwords

Click-based graphical passwords, which involve clicking a set of user-selected points, have been proposed as a usable alternative to text passwords. We conducted two user studies: an initial lab study to revisit these usability claims, explore for the first time the impact on usability of a wide-range of images, and gather information about the points selected by users; and a large-scale field study to examine how click-based graphical passwords work in practice. No such prior field studies have been reported in the literature. We found significant differences in the usability results of the two studies, providing empirical evidence that relying solely on lab studies for security interfaces can be problematic. We also present a first look at whether interference from having multiple graphical passwords affects usability and whether more memorable passwords are necessarily weaker in terms of security

Gathering realistic authentication performance data through field trials

Most evaluations of novel authentication mechanisms have been conducted under laboratory conditions. We argue that the results of short-term usage under laboratory conditions do not predict user performance “in the wild”, because there is insufficient time between enrolment and testing, the number of authentications is low, and authentication is presented as a primary task, rather then the secondary task as it is “in the wild”. User generated reports of performance on the other hand provide subjective data, so reports on frequency of use, time intervals, and success or failure of authentication are subject to the vagaries of users ’ memories. Studies on authentication that provide objective performance data under real-world conditions are rare. In this paper, we present our experiences with a study method that tries to control frequency and timing of authentication, and collects reliable performance data, while maintaining ecological validity of the authentication context at the same time. We describe the development of an authentication server called APET, which allows us to prompt users enrolled in trial cohorts to authenticate at controlled intervals, and report our initial experiences with trials. We conclude by discussing remaining challenges in obtaining reliable performance data through a field trial method such as this one

Attribute Based Secure Data Retrieval System for Decentralized Disruption Tolerant Military Networks

There are partitions in military environments such as a battlefield or a hostile region.They are likely to suffer from intermittent network connectivity.They having frequent partitions. Disruption-tolerant network DTN technologies are is a true and easy solutions.DTN is a Disruption-tolerant network.It allow devices which are wireless and carried by peoples in a military to interact with each other.These devices access the confidential information or command reliably by exploiting external storage nodes. In these networking environments DTN is very successful technology. When there is no wired connection between a source and a destination device, the information from the source node may need to wait in the intermediate nodes for a large amount of time until the connection would be correctly established.one of the challenching approach is a ABE.that is attribute-based encryption which fulfills the requirements for secure data retrieval in DTNs. The another concept is Cipher text Policy ABE (CP-ABE).it gives a appropriate way of encryption of data. the encryption includes the attribute set that the decryption needs to possess in order to decrypt the cipher text.hence, Many users can be allowed to decrypt different parts of data according to the security policy