A biologically inspired password authentication system


Password authentication is very critical for secure access to computing systems/servers as it verifies the identity of users and processes. Most authentication systems use some form of Positive Authentication (PA) to identify legitimate users. Specifically, these systems use a password profile containing all of the user passwords that are authorized to access the system (or the server). The negative counterpart (non-self/anti-password space) represents strings that are not in the password file (which can possibly be exploited by hackers using password guessing or cracking tools). This paper describes a biologically-inspired authentication technique based on the negative (anti-password) concept. The goal is to keep the anti-password checking as the first line of authentication (invisible to users) and be kept in a separate machine (probably outside the secure perimeter), while the PA system should be inside the highly secure region.Copyright © 2009 ACM.

Publication Title

ACM International Conference Proceeding Series