Personal identifications are required to satisfy confidentiality, integrity, and availability. A password identification that one of the personal identifications is a memory-based personal identification which has not needed exclusive terminals, such as biometrics. However, password identification has 2 risks: (1) if an identification screen and keyboard input are peeped by someone, the password is leaked easier, (2) the long and random password that has strength of security is difficult to remember. This paper proposes that “PISFOC (Personal Identification System that Finding One person in Crowds),” a new memory-based personal identification system based on these problems. PISFOC is designed to have resistance to attacks that look into the identification screen and keyboard input. In addition, PISFOC’s user information that the user remembers and uses at the personal identification is easier than randomized 8 characters to remember. As a result of experiment measuring a resistance of visual hacking, attackers need 20 minutes at least to identify the user information. Furthermore, PISFOC’s user information is easier to memorize than randomized 8 characters.
抄録全体を表示