WANG Jun

DOI: https://doi.org/10.3969/j.issn.1009-3044.2012.23.013

2012-01-01

Abstract:Along with the social informatization is getting higher and higher,the data stored in the DBMS to security requirements are also gradually improve.Systems generally will require the user to input the password,that is,by setting a password to protect the security of the database.It’s talking about commonly used methods of password analysis about database encryption.It’s obvious that encryption algorithm has been greatly enhanced in the new version through to the contrast analysis between an encrypted database of Access 2003 and an encrypt ed database of Access 2010,improved the password security of Access 2010.

Ping Wang,Ding Wang,Xinyi Huang

DOI: https://doi.org/10.7544/issn1000-1239.2016.20160483

2016-01-01

Abstract:Identity authentication is the first line of defense for information systems ,and passwords are the most widely used authentication method .Though there are a number of issues in passwords regarding security and usability , and various alternative authentication methods have also been successively proposed , password‐based authentication will remain the dominant method in the foreseeable future due to its simplicity ,low cost and easiness to change .T hus ,this topic has attracted extensive interests from worldwide researchers ,and many important results have been revealed .This work begins with the introduction of users’ vulnerable behaviors and details the password characteristics ,distribution and reuse rate .Next we summarize the primary cracking algorithms that have appeared in the past 30 years , and classify them into groups in terms of the difference in dependence on what information is exploited by the attacker .Then ,we revisit the various statistical‐based evaluation metrics for measuring the strength of password distributions .Further ,we compare the state‐of‐the‐art password strength meters .Finally ,we summarize our results and outline some future research trends .

王晓峰,王尚平,秦波

DOI: https://doi.org/10.3969/j.issn.1006-4710.2002.03.011

2002-01-01

Abstract:The information encryption methods and ideas of database system are discussed. The methods of database encryption based on files or records or fields and on subkey are analyzed and the database encryption technology that generates subkey is introduced. It is proposed to apply the theory of private homomorphism to encrypt the database important or sensitive information,thus realizing direct operation of encrypted message.

Dong Yan

2012-01-01

Abstract:A distributed database as database system and computer network organically,become the Internet under the environment of information resources sharing and application core,its important safety problems.According to the safety of distributed database system requirement,in the analysis of system structure and safety factor of the foundation,on the security policy and security mechanism of the identity authentication,communication security,access control,library,encryption,password system and key management,distribution affairs management,audit tracking,fault recovery,etc were analyses.

Xiuli WANG

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.12.007

2015-01-01

Abstract:For the serials of massive password leaks, an attacker can obtain user password more and more easily. Using the real password which relfecting user behavior tendency, an attacker can greatly improve their attack efifciency. Password creation policy which was used for restrict user behavior is an important means to improve user password security. It enable password set by the user tending to be uniform in the overall spatial distribution in order to improve resistance to guess and attack the user's password. Based on a large-scale data set, this paper makes a quantitative analysis on domestic user password security and memorability, thus puts forward to create the rules that according to the behavior of the user setting password and password history which dynamically constraints the user's behavior. The password should comprise at least seven numbers if using a digital password. The number of password characters is not six or eight if using uppercase and lowercase combination. The length of uppercase and special character combination should be nine. The password is good in both high safety and high memorability if respectively using lowercase, uppercase and lowercase combination, and uppercase and special character combination. The threshold of password memorability and safety is 14.21 and 19.17 respectively. The password should conduct dictionary check. The experimental results show that, under the constraint of the password creation rules, user password has the advantages of high safety and high memorability.

Deyu ZHANG,Lian XU

2013-01-01

Abstract:Authentication as a first line of defense to protect network security,has been widely used in a variety of systems. On the basis of analysis of the shortcomings of traditional dynamic password authentication method,an improved Two-way dynamic password authentication method is proposed to implement mutual trust by increasing a Two-way authentication function,so it can prevent the personating attack. In addition,it adopts small computational calculation methods,which is easy to be accomplished,and it can be applied to the distributed network environment.

Zhang Degang,Dai Guanzhong,Liu Hang,Shi Feng,Zhang Zhen

DOI: https://doi.org/10.16526/j.cnki.11-4762/tp.2008.11.020

2008-01-01

Abstract:This paper introduces a high security mechanism for key management to solve the problems,which are derived by key exposure and exploit of traditional database storage.In this mechanism,random encryption key,asymmetric encryption algorithm and one-time key for database encryption are used to ensure the key's safety in generation,storage,backup and recovery.The safety analysis demonstrates that,this mechanism can keep key secure,protect key from being obtained illegally,recover key securely when necessary,and be worthy of being popularized.

WANG Liuping,HU Yiping,WANG Jun,ZHANG Long,LIU Yang,XU Min

DOI: https://doi.org/10.3969/j.issn.1006-4052.2011.24.061

2011-01-01

Abstract:It is the biggest security problems of the database that directly accessing to the database bypassing the management system,or using OS tools to steal or tamper with the contents of the database file.Encrypting sensitive data of the database is one of the most effective ways to solve these problems.This paper introduces a method of solving database security problem base on middleware between the inside and outside of the database.

He Daojing,Yang Xiao,Wu Yu

2018-01-01

Abstract:The invention discloses a semantic transformation-based password enhancing method. The method comprises the following steps of: command blacklist matching: matching a password submitted by a user withan existing password blacklist; password strength assessment: assessing the strength of the password through comparing a generation probability for calculating user passwords with a set probability threshold value; password segmentation: segmenting the password into a plurality of fragments after carrying out semantic analysis on weak password; and password semantic transformation and enhancement: transforming the password fragments through a predefined transformation algorithm to ensure that the enhanced password and the original password has certain similarity. According to the method, theusers are fundamentally enabled to use fewer weak passwords through using a blacklist technology, and algorithms such as password strength assessment and semantic analysis and segmentation are used, so that the password availability is ensured, the password strength is improved, the guessing attack defensing ability of the passwords is strengthened and the password safety is improved.

Han Yu,Xiamu Niu,Duohe Ma,Changxiang Shen

DOI: https://doi.org/10.1109/iih-msp.2006.153

2006-01-01

Abstract:The security of a system not only depends on the quality of the encryption algorithm it used, but also on the mechanism of key management. Traditional method layered key management is complex and inefficient for a database encryption system as well. In this paper, we apply Java Card to the database encryption system to solve the problem of key management and access control. By fully utilizing the cipher support of Java Card and its advantage of safe storage and portability, the complexity of layered key management is reduced. This paper also proposes a double-factor based indemnification, access control and data transfer scheme for the database encryption system based on Java Card. The most prominent advantage of our scheme is to enhance both efficiency and reliability of the system. Security analysis and simulation experiment is also given for supporting its validity.

Han YU,Liang ZHAO,Wei-jun XU,Xia-mu NIU,Chang-xiang SHEN

2005-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Encryption is an effective method to enforce data security. However, traditional database encryption method usually jeopardizes the functionality of a database or fails to meet the security requirement. This paper puts forth a new database encryption scheme with field-level granularity, which utilizes random number to retransform encryptions keys. A viable cipher indexing algorithm is also used to reduce the workload of the security plug-in installed on the client side and consequently guarantee the performance of the encrypted database.

王崇霞,朱艳琴

DOI: https://doi.org/10.3778/j.issn.1002-8331.2010.18.023

2010-01-01

Computer Engineering and Applications Journal

Abstract:The dynamic password user authentication mechanism is an important aspect of the authentication technology development.On the basis of analyzing two protocols,SAS-2 and 2GS,this paper proposes a more secure dynamic password user authen-tication protocol.The new protocol not only can effectively resist the stolen-verifiers attack in SAS-2 protocol,but also can conquer the refused service attack and realize two-way authentication,which is impossible in 2GS protocol.Thus,it can protect user's identity and improve network security.

DONG Ping

DOI: https://doi.org/10.3969/j.issn.1007-1423-B.2005.03.022

2005-01-01

Abstract:The security of user's password is the key point to the database safe. For database application programs it's particularly important to maintain user's password dynamically.In order to make the database more safe and more reliable this paper puts forward the method to maintain the database user's password automatically and adopts multiple cryptograph algorithms .

Jing Zou,Dongdai Lin,Guo-Cui Mi

DOI: https://doi.org/10.1109/icmlc.2011.6016851

2011-01-01

Abstract:Due to the parallel nature of brute force attack, it is well suited to use parallel or distributed computing to recover passwords encrypted by one-way hash functions. When distributing the password cracking task between threads or nodes, it is necessary to divide the search space into several subspaces. It is ideal that the size of these subspaces is the same for a load balanced solution. However, increasing the length of passwords will raise the number of combinations exponentially. This will raises issues for the search space uniform partition. This paper presents a universal distributed model for password cracking capable of dividing the search space evenly. For this, the paper addresses the definition of a base-n-like number, and discusses operations on it and relations with base-n number. The model is data independent, easily implemented and needs a few of communications. Experimental results are then shown.

王德强,张锐,谢立,宋娇

DOI: https://doi.org/10.3969/j.issn.1002-137X.2002.12.004

2002-01-01

Computer Science

Abstract:Being an important part of Information System, Database Security has absorbed much attention fordecades. First, we bring forth the Database Security's contents, properties of data: sensitivity, integrity and availabil-ity. Several access control models to guarantee these properties are described in this paper. Due to the challengesbrought by advanced DBMSs such as OODBMS and ADBMS, we also discuss some security topics in these fields. Atthe end of this paper, the encryption control and inference control are reviewed together with some trend of thedatabase security technology in the future.

YUAN Chun,WEN Zhen-kun,ZHANG Ji-hong,ZHONG Yu-zhuo

DOI: https://doi.org/10.3321/j.issn:0372-2112.2006.11.023

2006-01-01

Abstract:Researchers on security database concern more and more the security threats from DBA(database administrator),for its resulting in increasing crime to internet commercial databases which exist in the mode of ASP(Application service provider) recently,and its theoretic and technical hardness.Traditional access control could not provide enough security for the purpose,cryptographic security database becomes a promising scheme favored by its computing complexity of mathematical difficulties.We analyse various and up to date security threats to distributed database application systems,and give an overview for cryptographic access control and encryption database technology.Each class and approach is described and evaluated with its cryptographic principle,algorithm characters and positive and negative performance.We focus on the term of cryptanalysis of the schemes,which is considered the crucial points of the technology.

Zhang Zhen,Dai Guanzhong,Liu Hang,Yang Yanyan

DOI: https://doi.org/10.16526/j.cnki.11-4762/tp.2008.10.024

2008-01-01

Abstract:Aiming at the problem that encrypted data is beyond retrieve when user's secret key is lost and the insufficiency of traditional database's protecting mode,a safe and resumable secret key management mechanism is developed based on smart card and modern encryp- tion technology.This scheme can ensure the secret key's safety and availability without the third party's participation.It can also ensure no institution or individual can obtain secret key except the user.It can resume the secret key safely when the user loses the secret key.We enhance the database's safety by using a special encryption technology.The mechanism is proved safe and worthy of being popularized through security analysis.

Mary Cindy Ah Kioon,ZhaoShun Wang,Shubra Deb Das

DOI: https://doi.org/10.4028/www.scientific.net/amm.347-350.2706

2013-01-01

Abstract:Hashing algorithms are commonly used to convert passwords into hashes which theoretically cannot be deciphered. This paper analyses the security risks of the hashing algorithm MD5 in password storage and discusses different solutions, such as salts and iterative hashing. We propose a new approach to using MD5 in password storage by using external information, a calculated salt and a random key to encrypt the password before the MD5 calculation. We suggest using key stretching to make the hash calculation slower and using XOR cipher to make the final hash value impossible to find in any standard rainbow table.

Shouling Ji,Shukun Yang,Xin Hu,Weili Han,Zhigong Li,Raheem Beyah

DOI: https://doi.org/10.1109/tdsc.2015.2481884

2017-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:In this paper, we conduct a large-scale study on the crackability, correlation, and security of ${\sim}145$ million real world passwords, which were leaked from several popular Internet services and applications. To the best of our knowledge, this is the largest empirical study that has been conducted. Specifically, we first evaluate the crackability of ${\sim}145$ million real world passwords against 6+ state-of-the-art password cracking algorithms in multiple scenarios. Second, we examine the effectiveness and soundness of popular commercial password strength meters (e.g., Google, QQ) and the security impacts of username/email leakage on passwords. Finally, we discuss the implications of our results, analysis, and findings, which are expected to help both password users and system administrators to gain a deeper understanding of the vulnerability of real passwords against state-of-the-art password cracking algorithms, as well as to shed light on future password security research topics.

GUO Yi-dong,QIU Wei-dong,LIU Bo-zhongP

DOI: https://doi.org/10.3969/j.issn.1000-3428.2014.07.052

2014-01-01

Abstract:Researches about network passwords security mainly focus on the analysis of the communication protocols and the encryption algorithm. There are few researches analyzing the behaviour of how users set their passwords. This paper proposes a new password analysis method by analyzing the attributions of passwords, having attributes resolution on original password, classifying attributions and applying Apriori algorithm on the result set of attributions classification by data mining and so on. It obtains the inherent characteristics of the password setting. Experimental results show that this method can effectively analyze the habits of real password setting from the passwords leaked by CSDN. A large number of weak passwords exist. Pure digital passwords account for 45.03%of the total. Passwords composed of family-name pinyin and digital account for a great majority of total passwords, this is 13.79%. It also demonstrates that the method is able to analyze 6.42 million passwords within 24 minutes, which shows that this method can effectively deal with the massive password data.