Zubair Zaland, S. Bazai, Shahabzade Marjan, M. Ashraf
{"title":"在线数据库的三层密码安全算法","authors":"Zubair Zaland, S. Bazai, Shahabzade Marjan, M. Ashraf","doi":"10.1109/iisec54230.2021.9672434","DOIUrl":null,"url":null,"abstract":"Password security is a significant issue for any authenticating process, and different researchers in the past have proposed techniques such as hashing, salting, honeywords to make the process most secured. We provide a self-guaranteed secure program and its access methods to mitigate the risk of illegal attacks like DDoS. This method ensures the security of a program by giving method level security that bolsters the further implemented security measures. A step-up approach is implementing the access security measures that protect against SQL injection and script attacks. Lucubration of various papers suggests that most systems are compromised at the storage of login credentials. Our solution ensures the security of such measures by obscurity. By using multiple layers of additional security procedures before storing the data decreases the risk of break-in exponentially. Our attempt to securely store passwords includes salting the passwords, encrypting them, and finally hashing them so that no patterns are visible. This paper presents a new method that involves SQLi prevention, encrypting, salting and then hashing the password. The SALT is generated dynamically using two parameters, one of which is unique, and the Salt is not stored in the database.","PeriodicalId":344273,"journal":{"name":"2021 2nd International Informatics and Software Engineering Conference (IISEC)","volume":"294 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Three-Tier Password Security Algorithm for Online Databases\",\"authors\":\"Zubair Zaland, S. Bazai, Shahabzade Marjan, M. Ashraf\",\"doi\":\"10.1109/iisec54230.2021.9672434\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Password security is a significant issue for any authenticating process, and different researchers in the past have proposed techniques such as hashing, salting, honeywords to make the process most secured. We provide a self-guaranteed secure program and its access methods to mitigate the risk of illegal attacks like DDoS. This method ensures the security of a program by giving method level security that bolsters the further implemented security measures. A step-up approach is implementing the access security measures that protect against SQL injection and script attacks. Lucubration of various papers suggests that most systems are compromised at the storage of login credentials. Our solution ensures the security of such measures by obscurity. By using multiple layers of additional security procedures before storing the data decreases the risk of break-in exponentially. Our attempt to securely store passwords includes salting the passwords, encrypting them, and finally hashing them so that no patterns are visible. This paper presents a new method that involves SQLi prevention, encrypting, salting and then hashing the password. The SALT is generated dynamically using two parameters, one of which is unique, and the Salt is not stored in the database.\",\"PeriodicalId\":344273,\"journal\":{\"name\":\"2021 2nd International Informatics and Software Engineering Conference (IISEC)\",\"volume\":\"294 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 2nd International Informatics and Software Engineering Conference (IISEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/iisec54230.2021.9672434\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 2nd International Informatics and Software Engineering Conference (IISEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/iisec54230.2021.9672434","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Three-Tier Password Security Algorithm for Online Databases
Password security is a significant issue for any authenticating process, and different researchers in the past have proposed techniques such as hashing, salting, honeywords to make the process most secured. We provide a self-guaranteed secure program and its access methods to mitigate the risk of illegal attacks like DDoS. This method ensures the security of a program by giving method level security that bolsters the further implemented security measures. A step-up approach is implementing the access security measures that protect against SQL injection and script attacks. Lucubration of various papers suggests that most systems are compromised at the storage of login credentials. Our solution ensures the security of such measures by obscurity. By using multiple layers of additional security procedures before storing the data decreases the risk of break-in exponentially. Our attempt to securely store passwords includes salting the passwords, encrypting them, and finally hashing them so that no patterns are visible. This paper presents a new method that involves SQLi prevention, encrypting, salting and then hashing the password. The SALT is generated dynamically using two parameters, one of which is unique, and the Salt is not stored in the database.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
