Password Security through Negative Authentication
Abstract
Authentication systems generally adopt the approach of checking an authentication request in a list of stored profiles of identification and verification information. This stored sensitive information always has the risk of being hacked and exploited by malicious attackers. Negative Authentication is an approach inspired by biological immune mechanisms that mitigates this risk. In particular, this approach exploits a form of complement profiles which resembles the censoring and maturation process of T-cells. The scope and applicability issues of this technique in the context of currently used authentication systems have been addressed in this paper. It has been pointed out where and how the technique can enhance security of authentication systems. Negative authentication mechanism is based on the generic negative selection algorithm found in artificial immune system literature. In experimentation and implementation, the use of a real valued negative selection technique has been examined in this paper. The performance aspects of the technique along with security considerations have been analyzed and feasible configuration settings have been pointed out for practical purpose.