User authentication in computer systems has been a cornerstone of computer security for decades. The concept of a user id and password is a cost effective and efficient method of maintaining a shared secret between a user and a computer system. One of the key elements in the password solution for security is a reliance on human cognitive ability to remember the shared secret. In early computing days with only a few computer systems and a small select group of users, this model proved effective.With the advent of the Internet, e-commerce, and the proliferation of PCs in offices and schools, the user base has grown both in number and in demographic base.Individual users no longer have single passwords for single systems, but are presented with the challenge of remembering numerous passwords for numerous systems, from email, to web accounts, to banking and financial services. This paper presents a conceptual model depicting how users and systems work together in this function and examines the consequences of the expanding user base and the use of password memory aids.A system model of the risks associated with password-based authentication is presented from a user centric point of view including the construct of user password memory aids. When confronted with too much data to remember, users will develop memory aids to assist them in the task of remembering important pieces of information. These user password memory aids form a bridge between otherwise unconnected systems and have an effect on system level security across multiple systems interconnected by the user. A preliminary analysis of the implications of this user centric interconnection of security models is presented.
Investigations involving digital media (e.g., hard disks and USB thumb drives) rely heavily on text string searches. Traditional search approaches utilizing matching algorithms or database technology and treebased indexing algorithms result in an overwhelming number of "hits"-a large percentage of which are irrelevant to investigative objectives. Furthermore, current approaches predominantly employ literal search techniques, which lead to poor recall with respect to investigative objectives. A better approach is needed that reduces information retrieval overhead and improves investigative recall. This paper proposes a new, high-level text string search process model that addresses some of the shortfalls in current text string search paradigms. We hope that this model will stimulate efforts on extending information retrieval and text mining research to digital forensic text string searching.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.