A New Approach for Textual Password Hardening Using Keystroke Latency Times

Textual passwords are still widely used as an authentication mechanism. This paper addresses the problem of textual password hardening and proposes a mechanism to make textual passwords harder to be used by unauthorized persons. The mechanismintroduces time gaps between keystrokes (latency times) that would add a second protection line to the password. Latency times are converted into discrete representation (symbols) where the sequence of these symbols is added to the password. For accessing system, an authorized person needs to type his/her password with a certain rhythm. This rhythm is recorded at the sign-up time.This work is an extension to a previous work that elaborates more on the local approach of discretizing time gaps between every two consecutive keystrokes. In addition, more experimental settings and results are provided and analyzed. The local approach considers the keying pattern of each user to discretize latency times. The average, median and min-max are tested thoroughly.Two experimental settings are considered here: laboratory and real-world. The lab setting includes students studying information technology while the other group are not. On the other hand, information technology professional individuals participated in the real-world experiment. The results recommend using the local threshold approach over the global one. In addition, the average method performs better than the other methods. Finally, the experimental results of the real-world setting support using the proposed password hardening mechanism.

A Requirements Approach for Building an Enterprise Cloud Service Catalog

In the context of cloud computing, the service catalog is a critical component of the cloud computing architecture. Most cloud computing projects will invariably begin with a discussion of what IT services an enterprise needs. Even when end users have a cloud environment, the business still wants to know which cloud services we need and how much does it costs. Information Technology Infrastructure Library (ITIL) service design defines a service catalog as a list of technology-enabled services that an organization provides, often to its employees or customers. More specifically, the service catalog is an expression of the operational capability of a service provider or enterprise within the context of an end customer, a market space, or an internal business unit stakeholder. Unfortunately, most service catalogs are built by technologists for technologists. This design methodology is fine assuming the user of the catalog is an information technology professional.