Title

Password policy simulation and analysis

Abstract

Passwords are an ubiquitous and critical component of many security systems. As the information and access guarded by passwords become more necessary, we become ever more dependent upon the security passwords provide. The creation and management of passwords is crucial, and for this we must develop and deploy password policies. This paper focuses on defining and modeling password policies for the entire password policy lifecycle. The paper first discusses a language for specifying password policies. Then, a simulation model is presented with a comprehensive set of variables and the algorithm for simulating a password policy and its impact. Finally, the paper presents several simulation results using the password policy simulation tool.

Keywords

simulation, security and protection, computing milieux

Date of this Version

2007

Comments

Proceeding DIM '07 Proceedings of the 2007, ACM workshop on Digital

identity management

Share

COinS