TRIZ Paper: Japan TRIZ Symposium 2009 | |
TRIZ/USIT Case Study: How to Help Recall Passwords | |
Yutaro Ueda, Hiroki Nabeshima, and Toru Nakagawa (Osaka Gakuin University) |
|
The Fifth TRIZ Symposium in Japan, Held by Japan TRIZ Society on Sept. 10-12, 2009 at National Women's Education Center, Ranzan-machi, Hiki-gun, Saitama, Japan | |
Introduction by Toru Nakagawa (Osaka Gakuin Univ.), Dec. 20, 2009 [Posted on Dec. 24, 2009] | |
[Posted on Sept. 30, 2010] |
For going back to Japanese pages, press buttons.
Editor's Note (Toru Nakagawa, Sept. 24, 2010)
This paper was presented last year at the 5th TRIZ Symposium in Japan, 2009 in a Poster session.
Yutaro Ueda and Hiroki Nabeshima were the students of my Seminar Class in Faculty of Informatics. In the second semester of their 3rd year Seminar class, I guided their group excercise of this topic. Yutaro Ueda, as a 4th year student, made the Poster presentation at the Symposium.
In this page you can read the Abstract, Poster slides, and my Introduction written in my 'Personal Report of Japan TRIZ Symposium 2009'. So I will not write any further here.
This page is composed as follows:
[1] Abstract in English Extended Abstract in Japanese .
[2] Presentation slides in English (16 slides), in Japanese
[3] Nakagawa's introduction (Excerpt of "Personal Report of Japan TRIZ Symposium 2009") in English.
Top of this page | Abstract | Extended Abstract in Japanese (PDF) | Slides PDF | Slides in Japanese | Nakagawa's Introduction (from Personal Report) | Nakagawa's Personal Report of Japan TRIZ Symp. 2009 | Japan TRIZ Symp. 2009 | Japanese page |
[1] Abstract
TRIZ/USIT Case Study: How to Help Recall Passwords
Yutaro Ueda, Hiroki Nabeshima, and Toru Nakagawa
(Osaka Gakuin University)Abstract
This case study has been achieved by a problem solving exercise with TRIZ/USIT in Nakagawa's Seminar Class of Junior students in Faculty of Informatics of Osaka Gakuin University. Nowadays we often use passwords in computers and social procedures. Some of them were selected by ourselves in relatively simpler forms, but many others were given to us by system sides in randomly-generated lengthy forms. Since there are so many different ones we have to handle, we cannot remember them all.We need some measures which help us recall the appropriate password when required. They should be some auxiliary information ('hints') embodied in some objective form. How, in what form and in what process, should we make the hints? This is the problem of the present study.
We analyzed this problem by using Function Analysis and Attribute Analysis in USIT. If the hints are disclosed and used by a malicious person, we will meet severe danger of the password(s) being broken. Thus the requirements for the hints are to be easy for myself to recall the passwords but extremely difficult for any other person to guess the passwords. In TRIZ terms this is a case of Physical Contradiction which can be separated by the Actor, we understand. Then we used 40 TRIZ Principles (with reference to Mishra's book) to enhance the generation of solution ideas. The desirable solutions, as we understand now, need to be based on several basic principles and use a combination of simple but unique coding (encrypting) methods.
[2] Presentation Slides in PDF
Presentation Slides in English in PDF (16 slides, 105 KB)
[3] Introduction to the Presentation (by Nakagawa)
Excerpt from:
Personal Report of The Fifth TRIZ Symposium in Japan, 2009, Part F. TRIZ in Education and in Academia
by Toru Nakagawa (Osaka Gakuin University), Dec. 20, 2009
Posted on Dec. 24, 2009 in "TRIZ Home Page in Japan"
Yutaro Ueda, Hiroki Nabeshima, and Toru Nakagawa (Osaka Gakuin Univ.) [J22 P-B4] gave a Poster presentation on "TRIZ/USIT Case Study: How to Help Recall Passwords". I will quote the Authors' Abstract first:
This case study has been achieved by a problem solving exercise with TRIZ/USIT in Nakagawa's Seminar Class of Junior students in Faculty of Informatics of Osaka Gakuin University. Nowadays we often use passwords in computers and social procedures. Some of them were selected by ourselves in relatively simpler forms, but many others were given to us by system sides in randomly-generated lengthy forms. Since there are so many different ones we have to handle, we cannot remember them all. We need some measures which help us recall the appropriate password when required. They should be some auxiliary information ('hints') embodied in some objective form. How, in what form and in what process, should we make the hints? This is the problem of the present study.
We analyzed this problem by using Function Analysis and Attribute Analysis in USIT. If the hints are disclosed and used by a malicious person, we will meet severe danger of the password(s) being broken. Thus the requirements for the hints are to be easy for myself to recall the passwords but extremely difficult for any other person to guess the passwords. In TRIZ terms this is a case of Physical Contradiction which can be separated by the Actor, we understand. Then we used 40 TRIZ Principles (with reference to Mishra's book) to enhance the generation of solution ideas. The desirable solutions, as we understand now, need to be based on several basic principles and use a combination of simple but unique coding (encrypting) methods.
Ueda and Nabeshima are 4th-year undergraduate students of Nakagawa's Seminar Class in Faculty of Informatics of Osaka Gakuin University. Ueda gave this Poster presentation. The way of group practices in the Seminar Class is shown in the slide (below-left). Even though the teacher (i.e., Nakagawa) facilitated the practices, advised from time to time, and brushed up the presentation slides, the students are the main authors of this presentation. The problem 'How to help recall passwords' is defined as shown in the slide (below-right).
The Functional Model of the problem situation was built as shown in the slide (below-left) and was used throughout the work as a reference model. Since we cannot remember so many (different and complex) passwords by heart, we need some 'Hints'. But there is always a risk of the Hints being read by others, especially malicious people. Thus, the focus goes on to the Attribute Analysis (in slide below-right) to consider 'What kind of properties should have the Passwords and Hints?'. The Authors found the attributes as information (or symbols) are more important than those as a concrete medium (or objects).
The following slide (below-left) tabulated various attributes of Password/Hints as the information. Easiness to understand is noted in 3 different phases, i.e. for myself to remember the PW, for myself to recall PW with the Hint, and for some other (malicious) person to speculate the PW with the Hints. The table continues to the next slide (omitted in this review), which considers the properties as word, meaning, relation with other PWs, and hierarchy of PWs. Thus making the Hints easy to understand or difficult to understand is not a solution either. The requirements of this problem is to make easy to understand for myself and at the same time difficult to understand for others (slide below-right). Thus the problem is clearly stated as a Physical Contradiction which need to be separated between myself and others, i.e. by the Subject of the action. (This type of Physical Contradiction is not so familiar in technological fields, but may often appear in human-related areas.)
On the basis of these analysis, the Authors generated solution ideas by using the 40 Inventive Principles (with reference to Umakant Mishra's draft book ). Many concrete ideas thus obtained were reorganized to form a system of solution principles as shown in the slide (below-left). The solution principle (1) is to handle the two types of PWs (i.e., PW chosen by myself and PW given to me independent of my preference) differently (slide below-right).
The solution principles (2) and (3) are shown in the following two slides (below). Those of (4)(5)(6) are skipped in this review for the sake of space.
*** This work was started in October 2008 with the stimulation by the former Password Working Group of MPUF USIT/TRIZ Study Group, but was carried out independently. The processes of problem definition, functional and attribute analysis, solution generation and solution generalization are well guided by USIT (even though not in its formal way). I am going to post the full set of presentation slides of this work in due course in this Web site.
Top of this page | Abstract | Extended Abstract in Japanese (PDF) | Slides PDF | Slides in Japanese | Nakagawa's Introduction (from Personal Report) | Nakagawa's Personal Report of Japan TRIZ Symp. 2009 | Japan TRIZ Symp. 2009 | Japanese page |
Last updated on Sept. 30, 2010. Access point: Editor: nakagawa@ogu.ac.jp