Description
CHAPTER ONE
INTRODUCTION
1.1 Background of Study
This research is on Design and implementation of an authentication scheme for android phones using session passwords and color and images. Intelligent mobile devices have become the focus of the electronics and computing industry in recent years. These devices, example smartphones and internet connected handheld devices, enable quick and efficient access of users to both business and personal data, but also allow the same data to be easily accessed by an intruder if the device is lost or stolen.
As stated by (Ahmed, 2017) Millions of smartphone users are using internet, storing important data, making transactions by their mobile phones. Smartphone authentication has become an unavoidable part of most of the people these days and numerous number of times users need to go through the authentication process to use their phones. In such a circumstance, users need a convenient authentication system to use their smartphones effectively with possibly less amount of time spent and obviously with ensured security for protecting their important data and files.
Google’s Android Operating System in Mobile phones are still relatively new, however, Android Operating System has been progressing quite rapidly. An Android phone is a smartphone running on Google’s open-source Android operating system. Many different manufacturers make Android phones, including HTC, Motorola, and Samsung. Dozens and dozens of different Android phones are now available in the world (Sohail et al., 2012).
Today almost every user has an Android Smartphone because of the features such as multitasking, ease of notifications, app market, diverse phone options and android widgets (Takayuki et al., 2012).
The numbers of users having smartphones equipped with GPS have increased rapidly. Hence, it can be used efficiently for personal security or various other protection purposes (Ananda et al., 2013).
Most of the users keep their smartphones with them at all times, the likelihood of it getting left behind at a restaurant, gym, or other location that they previously visited is probably pretty high and the chances of that left-behind-phone getting stolen and fondled deeply without their approval is probably even higher.
The first line of defense against evil doers is lock screen. However, even with these solutions, major problems could still result after a mobile device is lost (Te-en et al., 2012).
Existing mobile security solutions attempt to solve this problem by forcing a user to authenticate their device before being granted access to any data. However, such checks are often easily bypassed or hackers due to their simplistic nature.
(Mathuri, 2013) defines Authentication as a process of determining whether a particular individual or a device should be allowed to access a system or an application or merely an object running in a device. This is an important process which assures the basic security goals, viz. confidentiality and integrity.
Also, adequate authentication is the first line of defense for protecting any resource. It is important that the same authentication technique may not be used in every scenario. Authentication is one of the essential security features in network communication.
The most common method used for authentication is textual password. Random and lengthy passwords can make the system secure. But the main problem is the difficulty of remembering those passwords. Studies have shown that users tend to pick short passwords or passwords that are easy to remember. Unfortunately, these passwords can be easily guessed or cracked. The alternative techniques are graphical passwords and biometrics. But these two techniques have their own disadvantages. Biometrics, such as finger prints, iris scan or facial recognition have been introduced but not yet widely adopted (Sreelatha et al., 2011).
The major drawback of this approach is that such systems can be expensive and the
Identification process can be slow. There are many graphical password schemes that are proposed in the last decade. But most of them suffer from shoulder surfing which is becoming quite a big problem. There are graphical passwords schemes that have been proposed which are resistant to shoulder-surfing but they have their own drawbacks like usability issues or taking more time for user to login or having tolerance levels (Sreelatha et al., 2011).
Furthermore (Mathuri, 2013) wrote that Information and computer security is supported largely by passwords which are the principle part of the authentication process. The most common computer authentication method is to use alphanumerical username and password which has significant drawbacks.
(Sabzevar et al., 2008) also agreed that although traditional alphanumeric passwords are used widely, they have problems such as being hard to remember, vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering.
Also as stated by (Wazir et al., 2011) Weak passwords are vulnerable to dictionary attacks and brute force attacks where as Strong passwords are harder to remember.
To overcome the problems associated with password based authentication systems, the concept of graphical password development as alternative authentication mechanisms was designed.
(Rachna et al., 2000) proposed a graphical authentication scheme where the user has to identify the pre-defined images to prove user’s authenticity. In this system, the user selects a certain number of images from a set of random pictures during registration. Later, during login the user has to identify the pre-selected images for authentication from a set of images.
Graphical passwords systems are the most promising alternative to conventional password based authentication systems. Graphical passwords (GP) use pictures instead of textual passwords and are partially motivated by the fact that humans can remember pictures more easily than a string of characters. The idea of graphical passwords was originally described by Greg Blonder in 1996.
1.2 Statement of the Problem
Without enforcing adequate measure for users, unwanted access on devices such as android mobile phones will continue. The challenges of the current system, such as password theft, password guessing, shoulder surfing, screen grab, have led to the loss of vital information’s over the years, as mobile technology evolve. With the proper implementation of a resistant access proof mechanism such as using an authentication scheme that works with session color codes, their will be reduction in unwanted phone access.
1.3 Aim and Objectives of the study
The aim of this project is to design an authentication scheme for android phones using session passwords and color and images.
The specific objectives are to:
- Develop an algorithm for authenticating user on android phones.
- Implement the algorithm using android studio.
- Test the performance of the algorithm.
1.4 Scope of the study
This project is purposely designed to focus on providing a safe proof authentication system for android phone owners and users, after a careful analysis of different authentication schemes present in mobile Phones. Also it can further be adopted by other devices and computer usage for authentication.
1.5 Limitation of the study
Limitations to this research were basically Time and access to educational resources from past research conducted in relation to this study.
1.6 Definition of Terms
Android: An open-source operating system used for smartphones and tablet computers.
Authentication Scheme: Refers to an access gain structure.
Authentication: is the process of determining whether someone or something is, in fact, who or what it is declared to be.
Color: Is the property possessed by an object of producing different sensations on the eye as a result of the way it reflects or emits light.
Image: A representation of the external form of a person or thing in art.
Mobile Phone: A telephone with access to a cellular radio system so it can be used over a wide area, without a physical connection to a network.
Session Password: Session password are passwords that change every time a user is expected to gain access to a device.
Reviews
There are no reviews yet.