A secure scheme for user authentication and authorization using OTP in android mobile environment /
Authentication and authorization play key roles in ensuring security system over any communication network especially over GSM network. It‟s explored from the literature that existing system over GSM is not enough for ensuring efficient security in terms of authentication as well as authorization. T...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
Kuala Lumpur :
Kulliyyah of Engineering, International Islamic University Malaysia,
2014
|
| Subjects: | |
| Online Access: | http://studentrepo.iium.edu.my/handle/123456789/4815 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Authentication and authorization play key roles in ensuring security system over any communication network especially over GSM network. It‟s explored from the literature that existing system over GSM is not enough for ensuring efficient security in terms of authentication as well as authorization. The major security loophole found in the usage of OTP is that it generates the secure password that floats into GSM network where there is a higher degree of intrusion. Another prominent issue found in majority of the OTP usages is that it is not preferred for mobile phones due to time-synchronization that are usually based on an internal clock synchronization system. The proposed study attempts to minimize the operational cost by generating the OTP on User trusted handheld device. Because of this generation, the system is rendered secure because it is not accessible to GSM network. The system is designed on windows as well as on Android mobile environment using Java as programming tool to study the working prototype before the system can be actually deployed with an economic intention. Furthermore the system is analyzed for its ability to thwart some common attacks and a comparative performance analysis is done to establish feasibility with current hardware profile and User ergonomic behavior. The dissertation also exhibits a review of approaches and techniques that have been introduced in the past for the process of secure online authentication and authorization. From the analysis of the system, it has been seen that OTP generator for mobile hand held device takes less than 49 milliseconds on an average for different hardware profile belonging to diverse vendors. The issue of feeding of longer length of One-Time password is also resolved by incorporating byte-to-word conversion in Java, which are human readable and User friendly. By incorporating the same, results in ergonomic efficiency. The feeding time is shown to be reduced by approximately 60% with the inclusion of byte to word conversion. |
|---|---|
| Physical Description: | xiii, 130 leaves, : ill. ; 30cm. |
| Bibliography: | Includes bibliographical references (leaves 93-97). |