An improved user authentication model for mobile application systems
In today’s digital communication era, people around the world can conveniently communicate with each other at any time and any places by just using mobile phones. Besides making phone calls and sending messages, mobile phones can also be used to download many interesting and useful apps for perso...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | http://psasir.upm.edu.my/id/eprint/68736/1/FSKTM%202018%205%20IR.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-upm-ir.68736 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-upm-ir.687362019-05-30T02:55:49Z An improved user authentication model for mobile application systems 2017-09 Mohamed, Kartini In today’s digital communication era, people around the world can conveniently communicate with each other at any time and any places by just using mobile phones. Besides making phone calls and sending messages, mobile phones can also be used to download many interesting and useful apps for personal, businesses or even entertainment purposes. Due to borderless competition in the digital world, a lot of exciting and necessary mobile apps available for free downloads from the Internet. Unfortunately, mobile apps are communicating using wireless networks which are very vulnerable to data stealing or sniffing by intruders. People who communicate using unprotected mobile apps are in high risks if the used apps deal with personal or highly confidential data such as in mobile banking, mobile payment, and mobile purchase or even in certain government related affairs including income tax payment, health monitoring systems, etc. There are many ways the mobile apps can be protected. One of the common ways is to control the access to the apps using a strong user authentication. Even though researchers have introduced many ways to make user authentication strong, this study proposes an improved user authentication model by making it not only strong but also acceptable by mobile users. The user authentication is made strong using three different techniques namely multifactoring, ciphering, and watermarking techniques. It is considered acceptable by mobile users based on the results obtained from statistical analysis carried out in this study. To validate the proposed user authentication model, several prototype mobile apps are developed using a uSign-Mf+ module containing the proposed improvements and sent for evaluation by CyberSecurity Malaysia Sdn. Bhd. (CSM), an independent testing body. Based on the statistical analysis results, majority of the users agree that the proposed improvement of user authentication is strong and acceptable. However, they consider that the proposed model is strong with all the proposed improvement techniques except the use of hashing in the ciphering technique. Even though the users believe that the existing encryption is good enough without hashing, experts have proven that hashing can improve the data integrity and protect the system from several attacks such as brute force and tampering attacks. Therefore, the use of hash in this model should be retained. Meanwhile, from the evaluation by CSM, the proposed model is effective without major modifications required on the prototype mobile apps. Thus, it is concluded that the proposed model is strong and acceptable by mobile phone users. Application software - Security measures 2017-09 Thesis http://psasir.upm.edu.my/id/eprint/68736/ http://psasir.upm.edu.my/id/eprint/68736/1/FSKTM%202018%205%20IR.pdf text en public masters Universiti Putra Malaysia Application software - Security measures |
| institution |
Universiti Putra Malaysia |
| collection |
PSAS Institutional Repository |
| language |
English |
| topic |
Application software - Security measures |
| spellingShingle |
Application software - Security measures Mohamed, Kartini An improved user authentication model for mobile application systems |
| description |
In today’s digital communication era, people around the world can conveniently
communicate with each other at any time and any places by just using mobile
phones. Besides making phone calls and sending messages, mobile phones can
also be used to download many interesting and useful apps for personal,
businesses or even entertainment purposes. Due to borderless competition in
the digital world, a lot of exciting and necessary mobile apps available for free
downloads from the Internet. Unfortunately, mobile apps are communicating
using wireless networks which are very vulnerable to data stealing or sniffing by
intruders. People who communicate using unprotected mobile apps are in high
risks if the used apps deal with personal or highly confidential data such as in
mobile banking, mobile payment, and mobile purchase or even in certain
government related affairs including income tax payment, health monitoring
systems, etc.
There are many ways the mobile apps can be protected. One of the common
ways is to control the access to the apps using a strong user authentication.
Even though researchers have introduced many ways to make user
authentication strong, this study proposes an improved user authentication
model by making it not only strong but also acceptable by mobile users. The user
authentication is made strong using three different techniques namely multifactoring,
ciphering, and watermarking techniques. It is considered acceptable
by mobile users based on the results obtained from statistical analysis carried
out in this study. To validate the proposed user authentication model, several
prototype mobile apps are developed using a uSign-Mf+ module containing the
proposed improvements and sent for evaluation by CyberSecurity Malaysia Sdn.
Bhd. (CSM), an independent testing body.
Based on the statistical analysis results, majority of the users agree that the
proposed improvement of user authentication is strong and acceptable.
However, they consider that the proposed model is strong with all the proposed
improvement techniques except the use of hashing in the ciphering technique.
Even though the users believe that the existing encryption is good enough
without hashing, experts have proven that hashing can improve the data integrity
and protect the system from several attacks such as brute force and tampering
attacks. Therefore, the use of hash in this model should be retained. Meanwhile,
from the evaluation by CSM, the proposed model is effective without major
modifications required on the prototype mobile apps. Thus, it is concluded that
the proposed model is strong and acceptable by mobile phone users. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Mohamed, Kartini |
| author_facet |
Mohamed, Kartini |
| author_sort |
Mohamed, Kartini |
| title |
An improved user authentication model for mobile application systems |
| title_short |
An improved user authentication model for mobile application systems |
| title_full |
An improved user authentication model for mobile application systems |
| title_fullStr |
An improved user authentication model for mobile application systems |
| title_full_unstemmed |
An improved user authentication model for mobile application systems |
| title_sort |
improved user authentication model for mobile application systems |
| granting_institution |
Universiti Putra Malaysia |
| publishDate |
2017 |
| url |
http://psasir.upm.edu.my/id/eprint/68736/1/FSKTM%202018%205%20IR.pdf |
| _version_ |
1747812625050238976 |