brind
Post on 10-Dec-2015
216 Views
Preview:
DESCRIPTION
TRANSCRIPT
CHAPTER-I
1. INTRODUCTION
1.1. OVERVIEW OF THE PROJECT
Access to computer systems is most often based on the use of alphanumeric passwords.
However, users have difficulty remembering a password that is long and random-appearing.
Instead, they create short, simple, and insecure passwords. Graphical passwords have been
designed to try to make passwords more memorable and easier for people to use and, therefore,
more secure. Using a graphical password, users click on images rather than type alphanumeric
characters. This Project describes the Pass Points system, its security characteristics, and the
empirical study we carried out comparing Pass Points to alphanumeric passwords. In the
empirical study participants learned either an alphanumeric or graphical password and
subsequently carried out three longitudinal trials to input their passwords over a period of five
weeks. The results show that the graphical group took longer and made more errors in learning
the password, but that the difference was largely a consequence of just a few graphical
participants who had difficulty learning to use graphical passwords.
1.2. OBJECTIVE OF THE PROJECT
Textual passwords are the most common method used for authentication. But textual
passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder
surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most
of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be
combined with images or colors to generate session passwords for authentication. Session
passwords can be used only once and every time a new password is generated. In this, two
techniques are proposed to generate session passwords using image which are resistant to
shoulder surfing. These methods are suitable for Personal Digital Assistants.
KGISL Institute of Information Management Page 1
1.3 BACKGROUND STUDY
1.3.1 STUDY ON EXISTING SYSTEM
Computer systems and the information they store and process are valuable resources
which need to be protected. Computer security systems must also consider the human factors
such as ease of a use and accessibility. Current secure systems suffer because they mostly ignore
the importance of human factors in security. An ideal security system considers security,
reliability, usability, and human factors. All current security systems have flaws which make
them specific for well trained and skilled users only. A password is a secret that is shared by the
verifier and the customer. ”Passwords are simply secrets that are provided by the user upon
request by a recipient.” They are often stored on a server in an encrypted form so that a
penetration of the file system does not reveal password lists. Passwords are the most common
means of authentication because they do not require any special hardware. Typically passwords
are strings of letters and digits, i.e. they are alphanumeric. Such passwords have the disadvantage
of being hard to remember. Weak passwords are vulnerable to dictionary attacks and brute force
attacks where as Strong passwords are harder to remember
1.3.2 PROBLEM AND WEAKNESS OF CURRENT SYSTEM
The passwords should be at least 8 characters long.
The password should not be easy to relate to the user(e.g., last name, birth date)
Ideally the user should combine upper and lower case letters and digits
Users tend to write password down or use the same passwords for different accounts.
Key-space is limited to 64 ASCII characters.
KGISL Institute of Information Management Page 2
CHAPTER-II
2. SYSTEM ANALYSIS
2.1 STUDY ON PROPOSED SYSTEM
2.1.1 DEFINING THE PROBLEM
Access to computer systems is most often based on the use of alphanumeric passwords.
Though, users have difficulty remembering a password that is long and random-appearing.
Instead, they create short, simple, and insecure passwords. Graphical passwords have been
designed to try to make passwords more memorable and easier for people to use and, therefore,
more secure. Using a graphical password, users click on images rather than type alphanumeric
characters.
Graphical password is an authentication system that works by having the user select from
images in a specific order, presented in a graphical user interface (GUI).It can be used in web
login application, atm machines, and mobiles devices.
2.1.2 DEVELOPING SOLUTION STRATEGIES
A password is a secret that is shared by the verifier and the customer. ”Passwords are
simply secrets that are provided by the user upon request by a recipient.” They are often stored
on a server in an encrypted form so that a penetration of the file system does not reveal password
lists. Passwords are the most common means of authentication because they do not require any
special hardware. Typically passwords are strings of letters and digits, i.e. they are alphanumeric.
Such passwords have the disadvantage of being hard to remember. Weak passwords are
vulnerable to dictionary attacks and brute force attacks where as Strong passwords are harder to
remember
KGISL Institute of Information Management Page 3
ADVANTAGES OF PROPOSED SYSTEM
Access to computer systems is most often based on the use of alphanumeric passwords.
Though, users have difficulty remembering a password that is long and random-
appearing. Instead, they create short, simple, and insecure passwords.
Graphical passwords have been designed to try to make passwords more memorable and
easier for people to use and, therefore, more secure.
Using a graphical password, users click on images rather than type alphanumeric
characters.
Dictionary attacks are infeasible
On-average-millions of years to break into the system
Easy to memorize
Key-space is unlimited
MODULES
1. Pattern Selection
2. Picture Selection
3. Registration
4. Login
MODULE DESCRIPTION
1. Pattern Selection
In Pattern Selection phase the user will be choose the patterns such as “POINT, LINE,
and ELLIPSE”. They may select the pattern depending upon their capabilities and also they
have a choice to select any one of the pattern or combined together. But they should choose one
pattern.
2. Picture selection
Picture selection phase there are two ways for selecting picture password authentication.
KGISL Institute of Information Management Page 4
1. User defines pictures: Pictures are selected by the user from the hard disk or any other image
supported devices.
2. System defines pictures: pictures are selected by the user from the database of the password
system.
Users may select any pixels in the image as click-points for their password. During password
creation, most of the image is dimmed except for a small view port area that is randomly
positioned on the image. Users must select a click-point within the view port. If they are unable
or unwilling to select a point in the current view port, they may press the Shuffle button to
randomly reposition the view port. The view port guides users to select more random passwords
that are less likely to include hotspots. A user who is determined to reach a certain click-point
may still shuffle until the view port moves to the specific location, but this is a time consuming
and more tedious process.
3. Register
In this phase the user already choose the options like any type of pattern and picture then
they must draw the pattern on the picture to store in the database for registration process. After
completing the pattern drawn the registration will be completed.
4. Login
In this phase, after registration process the user must validate the pattern by using the
login .The session refers to a limited time of communication between two systems. The user
must give the right option; otherwise the session will be expired.
2.2 SYSTEM SPECIFICATION
The software should be developed according to the system. The user interface module should be
developed in such a way that the user can easily operate the system. The most important
responsibility of developer is maintenance. He is responsible to give support to the customer
when they are getting problem related to the software.
KGISL Institute of Information Management Page 5
2.2.1 APPLICATION SPECIFICATION
THREE-TIER ARCHIETECTURE
Three-tier architecture introduces a server between the client and the server. The login act
as the Presentation Layer which user draw the pattern. The validation performs in the Business
Layer. The pattern stored in the Data Layer. Session authenticate password uses the 3-tier
application is a program, which is organized into three major disjunctive layers. These layers are,
Presentation layer (Front end)
Business layer (Logical)
Data layer (Backend)
Fig 2.1 Three Tiered Client/Server Architecture
Application layer
Application layer is the form which provides the user interface to either programmer of
end user. Programmer uses this layer for designing purpose and to get or set the data back and
forth.
Business layer
KGISL Institute of Information Management Page 6
This layer is a class which we use to write the function which works as a mediator to
transfer the data from Application or presentation layer or data layer. In the three tier architecture
we never let the data access layer to interact with the presentation layer.
Data Access Layer
This layer is also a class which we use to get or set the data to the database back and
forth. This layer only interacts with the database. We write the database queries or use stored
procedures to access the data from the database or to perform any operation to the database.
2.2.2. NETWORK SPECIFICATION
LANs - Local Area Networks are really the basic building blocks of all internetworks. These
technologies are implemented at the Data Link Layer of the OSI model or layer 2. This is
because these network technologies are largely determined by the physical media they share and
how they control access to this shared medium. This Data Link Layer is also called the MAC -
Media Access Layer. The basic traffic format at this level is called a frame.
So, in LANs, communication can only deal with MAC addresses which are serial number like
device identifiers. Things like IP addresses are only necessary when routing data across LAN
segments through an internetwork. These 2nd layer technologies can only support switched
internetwork operations. They are only good for local areas or simple paths over longer
distances, where not much guidance to deliver the data is needed.
2.2.3 HARDWARE SPECIFICATION
Processor : Pentium IV 2.4 GHz.
Hard Disk : 40 GB.
Floppy Drive : 1.44 Mb.
Monitor : 14’ Colour Monitor.
Mouse : Optical Mouse.
RAM : 512 Mb.
Keyboard : 101 Keyboards.
2.2.4 SOFTWARE SPECIFICATION
Software : JAVA SE 7 SDK, Eclipse
KGISL Institute of Information Management Page 7
Language : Java
Operating System : Windows XP
Back End : SQLite
2.2.5 SOFTWARE ENVIRONMENT
JAVA
Java is the first programming language designed from ground up with network
programming in mind. The core API for Java includes classes and interfaces that provide
uniform access to a diverse set of network protocols. As the Internet and network programming
has evolved, java has maintained its cadence. New APIs and toolkit have expanded the available
options for the java network programmer.
Java is both a programming language and an environment for executing programs written
in java language. Unlike traditional compilers, which convert source code into machine level
instructions, the java compiler translates java source code into instructions that are interpreted by
the runtime Java Virtual Machine. So unlike language like C and C++, Java is an interpreted
language
Java Environment
The Java environment is composed of several separate entities.
Java Language
This is a language that follows object-oriented concept used to create executable contents
such as applications and applets. But Java is not pure object oriented language, it does not
support multiple inheritance & Operator overloading.
Java Runtime Environment
The Runtime Environment used to execute the code. It is made up of the java language
and java virtual machine. It is portable and it is platform neutral.
Java Application
Applications are programs written in java to carry out certain tasks on standalone local
computer. Execution of a stand-alone program involves two steps.
Compiling the source code in to byte code using Javac.
Executing byte code program using java interpreter
Java Applets
KGISL Institute of Information Management Page 8
Java applets are pieces of java code that are embedded in HTML document using the
applet tag. When the browser encounters such code it automatically download it and execute it.
Java Virtual Machine
It is a specification to which java codes must be written. All java code is to be compiled
in this nonexistent virtual machine. Writing the code that compiles in JVM ensures platform
independence.
Advantages of Java
Robust
Secure
Portable
ABOUT THE TOOL
NETBEANS IDE
The Net Beans Platform allows applications to be developed from a set of modular
software components called modules. A module is a Java archive file that contains Java classes
written to interact with the Net Beans Open APIs and a manifest file that identifies it as a
module.
SQLite
SQLite is an Open Source database. SQLite supports standard relational database features
like SQL syntax, transactions and prepared statements. The database requires limited memory at
runtime (approx. 250 Kbyte) which makes it a good candidate from being embedded into other
runtimes. SQLite supports the data types TEXT (similar to String in Java), INTEGER (similar to
long in Java) and REAL (similar to double in Java). All other types must be converted into one
of these fields before getting saved in the database.
2.3 COST ESTIMATION AND SCHEDULING
Let the total lines of project estimated to be 4000 lines.
Then total kilo lines of code(KLOC)=3 KLOC
KGISL Institute of Information Management Page 9
According to the basic COCOMO model:
(Assuming the team to be organic)
Effort=2.4(KLOC)1.05
=2.4(4)1.05
Effort=10 PM
Time=2.5(Effort)0.38
=2.5(10)0.38
Time=6 Months
Cost= 5.4*10,000
= 54,000
Group Size=Effort/Time
=10/6
Group Size= 2 Persons
2.4 FINAL OUTLINE OF THE PROPOSED SYSTEM
The proposed system overcomes all the drawbacks of the existing system.
Some of the significant accrued benefits include,
The system has the capability for easy integration with other systems.
The user can access from anywhere
It is a platform independent.
New modules can be added to the existing system with less effort
KGISL Institute of Information ManagementPage 10
CHAPTER-III
3. DESIGN AND DEVELOPMENT PROCESS
3.1 FUNDAMENTAL DESIGN CONCEPTS
Although the degree of interest in each concept has varied over the year, each has
stood the test of time. Each provides the software designer with a foundation from which more
sophisticated design methods can be applied. Fundamental design concepts provide the necessary
framework for “getting it right”.
A software design is a meaningful engineering representation of some Software
product that is to be built. A design can be traced to the customer’s requirements and can be
assessed for quality against predefined criteria.
During the design process the software requirements model is transformed into
design models that describe the details of the data structures, system architecture, interface, and
components. Each design product is reviewed for quality before moving to the next phase of
software development.
3.2 DESIGN NOTATIONS
DATA FLOW DIAGRAM
Analysis model help us to understand the relationship between different
components in the system design. Analysis model shows user more clearly, how a system will
function. This is the first technical representation of a system. The analysis is modeling must
achieve three primary objectives.
To establish a basis for creation of software design.
To describe what the user requires.
To define a set of requirement that can be validated once the software is built Data
Flow Diagram.
KGISL Institute of Information ManagementPage 11
A Data Flow Diagram is a graphical technique that depicts information flow and
transforms that are applied as data move from input to output. The DFD is used to represent
increasing information flow and functional details. A level 0 DFD, also called a fundamental
system model or a Context Model, represents the entire software elements as a bubble with input
and output indicated by incoming and outgoing arrows respectively. Additional process and
information flow parts are represented in the next level i.e., Level 1 DFD. Each of the processes
represented at Level 1 are sub functions of overall system depicted in the Context Model. Any
processes, which are complex in Level 1, will be further represented into sub functions in the
next Level, i.e., in level 2.
Basic DFD symbols:
To Construct a Data Flow Diagram, we use
Arrow
Circles
Open End Box
Squares
Arrow
An arrow identifies the data flow in motion. It is a pipeline through which information is
flown like the rectangle in the Flow Chart.
Data may flow a source to a processor and from a data store or process. An arrow line
depicts the flow, with the arrowhead pointing in the direction of flow.
Circle
Circle stands for process that converts the data into information
KGISL Institute of Information ManagementPage 12
A process represents transformation where incoming data flow is changed into outgoing
flows.
Rectangle
A Rectangle defines a source or destination of system data. A source is a person or a part
of organization, which enters or receives information from the system but is considered to be
outside the context of the data flow model.
Open End Box
An Open End Box represents a data store, data at rest or temporary reposition of data.
A graphical picture of the logical steps and sequence involved in a procedure or a
program is called a flow chart. Unlike detailed flow chart, Data Flow Diagram does not supply
detailed description of the modules but graphically describes a system’s data how the data
interact with the system.
Six rules for considering the Data flow Diagram
Arrows should not cross each other
Squares, circles and Data Store must have names
Decomposed data flow squares and circles can have the same names.
Choose meaningful names for data flow
KGISL Institute of Information ManagementPage 13
Draw all data flows around the outside of the diagram.
3.2.1 CONTEXT FLOW DIAGRAM
Fig 3.1 Context Flow Diagram
3.2.2 LEVEL 1 DATA FLOW DIAGRAM
KGISL Institute of Information ManagementPage 14
Fig 3.2 Level 1 Data Flow Diagram
3.2.3. STRUCTURE CHART
A structure chart is a design tool, constructed of squares representing the different
modules in the system, and lines that connect them. The lines represent the connection and or
ownership between activities and sub activities as they are used in organization charts.
Programmers use a structure chart to build a program in a manner similar to how an architect
uses a blueprint to build a house. In the design stage, the chart is drawn and used as a way for the
client and the various software designers to communicate.
Structure Chart is used to show the hierarchical arrangement of the modules in a Session
Authentication Password Using Image. Each rectangular box in the structure chart represents a
form and module. The names of the forms are written inside the box. An arrow joins two forms
that have an invocation relationship.
A structure chart depicts
the size and complexity of the system, and
number of readily identifiable functions and modules within each function and
KGISL Institute of Information ManagementPage 15
Close Pending
Tasks
whether each identifiable function is a manageable entity or should be broken
down into smaller components
The module and forms in the Session Authentication Password Using Image represents
in the below structure chart.
KGISL Institute of Information ManagementPage 16
Pattern selection
Session Authentication Password Using Image
Picture selection Registration Login
Three patterns
Line
Point
circle
Select various pictures from gallery
Register the pattern in the image
Verify the registered pattern is same or not
Fig 3.3 Structure Chart
3.3 DESIGN PROCESS
3.3.1 DATABASE DESIGN
Software design is the iterative process through which requirements are translated into a
“Blueprint” for constructing the S/W. The design must implement all the explicit requirements
contained in the analysis model, and it must accommodate all the implicit requirements desired
by the customer. The design must be readable, understandable for those who generate code and
for those who test subsequently support the software. The design should provide a complete
picture of the software, addressing the data, functional, behavioral domains from an
implementation perspective.
To design an application it is necessary to design a database file. These files are called
tables. After designing the output and input, tables must be organized according to the storage
needs of the back end used. Normalization procedure is used to avoid duplication of data and to
produce feasibility necessary to support different functional requirements. In this project some
fields are assigned as primary key. The repeating data are removed and are placed in the
corresponding entity. In the master table primary key is assigned and this is referenced by the
KGISL Institute of Information ManagementPage 17
same field in the transaction table which is assigned there as foreign key. Every non key attribute
in this system are non-transitively dependent on primary key. The records are retrieved by
selecting the primary key.
Normalization
It is a technique for designing relational database tables to minimize duplication of information.
The goals of normalization are,
Eliminating redundant data
Ensuring data dependencies make sense.
3.3.2. TABLE STRUCTURE
TABLE NAME: TB_MASTER_PICTURES
PRIMARY KEY: VCH_PICTURE_ID
COLUMN NAME DATA TYPE CONSTRAINT DESCRIPTION
Vch_picture_id Varchar(10) Primary KeyAuto generation of picture id for each
pictures
Blob_pictures Blob Not Null Storing pictures
Table 3.2 It contain the details of the picture
TABLE NAME: TB_CHILD_REGISTRATION
PRIMARY KEY: VCH_USER_ID
FOREIGN KEY: VCH_PICTURE_ID
KGISL Institute of Information ManagementPage 18
COLUMN NAME DATA TYPE CONSTRAINT DESCRIPTION
Vch_user_id Varchar(10) Primary KeyAuto generation of
user id
Vch_picture_id Varchar(10) Foreign Key, Not NullSelect picture id from
database
Int_position Int(200) Not Null Indicate the position
Table 3.2 It contain the details of the registration
3.3.3 INPUT DESIGN
The input design is the process of converting the user-oriented inputs in to the computer-
based format. For providing a good input design for the application easy data input and selection
features are adopted.
The input design requirements are user friendliness and consistent format. The input form
comprises of Login form, which play a major role in the project that screens the unauthorized
user entering into the system. The given below the Input screens.
Picture Selection
Registration
Picture Selection
Description: Select the Picture from gallery for register the pattern.
Input: Select the picture from Database.
Process: Store the picture in the table
Table: Tb_Master_Picture
Registration
Description: Register the pattern such as line, point, and circle in the image.
KGISL Institute of Information ManagementPage 19
Input: Draw the pattern as per instruction.
Process: Store the pattern in the table
Table: Tb_Child_Registration
3.3.4 OUTPUT DESIGN
The output design presents the manipulated data to the end user. The output design acts
as medium of communication to the user by providing the desired data that may be either a
stored data fetched from the database or may be manipulated result displayed to the user for
confirmation before it is stored into the database.
The quality output is one, which meets the requirements of the end user and presents the
information clarity. In any system results of processing are communicated to the users and to
other systems through outputs. The output design deals with determining how the information is
to be displayed for immediate need and also for the hard copy output. The given below the
output screens.
3.4 DEVELOPMENT APPROACH
Project development approach
Software process model
To solve actual problems in industry settings, software engineer or a team of engineers must
incorporate a development strategy that encompasses the process, methods and tools layers and
generic phases. This strategy is often referred to as process model or a software engineering
paradigm. A process model for software engineering is chosen based on the nature of the project
and application, the methods and tools to be used, and the controls and deliverables that are
required.
The Linear Sequential Model
KGISL Institute of Information ManagementPage 20
System/Information Engineering
Analysis Design Code Test
Fig 3.4Linear Sequential Model
System/information Engineering and Modeling
System engineering and analysis encompasses require gathering at the system level.
Information engineering encompasses requirements gathering at the strategic business level.
Software requirement analysis
To understand the nature of the program to be built, the S/W engineer must understand
The information domain of the software.
Required function.
Behavior.
Performance &Interface.
Design
It focuses four distinct attributes of a program
Data structure
Software architecture
Interface representations &
Procedural (Algorithmic) Detail.
This process translates the requirements in to representation, and the design is documented.
Code generation
The design is translated in to machine readable form in code generation
Testing
The testing process focuses
The logical internals of the software.
Ensuring all the statements have been tested
On the Functional Externals.
KGISL Institute of Information ManagementPage 21
Ensure that the Defined input will produce the actual Results.
Support
Software will undergo a change after it is delivered to the customer. Change will occur
because
Errors have been encountered.
S/W must be adapted to accommodate to new environment.
CHAPTER – IV
4. TESTING AND IMPLEMENTATION
4.1 SYSTEM TESTING
System testing is a type of testing to confirm that all code modules work as specified, and
that the system as a whole performs adequately on the platform on which it will be deployed.
System testing should be performed by testers who are trained to plan, execute, and report on
application and system code. They should be aware of scenarios that might not occur to the end
user, like testing for null, negative, and format inconsistent values.
System testing of software or hardware is testing conducted on a complete, integrated system to
evaluate the system's compliance with its specified requirements. A tester should be able to
repeat the steps that caused an error. Test techniques include, but are not limited to, the process
of executing a program or application with the intent of finding software bugs.
4.1.1 TESTING AND METHODOLOGIES
KGISL Institute of Information ManagementPage 22
Requirements Trace ability
As most interested portion is whether the system is meeting its requirements or not, for
that testing should be planned so that all requirements are individually tested. We checked the
output of certain combination of inputs, which gives desirable results, or not. Strictly stick to the
requirements specifications, gives the path to get desirable results from the system.
Tested Items
Tested items are like sending request to administrator, solving the sent request by the
Assignee, changing password of Assignee and student, sending user feedback, adding new
categories, adding new departments etc.
Testing Schedule
Testing has been done for each procedure back-to-back so that errors and omissions can
be found as early as possible. Once the system has been developed fully testing procedure is
followed on other machines, which differs in configuration.
Software Testing involves executing an implementation of the software with test data and
examining the outputs of the software and its operational behavior to check that it is performing
as required.
Different testing techniques are as described below:
Black-box Testing
In Black-Box Testing or Functional Testing, the output of the module and software, is
taken into consideration, i.e. whether the software gives proper output as per the requirements or
not. In another words, this testing aim to test a program's behavior against it specification
without making any reference to the internal structure of the program or the algorithms used.
KGISL Institute of Information ManagementPage 23
Therefore the source code is not needed, and so even purchased modules can be tested. The
program just gets a certain input and its functionality is examined by observing the output.
This can be done in the following way:
Input Interface
Processing
Output Interface
The tested program gets certain inputs. Then the program does its job and generates a certain
output, which is collected by a second interface. This result is then compared to the expected
output, which has been determined before the test.
White-box Testing
White Box testing is used as an important primary testing approach. Here code is inspected
to see what it does; tests are designed to exercise the code. Code is tested using code scripts,
driver etc that are employed to directly interface with and drive the code.
Integration Testing
After the individual modules were tested out, the integration procedure is done to create a
complete system. This integration process involves building the system and testing the resultant
system for problems that arise from component interactions.
The top-down strategy is applied to validate high-level components of a system before design
and implementations have been completed.
TEST CASES
Test Cases using Unit Testing:- Picture Selection Module
Test Id Test Condition Test Input Actual Expected Test
KGISL Institute of Information ManagementPage 24
Description Data Result Result Result
LF_01User select the
Picture
User selects the picture from
gallery-
System accepts the
Picture
System should accept the
picture
Pass
LF_02User crop the
pictureUser does not
crop the picture-
System does not accepts the picture
System shows error message
Pass
LF_05User saves the
picture
User crops the picture and then
save it.-
System accepts the
picture
System should accept the
picturePass
LF_08User discard the picture
User wants to select other
picture choose discard
-
System discard the
selected picture
System should discard the
selected picture
Pass
Table 4.1 Picture table done with Unit testing
Screen
KGISL Institute of Information ManagementPage 25
Fig 4.1 Picture Selection Form
Integration Testing
KGISL Institute of Information ManagementPage 26
Test case for Integration Testing: Registration
Test ID
Test Condition
Test DescriptionInput Data
Actual Result
Expected Result
Test
Result
IG_01User
register the pattern
User submit the register it redirects
into login form-
System accepts the
data
System should accepts the data
Pass
IG_02User
forget the pattern
User draw the pattern wrongly it redirects the pin
number page
-
System does not accept the wrong
pattern
System should show the pin number page
Pass
Table 4.2 Register table done with Integration testing
Screen
Fig 4.2 Register Form
Validation Testing
KGISL Institute of Information ManagementPage 27
Validation testing ensures that the software has been build satisfies the customer
requirements. Validation testing is used to validate the fields in the form. It mainly focuses on
text field and numeric field. But in this project it validates pattern
Test ID
Test
Condition
Test Description
Input Data
Actual Result
Expected Result
Test
Result
LF_01Draw the Pattern
Draw the correct pattern as per
given instructions
-System accept only correct
pattern
System should accept only
correct patternPass
LF_02Forget the
patternUser forget the
pattern-
System shows access denied
System should show error message
Pass
Table 4.2 Register table done with Validation testing
Screen
Fig 4.3 Login Form
4.2 QUALITY ASSURANCE
KGISL Institute of Information ManagementPage 28
Quality assurance consists of the auditing and reporting functions of management. The goal of
quality assurance is to provide management with the data entries necessary to be informed about
the product quality thereby gaining the goal of insight and confidence that the product quality is
meeting.
Greater emphasis on quality in organization requires quality assurance. The development process
must include checks throughout the process to ensure that the final product meets the original
user requirements.
On the development process quality assurance process is integrated into a linear development
cycle through validation and verification performed at crucial system development steps .The
goals of the management is to institute and monitor a quality assurance program with in the
development process .Quality assurance includes,
Validation of the system against requirements.
Provide the security for hackers.
4.2.1 GENERIC RISKS
A risk is a potential event with negative consequences that has not happened yet. However
a risk could also be defined as the event with unforeseen positive consequences. By identifying
the risks we can avoid failures and increase the success rate of our system.
4.2.2 SECURITY TECHNOLOGIES& POLICIES
Security is necessary in today's environment because data processing represents a
concentration of valuable assets in the form of information, equipment, and personnel. Security
and privacy must focus on controlling unauthorized access. The following security policies are
implemented in our system. They are
Security
Authorization and Access Control.
Session Management.
4.3 SYSTEM IMPLEMENTATION
KGISL Institute of Information ManagementPage 29
Implementation is the stage of the project where the theoretical design is turned into a
working system. At this stage the main work load, the greatest upheaval and the major impact on
the existing system shifts to the user department. If the implementation is not carefully planned a
controlled it can cause and confusion.
Implementation includes all those activities that take place to convert from the old system to the
new one. The new system may be totally new, replacing an existing manual or automated system
or it may be a major modification to an existing system. Successful implementation may not
guarantee improvement in the organization using the new system, but improper installation will
prevent it.
4.3.1 Implementation Procedures
Implementation of software refers to the final installation of the package in its real
environment, to the satisfaction of the intended users and the operation of the system.
The active user must be aware of the benefits of using the system.
Their confidence in the software is built up.
Proper guidance is imparted to the user so that he is comfortable in using the
application.
The user must know that for viewing the result, the server program should be running
in the server.
If the server object is not up running on the server, the actual processes won’t take
place.
4.3.2 User Training
Our entire system was developed very user friendly. No extra training was required to use
our system. Our system automatically guides (fully user guided) the user to give input and to
produce the output.
4.3.3 Operational Documentation
KGISL Institute of Information ManagementPage 30
An online help which gives the clear idea about our system was attached with our system.
Whenever the user needs guidance he can get help from the help manual.
4.4 SYSTEM MAINTENANCE
The maintenance phase of the software cycle is the time in which a software product
performs useful work. After a system is successfully implemented, it should be maintained in a
proper manner. System maintenance is an important aspect in the software development life
cycle.
The need for system maintenance is for it to make adaptable to the changes in the system
environment. There may be social, technical and other environmental changes, which affect a
system, which is being implemented. Software product enhancements may involve providing
new functional capabilities, improving user displays and mode of interaction, upgrading the
performance characteristics of the system.
Maintenance is actually implementation of the review plan as important as it is
programmers and analyst is to perform or identify with him or herself with the maintenance.
Analyst and programmers spend fair more time maintaining programmer then they do writing
them Maintenances account for 50-80% of total system development.
4.4.1 Adaptability, Enhancement and Fixation
Our system was developed to accept the new changes in the system environment. There
may be social, technical and other environmental changes, which affect a system, which is being
implemented. Our system was developed in the way to adapt the enhancements which may
involve providing new functional capabilities, improving user displays and mode of interaction,
upgrading the performance characteristics of the system.
CHAPTER-V
KGISL Institute of Information ManagementPage 31
5. CONCLUSION
The proposed Cued Click Points scheme shows promise as a usable and memorable
authentication mechanism. By taking advantage of users’ ability to recognize images and the
memory trigger associated with seeing a new image, CCP has advantages over Pass Points in
terms of usability. Being cued as each images shown and having to remember only one click-
point per image appears easier than having to remember an ordered series of clicks on one
image.
CCP offers a more secure alternative to Pass Points. CCP increases the workload for
attackers by forcing them to first acquire image sets for each user, and then conduct hotspot
analysis on each of these images.
5.1 SCOPE FOR FURTHER ENHANCEMENT
In future it has great scope. It can be used everywhere instead of text-based password .I
can increase the security of this system by increasing the number of levels used, the number of
tolerance squares used.
In future development we can also add challenge response interaction. In challenge
response interactions, server will present a challenge to the client and the client need to give
response according to the condition given. If the response is correct then access is granted. Also i
can limit the number a user can enter the wrong password.
5.2 BIBLIOGRAPHY
KGISL Institute of Information ManagementPage 32
BOOKS
Android 4: New features for Application Development
Android™ Application Development Cookbook-john whiley & sons
Android Community Experts-Beijing • Cambridge • Farnham • Köln • Sebastopol
Android in Action Third Edition
BEGINNING ANDROID™ 4 APPLICATION DEVELOPMENT
Developing Android Applications with Adobe AIR by Véronique Brossier
WEB REFERENCES
www.stackoverflow.com ,
www.tutorialpoin.com
www.google.co.in
www.androidtutorial.com
www.android.com ,
www.androidschool.com
ANNEXURES
1. INPUT DESIGN
KGISL Institute of Information ManagementPage 33
Home Page
Screen 5.1 Home page
Gesture Selection
Screen 5.2 Gesture Selection Page
Picture Selection
KGISL Institute of Information ManagementPage 34
Screen 5.3 Picture page
Crop the Picture
Screen 5.4 Crop page
Time Out
KGISL Institute of Information ManagementPage 35
Screen 5.5 Session page
Register
Screen 5.6 Register page
2. OUTPUT DESIGN
KGISL Institute of Information ManagementPage 36
Login
Screen 5.7 Login page
Login Incorrect
Screen 5.8 Login page
3. SOURCE CODE
KGISL Institute of Information ManagementPage 37
HomeChooser
package com.TwinBlade.PicturePassword;
import android.app.Activity;
import android.app.AlertDialog.Builder;
import android.content.ComponentName;
import android.content.Context;
import android.content.DialogInterface;
import android.content.DialogInterface.OnClickListener;
import android.content.Intent;
import android.content.SharedPreferences;
import android.content.SharedPreferences.Editor;
import android.content.pm.ActivityInfo;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageManager;
import android.content.pm.ResolveInfo;
import android.os.Bundle;
import android.preference.PreferenceManager;
import android.view.View;
import android.view.View.OnClickListener;
import android.widget.Button;
import android.widget.CheckBox;
KGISL Institute of Information ManagementPage 38
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
public class HomeChooser extends Activity
implements View.OnClickListener
{
private List<String> homeLaunchersComponentArray = new ArrayList();
CheckBox mBoot;
private ComponentName mComponentName;
private Context mContext;
Button mDisable;
Button mEnable;
private PackageManager mPackageManager;
Button mSelect;
private SharedPreferences mSharedPreferences;
private void selectLauncher()
{
ArrayList localArrayList = new ArrayList();
Intent localIntent = new Intent("android.intent.action.MAIN");
localIntent.addCategory("android.intent.category.HOME");
List localList = this.mPackageManager.queryIntentActivities(localIntent, 0);
KGISL Institute of Information ManagementPage 39
Iterator localIterator;
if (localList != null)
localIterator = localList.iterator();
while (true)
{
if (!localIterator.hasNext())
{
CharSequence[]arrayOfCharSequence=(CharSequence[])localArrayList.toArray(newCharSeque
nce[localArrayList.size()]);
AlertDialog.Builder localBuilder = new AlertDialog.Builder(this);
localBuilder.setTitle("Options for ");
localBuilder.setItems(arrayOfCharSequence, new DialogInterface.OnClickListener()
{
Publicvoid onClick(DialogInterface paramAnonymousDialogInterface, int paramAnonymousInt)
{
PreferenceManager.getDefaultSharedPreferences(HomeChooser.this.mContext).edit().putString(
"HomeLauncher",
(String)HomeChooser.this.homeLaunchersComponentArray.get(paramAnonymousInt)).commit(
);
}
}).show();
return;
KGISL Institute of Information ManagementPage 40
}
ResolveInfo localResolveInfo = (ResolveInfo)localIterator.next();
if (localResolveInfo.activityInfo.packageName.equals("com.TwinBlade.PicturePassword"))
continue;
try
{
ApplicationInfolocalApplicationInfo2=this.mPackageManager.getApplicationInfo(localResolveI
nfo.activityInfo.packageName, 0);
localApplicationInfo1 = localApplicationInfo2;
ActivityInfo localActivityInfo = localResolveInfo.activityInfo;
ComponentNamelocalComponentName=newComponentName(localActivityInfo.applicationInfo
.packageName, localActivityInfo.name);
this.homeLaunchersComponentArray.add(localComponentName.flattenToString());
localArrayList.add((String)this.mPackageManager.getApplicationLabel(localApplicationInfo1));
}
catch (Exception localException)
{
while (true)
ApplicationInfo localApplicationInfo1 = null;
}
}
}
KGISL Institute of Information ManagementPage 41
public void onClick(View paramView)
{
switch (paramView.getId())
{
case 2131427346:
default:
case 2131427348:
case 2131427349:
case 2131427347:
case 2131427345:
}
while (true)
{
return;
this.mPackageManager.setComponentEnabledSetting(this.mComponentName, 1, 1);
Utilities.mHomeLauncherOnBoot = false;
continue;
this.mPackageManager.setComponentEnabledSetting(this.mComponentName, 0, 1);
continue;
selectLauncher();
continue;
KGISL Institute of Information ManagementPage 42
if (this.mBoot.isChecked())
this.mSharedPreferences.edit().putBoolean("StartOnBoot", true).commit();
else
this.mSharedPreferences.edit().putBoolean("StartOnBoot", false).commit();
}
}
public void onCreate(Bundle paramBundle)
{
super.onCreate(paramBundle);
setContentView(2130903045);
this.mContext = this;
this.mSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this);
this.mPackageManager = getPackageManager();
this.mComponentName=newComponentName("com.TwinBlade.PicturePassword","com.TwinBl
ade.PicturePassword.HomeLauncher");
this.mEnable = ((Button)findViewById(2131427348));
this.mDisable = ((Button)findViewById(2131427349));
this.mSelect = ((Button)findViewById(2131427347));
this.mBoot = ((CheckBox)findViewById(2131427345));
this.mEnable.setOnClickListener(this);
this.mDisable.setOnClickListener(this);
KGISL Institute of Information ManagementPage 43
this.mSelect.setOnClickListener(this);
this.mBoot.setOnClickListener(this);
this.mBoot.setChecked(this.mSharedPreferences.getBoolean("StartOnBoot", false));
}
}
Image
package com.TwinBlade.PicturePassword;
import android.annotation.SuppressLint;
import android.app.Activity;
import android.content.Intent;
import android.graphics.Bitmap.CompressFormat;
import android.net.Uri;
import android.os.Bundle;
import android.provider.MediaStore.Images.Media;
import android.view.Display;
import android.view.View;
import android.view.View.OnClickListener;
import android.view.WindowManager;
import android.widget.Button;
import com.android.camera.CropImageIntentBuilder;
import java.io.File;
KGISL Institute of Information ManagementPage 44
import java.io.FileOutputStream;
import org.acra.ACRA;
import org.acra.ErrorReporter;
@SuppressLint({"WorldWriteableFiles"})
public class Image extends Activity
implements View.OnClickListener
{
private static final int REQ_CODE_CROP_IMAGE = 2;
private static final int REQ_CODE_PICK_IMAGE = 1;
private int mDisplayHeight;
private int mDisplayWidth;
Button mExternal;
Button mInternal;
private Uri getFileUri()
{
try
{
openFileOutput("PhotoData.jpg", 2).close();
return Uri.fromFile(new File(getFilesDir(), "PhotoData.jpg"));
}
catch (Exception localException)
KGISL Institute of Information ManagementPage 45
{
while (true)
{
Utilities.showToast(this, "Error Writing Data To Internal Storage \n Storage Unaccessible", 4,
true);
ACRA.getErrorReporter().handleException(localException);
}
}
}
protected void onActivityResult(int paramInt1, int paramInt2, Intent paramIntent)
{
super.onActivityResult(paramInt1, paramInt2, paramIntent);
switch (paramInt1)
{
default:
case 1:
case 2:
}
while (true)
{
return;
KGISL Institute of Information ManagementPage 46
if (paramInt2 == -1)
{
CropImageIntentBuilderlocalCropImageIntentBuilder=newCropImageIntentBuilder(this.mDispl
ayWidth, this.mDisplayHeight, this.mDisplayWidth, this.mDisplayHeight, getFileUri());
localCropImageIntentBuilder.setSourceImage(paramIntent.getData());
startActivityForResult(localCropImageIntentBuilder.getIntent(this), 2);
}
else
{
finish();
continue;
if (paramInt2 != -1)
Utilities.showToast(this, "Image Not Cropped", 4, true);
finish();
}
}
}
public void onAttachedToWindow()
{
super.onAttachedToWindow();
if (SetupWizard.mSetupRunning)
KGISL Institute of Information ManagementPage 47
sendBroadcast(new Intent("com.TwinBlade.PicturePassword.SETUP_NEXT"));
}
public void onClick(View paramView)
{
switch (paramView.getId())
{
default:
case 2131427350:
case 2131427351:
}
while (true)
{
return;
Intent localIntent2 = new Intent("android.intent.action.GET_CONTENT");
localIntent2.setType("image/*");
startActivityForResult(localIntent2, 1);
continue;
IntentlocalIntent1=newIntent("android.intent.action.PICK",MediaStore.Images.Media.EXTERN
AL_CONTENT_URI);
localIntent1.setType("image/*");
localIntent1.putExtra("crop", "true");
KGISL Institute of Information ManagementPage 48
localIntent1.putExtra("scale", true);
localIntent1.putExtra("aspectX", this.mDisplayWidth);
localIntent1.putExtra("aspectY", this.mDisplayHeight);
localIntent1.putExtra("return-data", false);
localIntent1.putExtra("output", getFileUri());
localIntent1.putExtra("outputFormat", Bitmap.CompressFormat.JPEG.toString());
startActivityForResult(localIntent1, 2);
}
}
public void onCreate(Bundle paramBundle)
{
super.onCreate(paramBundle);
setContentView(2130903046);
if (!Utilities.landscapeMode())
setRequestedOrientation(1);
while (true)
{
Display localDisplay = getWindowManager().getDefaultDisplay();
this.mDisplayWidth = localDisplay.getWidth();
this.mDisplayHeight = localDisplay.getHeight();
this.mInternal = ((Button)findViewById(2131427350));
KGISL Institute of Information ManagementPage 49
this.mExternal = ((Button)findViewById(2131427351));
this.mInternal.setOnClickListener(this);
this.mExternal.setOnClickListener(this);
return;
setRequestedOrientation(0);}}}
KGISL Institute of Information ManagementPage 50
KGISL Institute of Information ManagementPage 51
3. ABBREVATIONS
CCP Cued Click Points
SDK Software Development Kit
DFD Data Flow Diagram
API Application Programming Interface
GUI Graphical User Interface
top related