Computer Science Project Topics

Design and Implementation of a Two Factor Authentication Login System Using One Time Password (OTP) With SMS

Design and Implementation of a Two Factor Authentication Login System Using One Time Password (OTP) With SMS

Design and Implementation of a Two Factor Authentication Login System Using One Time Password (OTP) With SMS

CHAPTER ONE

OBJECTIVE OF THE STUDY

The project aims and objectives that will be achieved after completion of this project are discussed in this subchapter. The aims and objectives are as follows:

  1. Avoid the risks related to the use password.
  2. Limit the unauthorized access to accounts.
  3. Verification of the person requesting access to the system.
  4. Building authentication process with low cost.
  5. To take advantage of users smartphones

CHAPTER TWO

LITERATURE REVIEW

THEORETICAL BACKGROUND

The information and communication technology improvement significant impact in all areas of daily life, in the management of our personal lives and interact with others or in the management of institutions and activities dealing with customers. Despite the information and communication reduced many of the efforts daily transactions and facilitate the process of taking complex decisions, but that this technique could be accompanied by some of the real risks that the necessary security measures have been applied. Because of the rapid development of information technology and the growth in exchange for increasing the number of gaps security threats are discovered, the need to secure information and keep abreast of this development is a optimally goals the strategy seeks to achieve the advanced international institutions that deal with information technology. Knowing that, and in under difficult economic circumstances, a lot of work organizations around the world have sought to increase their investment in the development of information and personnel security technologies, so as to belief in representing as the foundation stone for the construction of its information secure system [3].

PASSWORD

Password is a set of secret characters or words utilized to gain access to a computer, web page, network resource, or data. Passwords help ensure that computers or data can only be accessed by those who have been granted the right to view or access them (Stein, 2016).

ONE TIME PASSWORD(OTP)

A One-Time Password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or session. An OTP is more secure than a fixed password, especially a user-created password, which might get prone to attacks after a certain period of time. OTPs may replace authentication login information or may be used in addition to it, to add another layer of security. OTP is password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs can either be time synchronized or be based on mathematical algorithms, time synchronized OTPs being the more famous type. A common technology used for the delivery of OTPs is text messaging. Because text messaging is a ubiquitous communication channel, being directly available in nearly all mobile handsets and, through text-to-speech conversion, to any mobile or landline telephone, text messaging has a great potential to reach all consumers with a low total cost to implement (Kavya, 2015).

CRYPTOGRAPHY

Discipline or techniques employed in protecting integrity or secrecy of electronic messages by converting them into unreadable (cipher text) form. Only the use of a secret key can convert the cipher text back into human readable (clear text) form. Cryptography software and/or hardware devices use mathematical formulas (algorithms) to change text from one form to another (Beal, 2016).

 

CHAPTER THREE

METHODOLOGY AND ANALYSIS OF THE EXISTING SYSTEM

Types of Existing systems:

There are several systems for dealing with two way mobile authentication. They may differ in delivering the password to the authorized user or a different entity based on the security constraints. Some of them are as follows

Tokens

A token is a device used to authorize the user with the services. A token may be software or hardware. Software tokens are used to identify the person electronically, i.e. it may be used as a password to access something. Hardware tokens are small hand held devices which carry the information which stores cryptographic keys, digital signatures or even bio-metric data by which we can send generated key number to a client system. Mostly all the hardware tokens have a display capability. The hardware tokens include a USB, digital pass etc.

CHAPTER FOUR

DESIGN AND IMPLEMENTATION OF THE NEW SYSTEM

Below are the steps to be followed to demonstrate two way mobile authentication systems:

  1. Create a project flow design.
  2. Design good looking and attracting web pages and site flow with Hypertext markup language (HTML) and Cascading Style sheets (CSS).
  3. Decide the database structure to store the registered user’s contact, log-in and account details.
  4. Develop the code needful to navigate the application dynamically.
  5. Integrate the BULK SMS HTTP/HTTPS API to our system to send SMS (which include the one-time password (OTP) generated by the algorithm)
  6. Test the application to locate and remove any bugs.

CHAPTER 5

SUMMARY CONCLUSION AND RECOMMENDATION

Summary

The research project focused on “A TWO WAY” A case study of Springlight University Uyo. After stating the objectives of the study, the researcher source for data using different techniques which includes interview method and observation method. Textbook journals and the internet provided a good source of information. This gave room to the detailed investigation and analysis of the various means of login/ password security and how to improve to a more secured way of saving our various logins and other means of accessing important pages with more security and more convenience.

Conclusion

Our thesis goal was to study and implement the two way authentication method and its advantages over the one way authentication system. Our first step was analysis where we studied the traditional authentication systems and how passwords are compromised in such systems and what can be done to negate the comprising factors. This was followed with the study of the limitations of the two way mobile authentication systems. Once the above were completed, the focus was shifted to the implementation of the two way authentication method. The algorithm selected is SHA-1 Algorithm, and then the implementation of the design for the password generation was carried out in PHP. This was followed by an application development of this software with a dashboard and testing our implementation of the two way authentication system with such an application. The One Time Password (OTP) was sent to the GSM user through Smartsmssolution, a SMS gateway provider. During the testing of the implementation, it was found that the system was working fine and that our implementation of the two way authentication system was working and had better security compared to the conventional one way authentication system. The OTP password generator ensured that the same password was not repeated and the OTP will be deleted from the database immediately after. Our thesis goal to study and implement a two way authentication method was successful and the functionality implemented by us was working satisfactorily.

Future Work

Probing deeper, the demo application in this thesis also provide a strong foundation for future work in Two Factor authentication for security applications. Future developments include a more user friendly GUI and extending the OTP algorithm so that password can be generated based on different cryptographic functions. In addition to that we can add features such as giving as choice to the user to choose from different ways to authenticate him to the system to which he was supposed to authenticate.

REFERENCES

  • Michael Pearce, Ray Hunt, Sherali Zeadally. Assessing and Improving Authentication Confidence Management, University of Canterbury, New Zealand and University of the District of Columbia.
  •  Suzumura T, Trent S, Tatsubori M, Tozawa A, Onodera T. Performance comparison of Web Service Engines in PHP, Java and C,IEEE International Conference on Web Services 2008.
  • Smartsmssolution SMS Gateway developer Api available at http://smartsmssolution.com/developers/api_http.php
  • George Schlossnagle, Advanced PHP programming.
  • Naphtali Rishe, Khaled Naboulsi, Ouri Wolfson, Bryon Ehlmann. An Efficient Web-based Semantic SQL Query Generator .High Performance Database Research Center, Florida International University.
  • Muhammad Saleem, Kyung-Goo Doh. Generic Information System Using SMS Gateway. Fourth International Conference on Computer Sciences and Convergence Information Technology 2009.
  • A.medrano,Online Banking Security-Layers of protection available at http://ezinearticles.com/?Online-Banking-Security—Layers-of-Protection&id=1353184
  • Do van Thanh Jorstad, I.Jonvik, and T.Do Van Thuan. Strong Authentication with Mobile Phone as Security Token, Mobile Adhoc and Sensor Systems, 2009. IEEE 6th International Conference.
Tweet
Share
Share
Pin

Related Topics:

  1. Real-Time Intrusion and Wormhole Attack Detection in the Internet of Things
  2. Comparison of GSM Promotion Subscribers’ Application Services
  3. Design and Implementation of an Automated Inventory Control System for a Manufacturing Organisation (a Case Study of Nigerian Breweries Plc, Enugu)
  4. Design and Implementation of a Computer-driven Stock Management System for Small Businesses Record Keeping and Tracking
  5. Development and Implementation of a Mathematical Model of Distant Education System

Other Topics

WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
Chat us Now