International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395 -0056
Volume: 04 Issue: 02 | Feb -2017
p-ISSN: 2395-0072
www.irjet.net
Smart-Authentication: A secure web service for providing bus pass renewal system
Priyanka Bhunde1, Rutuja Pol2, Trupti Chandgude3,Shambhavi Nangare4 ,Prof. Shrikant Nagure5
1Priyanka
Bhunde, Dept. of Computer Engineering, RMD Sinhgad School of Engineering, Maharashtra, India Pol, Dept. of Computer Engineering, RMD Sinhgad School of Engineering, Maharashtra, India 3Trupti Chandgude, Dept. of Computer Engineering, RMD Sinhgad School of Engineering, Maharashtra, India 4Shambhavi Nangare, Dept. of Computer Engineering, RMD Sinhgad School of Engineering, Maharashtra, India 5Professor Shrikant Nagure, Dept. of Computer Engineering, RMD Sinhgad School of Engineering, Maharashtra, India 2Rutuja
---------------------------------------------------------------------***---------------------------------------------------------------------
Abstract - Now a day we are towards the development of
smart city, so all people want everything on their finger tips and there has been also increase in use of mobile devices like smart phones and tablets. Web has become the dominant interface for people to conduct their daily businesses on the Internet or a corporate network. People use their PCs to check email, access financial accounts, to do online shopping, all through a web browser. In this paper We are developing an application for bus pass renewal and we are providing Web security using Smart-Authentication, a web authentication scheme that exploits pervasive mobile devices and digital cameras to counter various password attacks including manin-the-middle and phishing attacks. In Smart-Authentication, a mobile device is used as the second authentication factor to vouch for the identity of a use that is performing a web login from a PC. Smart-Authentication employs public key cryptography to ensure the Security of authentication process. We implemented a prototype system of Smart-Authentication that consists of an Android application, a Chrome browser extension, and a Java-based web server.
Key Words: : QR-Code or Barcode, Visible Light
Communication (VLC),Phishing attack,Cryptography web server,TFA(Two Factor Authentication).
1.INTRODUCTION In several areas and particularly in business, Web has become the dominant interface for people to conduct their daily businesses on the web or company network authentication .In general, a user authenticates herself to an internet application hosted on a remote server by coming into her username and positive identification in the application’s login page (either manually or mechanically through a positive identification manager). positive identification has been the First State facto methodology for net authentication [1]. However password only authentication cannot give ample cannot give ample protection because the mechanism is at risk Of a range of attacks together with shoulder surfing attack [2] To improve net authentication security and facilitate © 2017, IRJET
|
Impact Factor value: 5.181
|
positive identification management, thought net browsers(e.g chrome , Firefox, and net Explorer) have introduced integral positive identification managers Standalone positive identification Managers (e.g., 1Password and KeyPass) and web based positive authentication managers that run during browser. However, a password manager alone does not provide ample security assurance due to insecure computing environments at either native or remote. Zhao and Cantonese dialect showed that none of the browser integral password managers in thought net browsers may stop malware from stealing passwords during a laptop setting [3]. Recent studies on net on net positive identification automobile filling [11] and web based password managers [4] reveal that there exist variety of Serious vulnerabilities in standard positive identification Managers. In recent years we have observed that frequent happening of knowledge breaches and positive identification info leaks that occurred on outstanding websites similar to LinkedIn , Yahoo! and Gmail .Those positive identification leaks endanger countless people’s data security not solely on those websites however additionally on alternative websites thanks to positive identification employ to create matters worse, attackers usually launch MITM attack and phishing attack to steal users’ passwords. The recent MITM attack against Iranian Google users demonstrates that even a user of well maintained and hardened web site may be subjected to the MIMM attack. Camauth consist of an android application ,a chrome browser extension,and a java-based web server .The main of this project to assure the security of web security while renew a pass ,it is very cost effective and convenient to the user .This system is made as user friendly as possible so that anyone can use it with little knowledge of system computers.
2. LITERATURE SURVEY We first evaluate CamAuth using the web authentication assessment framework proposed by Bonneau et al. [1]. We compare e CamAuth with passwords, a most popular TFA scheme—Google 2-step verification (2SV) [6], and a relevant ISO 9001:2008 Certified Journal
|
Page 669