Upload
krishna-gade
View
56
Download
2
Embed Size (px)
Citation preview
Software Requirements Specification
for
<3D PASSWORDS>Prepared by :
M.S.BALA SUBRAMANYAM (08BQ1A0508)
G.KRISHNA KANTH (08BQ1A0520)
B.CHAITANYA DAS (08BQ1A0507)
VASIREDDY VENKATADRI
INSTITUTE OF TECHNOLOGY
DATE:08-01-2012
Table of Contents
1. Introduction..............................................................................................................................11.1 Purpose..............................................................................................................................................11.2 Project Scope....................................................................................................................................11.3 References.........................................................................................................................................1
2. Overall Description..................................................................................................................22.1 Product Perspective...........................................................................................................................22.2 Product Features................................................................................................................................22.3 User Classes and Characteristics......................................................................................................22.4 Operating Environment.....................................................................................................................22.5 Design and Implementation Constraints...........................................................................................2
2.6 assumptions and Dependencies……………………………………………..…………..32.7 Functional Requirements Specification.............................................................................5
2.7.1 user Use Case...........................................................................................................................5Use case: initialize...............................................................................................................................5Use case: register
2.7.2 server Use Case........................................................................................................................6Use case: authentication 63. External Interface Requirements...........................................................................................5
3.1 User Interfaces..................................................................................................................................53.2 Hardware Interfaces..........................................................................................................................53.3 Software Interfaces...........................................................................................................................53.4 Communications Interfaces..............................................................................................................5
4. Other Nonfunctional Requirements.......................................................................................64.1 Performance Requirements...............................................................................................................64.2 Safety Requirements.........................................................................................................................64.3 Security Requirements......................................................................................................................64.4 Software Quality Attributes..............................................................................................................6
6. Other Requirements................................................................................................................7Glossary..........................................................................................................................................7
1.0. Introduction
1.1. Purpose
The purpose of this document is to present a detailed description of the 3D
PASSWORDS AUTHENTICATION SYSTEM. It will explain the purpose and features of the
system, the interfaces of the system, what the system will do, the constraints under which it must
operate and how the system will react to external stimuli. This document is intended for both the
stakeholders and the developers of the system .
1.2. Scope of Project
The proposed system is a multi factor authentication scheme. It can combine all existing
authentication schemes into a single 3D virtual environment .This 3D virtual environment
contains several objects or items with which the user can interact. The user is presented with this
3D virtual environment where the user navigates and interacts with various objects. The
sequence of actions and interactions toward the objects inside the 3D environment constructs the
user’s 3D password. The 3D password can combine most existing authentication schemes such
as textual passwords, graphical passwords, and various types of biometrics into a 3D virtual
environment. The choice of what authentication schemes will be part of the user's 3D password
reflects the user's preferences and requirements. A user who prefers to remember and recall a
password might choose textual and graphical password as part of their 3D password. On the
other hand users who have more difficulty with memory or recall might prefer to choose smart
cards or biometrics as part of their 3D password. Moreover user who prefers to keep any kind of
biometric data private might not interact with object that requires biometric information.
Therefore it is the user's choice and decision to construct the desired and preferred 3D password.
1.3. References
IEEE. IEEE Std 830-1998 IEEE Recommended Practice for Software Requirements
Specifications. IEEE Computer Society, 1998
2.0. Overall Description
2.1Product Perspective:
Current authentication systems suffer from many weaknesses. Textual passwords are commonly
used. Users tend to choose meaningful words from dictionaries, which make textual passwords
easy to break and vulnerable to dictionary or brute force attacks. Many available graphical
passwords have a password space that is less than or equal to the textual password space. Smart
cards or tokens can be stolen. Many biometric authentications have been proposed. However,
users tend to resist using biometrics because of their intrusiveness and the effect on their privacy.
Moreover, biometrics cannot be revoked. The 3Dpassword is a multi factor authentication
scheme. The design of the 3D virtual environment and the type of objects selected determine the
3D password key space. User have freedom to select whether the 3D password will be solely
recall, recognition, or token based, or combination of two schemes or more.
2.2Product Features
The proposed system is a multi factor authentication scheme that combines the benefits
of various authentication schemes. Users have the freedom to select whether the 3D password
will be solely recall, biometrics, recognition, or token based, or a combination of two schemes or
more. This freedom of selection is necessary because users are different and they have different
requirements. Therefore, to ensure high user acceptability, the user’s freedom of selection is
important.The following requirements are satisfied in the proposed scheme
1. The new scheme provide secrets that are easy to remember and very difficult for intruders to
guess.
2. The new scheme provides secrets that are not easy to write down on paper. Moreover, the
scheme secrets should be difficult to share with others.
3. The new scheme provides secrets that can be easily revoked or changed.
Operating environment:The product will be operating in windows environment. Also it will be compatible with any web browser. The only requirement to use this system would be the internet connection.We also need to create a 3d environment,where the user can interact with different objects.Similar to other web applications, the platform required for the is similar to that of a normal web application. This would consist of a client and a server. An example would be as of below. (i.e. an apache web server and a My SQL database using ).
Design and Implementation Constraints:The design constraints and implementation constraints are as follows :
The user selection of 3d environments is limited.We need a 3d environment to interact with the system.
2.6 Assumptions and Dependencies:The product needs following third party product. SQL server to store the database. Python to develop the Product
2.7 Functional Requirements Specification:
This section outlines the use cases for each of the active users.
2.7.1 User Use Cases:
2.7.1.1 Use case: RegistrationDiagram:
Description: The user generates the public keyInitial step-by-step description:1:The user selects the group ‘G’ .2:Then initializes the public key randomly from ‘G’.
2.7.1.2 Use case: Authentication
Diagram:
Description:The user firsts requests for the login page, i.e. login.php. This page will then pass back aone-time token a, which is stored in the server database (for that session), and passed back tothe user. This will be used in the hash later on to prevent using the same, valid credentials.
3.External Interface Requirements
3.1User Interfaces
3.2. Hardware Interfaces
Server Side:
Operating System: Windows xp Processor: Pentium 3.0 GHz or higher RAM: 256 Mb or more Hard Drive: 10 GB or more
Client side: Operating System: Windows xp or above, MAC or UNIX. Processor: Pentium III or 2.0 GHz or higher. RAM: 256 Mb or more
3.3 Software Interfaces
Database: SQL Server. Application: python scripts and java applet,web browser Web Server:apachee is a powerful Web server that provides a highly reliable,
manageable, and scalable Web application infrastructure)
3.4. Communications Interfaces
The Customer must connect to the Internet to access the Website: Dialup Modem of 52 kbps Broadband Internet Dialup or Broadband Connection with a Internet Provider.
4. Other Nonfunctional Requirements
4.1: Performance Requirements:The purpose of the implementation is to make implementing the 3d passwords is to provide a more secure way of authentication.This is achieved by using the 3d environment with a combination .
4.2:Safety RequirementsThe database may get crashed at any certain time due to virus or operating system failure. Therefore, it is required to take the database backup.
4.3:Security Requirements
Prevention of obtaining password hashes or plaintext passwords from sniffing the network. The 3d password scheme should be able to avoid bruteforce attack and shoulder surfing attacks.4.4Hardware ConstraintsThe system requires a database in order to store persistent data. The database should have backup capabilities.The system shoul have a minimum graphics support.
4.5 :Software ConstraintsThe development of the system will be constrained by the availabilityof required software such as web servers, database and developmenttools. The 3d environment have to designed with the animating tools.
5.Other Requirements