Software Requirements Specification

for

<3D PASSWORDS>Prepared by :

M.S.BALA SUBRAMANYAM (08BQ1A0508)

G.KRISHNA KANTH (08BQ1A0520)

B.CHAITANYA DAS (08BQ1A0507)

VASIREDDY VENKATADRI

INSTITUTE OF TECHNOLOGY

DATE:08-01-2012

Table of Contents

1. Introduction..............................................................................................................................11.1 Purpose..............................................................................................................................................11.2 Project Scope....................................................................................................................................11.3 References.........................................................................................................................................1

2. Overall Description..................................................................................................................22.1 Product Perspective...........................................................................................................................22.2 Product Features................................................................................................................................22.3 User Classes and Characteristics......................................................................................................22.4 Operating Environment.....................................................................................................................22.5 Design and Implementation Constraints...........................................................................................2

2.6 assumptions and Dependencies……………………………………………..…………..32.7 Functional Requirements Specification.............................................................................5

2.7.1 user Use Case...........................................................................................................................5Use case: initialize...............................................................................................................................5Use case: register

2.7.2 server Use Case........................................................................................................................6Use case: authentication 63. External Interface Requirements...........................................................................................5

3.1 User Interfaces..................................................................................................................................53.2 Hardware Interfaces..........................................................................................................................53.3 Software Interfaces...........................................................................................................................53.4 Communications Interfaces..............................................................................................................5

4. Other Nonfunctional Requirements.......................................................................................64.1 Performance Requirements...............................................................................................................64.2 Safety Requirements.........................................................................................................................64.3 Security Requirements......................................................................................................................64.4 Software Quality Attributes..............................................................................................................6

6. Other Requirements................................................................................................................7Glossary..........................................................................................................................................7

1.0. Introduction

1.1. Purpose

The purpose of this document is to present a detailed description of the 3D

PASSWORDS AUTHENTICATION SYSTEM. It will explain the purpose and features of the

system, the interfaces of the system, what the system will do, the constraints under which it must

operate and how the system will react to external stimuli. This document is intended for both the

stakeholders and the developers of the system .

1.2. Scope of Project

The proposed system is a multi factor authentication scheme. It can combine all existing

authentication schemes into a single 3D virtual environment .This 3D virtual environment

contains several objects or items with which the user can interact. The user is presented with this

3D virtual environment where the user navigates and interacts with various objects. The

sequence of actions and interactions toward the objects inside the 3D environment constructs the

user’s 3D password. The 3D password can combine most existing authentication schemes such

as textual passwords, graphical passwords, and various types of biometrics into a 3D virtual

environment. The choice of what authentication schemes will be part of the user's 3D password

reflects the user's preferences and requirements. A user who prefers to remember and recall a

password might choose textual and graphical password as part of their 3D password. On the

other hand users who have more difficulty with memory or recall might prefer to choose smart

cards or biometrics as part of their 3D password. Moreover user who prefers to keep any kind of

biometric data private might not interact with object that requires biometric information.

Therefore it is the user's choice and decision to construct the desired and preferred 3D password.

1.3. References

IEEE. IEEE Std 830-1998 IEEE Recommended Practice for Software Requirements

Specifications. IEEE Computer Society, 1998

2.0. Overall Description

2.1Product Perspective:

Current authentication systems suffer from many weaknesses. Textual passwords are commonly

used. Users tend to choose meaningful words from dictionaries, which make textual passwords

easy to break and vulnerable to dictionary or brute force attacks. Many available graphical

passwords have a password space that is less than or equal to the textual password space. Smart

cards or tokens can be stolen. Many biometric authentications have been proposed. However,

users tend to resist using biometrics because of their intrusiveness and the effect on their privacy.

Moreover, biometrics cannot be revoked. The 3Dpassword is a multi factor authentication

scheme. The design of the 3D virtual environment and the type of objects selected determine the

3D password key space. User have freedom to select whether the 3D password will be solely

recall, recognition, or token based, or combination of two schemes or more.

2.2Product Features

The proposed system is a multi factor authentication scheme that combines the benefits

of various authentication schemes. Users have the freedom to select whether the 3D password

will be solely recall, biometrics, recognition, or token based, or a combination of two schemes or

more. This freedom of selection is necessary because users are different and they have different

requirements. Therefore, to ensure high user acceptability, the user’s freedom of selection is

important.The following requirements are satisfied in the proposed scheme

1. The new scheme provide secrets that are easy to remember and very difficult for intruders to

guess.

2. The new scheme provides secrets that are not easy to write down on paper. Moreover, the

scheme secrets should be difficult to share with others.

3. The new scheme provides secrets that can be easily revoked or changed.

Operating environment:The product will be operating in windows environment. Also it will be compatible with any web browser. The only requirement to use this system would be the internet connection.We also need to create a 3d environment,where the user can interact with different objects.Similar to other web applications, the platform required for the is similar to that of a normal web application. This would consist of a client and a server. An example would be as of below. (i.e. an apache web server and a My SQL database using ).

Design and Implementation Constraints:The design constraints and implementation constraints are as follows :

The user selection of 3d environments is limited.We need a 3d environment to interact with the system.

2.6 Assumptions and Dependencies:The product needs following third party product. SQL server to store the database. Python to develop the Product

2.7 Functional Requirements Specification:

This section outlines the use cases for each of the active users.

2.7.1 User Use Cases:

2.7.1.1 Use case: RegistrationDiagram:

Description: The user generates the public keyInitial step-by-step description:1:The user selects the group ‘G’ .2:Then initializes the public key randomly from ‘G’.

2.7.1.2 Use case: Authentication

Diagram:

Description:The user firsts requests for the login page, i.e. login.php. This page will then pass back aone-time token a, which is stored in the server database (for that session), and passed back tothe user. This will be used in the hash later on to prevent using the same, valid credentials.

3.External Interface Requirements

3.1User Interfaces

3.2. Hardware Interfaces

Server Side:

Operating System: Windows xp Processor: Pentium 3.0 GHz or higher RAM: 256 Mb or more Hard Drive: 10 GB or more

Client side: Operating System: Windows xp or above, MAC or UNIX. Processor: Pentium III or 2.0 GHz or higher. RAM: 256 Mb or more

3.3 Software Interfaces

Database: SQL Server. Application: python scripts and java applet,web browser Web Server:apachee is a powerful Web server that provides a highly reliable,

manageable, and scalable Web application infrastructure)

3.4. Communications Interfaces

The Customer must connect to the Internet to access the Website: Dialup Modem of 52 kbps Broadband Internet Dialup or Broadband Connection with a Internet Provider.

4. Other Nonfunctional Requirements

4.1: Performance Requirements:The purpose of the implementation is to make implementing the 3d passwords is to provide a more secure way of authentication.This is achieved by using the 3d environment with a combination .

4.2:Safety RequirementsThe database may get crashed at any certain time due to virus or operating system failure. Therefore, it is required to take the database backup.

4.3:Security Requirements

Prevention of obtaining password hashes or plaintext passwords from sniffing the network. The 3d password scheme should be able to avoid bruteforce attack and shoulder surfing attacks.4.4Hardware ConstraintsThe system requires a database in order to store persistent data. The database should have backup capabilities.The system shoul have a minimum graphics support.

4.5 :Software ConstraintsThe development of the system will be constrained by the availabilityof required software such as web servers, database and developmenttools. The 3d environment have to designed with the animating tools.

5.Other Requirements