Software Requirements Specification

A Graphical Password Authentication System

Project guide:

K.Vasanth Kumar
K.L.Deepthy
M.Roja kumari
S.Aditya

Table of Contents
Table of Contents...................................................................................................................................i
List of Figures.........................................................................................................................................ii
1.0. Introduction.....................................................................................................................................1
1.1. Purpose..................................................................................................................................................1
1.2. Scope of Project.....................................................................................................................................1
1.3. References.............................................................................................................................................2
1.4. Overview of Document.........................................................................................................................2
2.0. Overall Description..............................................................................................................4
2.1
System Environment........................................................................................................................4
2.2
Functional Requirements Specification............................................................................................5
2.2.1
Reader Use Case.......................................................................................................................5
Use case: Search Article......................................................................................................................5
2.2.2
Author Use Case.......................................................................................................................6
Use case: Submit Article......................................................................................................................6
2.2.3
Reviewer Use Case...................................................................................................................7
Use case: Submit Review....................................................................................................................7
2.2.4
Editor Use Cases.......................................................................................................................8
Use case: Update Author.....................................................................................................................8
Use case: Update Reviewer.................................................................................................................9
Use case: Update Article.....................................................................................................................9
Use case: Receive Article..................................................................................................................10
Use case: Assign Reviewer...............................................................................................................11
Use case: Receive Review.................................................................................................................11
Use case: Check Status......................................................................................................................12
Use case: Send Response...................................................................................................................12
Use case: Send Copyright..................................................................................................................13
Use case: Remove Article.................................................................................................................14
Use case: Publish Article...................................................................................................................14
2.3
User Characteristics........................................................................................................................15
2.4
Non-Functional Requirements........................................................................................................15

List of Figures
Figure 1 - System Environment........................................................................................................................4
Figure 2 - Article Submission Process.............................................................................................................6
Figure 3 - Editor Use Cases..............................................................................................................................8
Figure 4 - Logical Structure of the Article Manager Data.............................................................................23

1.0. Introduction
1.1. Purpose
Graphical passwords provide a promising alternative to traditional alphanumeric passwords. They are attractive since
people usually remember pictures better than words. In this project, we propose a simple graphical password authentication system.
User authentication is a fundamental component in most computer security contexts. It provides the basis for access control and user
accountability . While there are various types of user authentication systems, alphanumerical username/passwords are the most
common type of user authentication. They are versatile and easy to implement and use. Alphanumerical passwords are required to
satisfy two contradictory requirements. They have to be easily remembered by a user, while they have to be hard to guess by
impostor . Users are known to choose easily guessable and/or short text passwords, which are an easy target of dictionary and bruteforced attacks.
Enforcing a strong password policy sometimes leads to an opposite effect, as a user may resort to write his or her difficult-toremember passwords on sticky notes exposing them to direct theft. In the literature, several techniques have been proposed to reduce
the limitations of alphanumerical password. One proposed solution is to use an easy to remember long phrases (passphrase) rather
than a single word . Another proposed solution is to use graphical passwords, in which graphics (images) are used instead of
alphanumerical passwords. This can be achieved by asking the user to select regions from an image rather than typing characters as in
alphanumeric password approaches.
1.2. Scope of Project
Graphical passwords refer to using pictures (also drawings) as passwords. In theory, graphical passwords are easier to
remember, since humans remember pictures better than words . Also, they should be more resistant to brute force attacks, since the
search space is practically infinite.
In general, graphical passwords techniques are classified into two main categories: recognition-based and recall based graphical
techniques. In recognition-based techniques, a user is authenticated by challenging him/her to identify one or more
images he or she chooses during the registration stage. In recall-based techniques, a user is asked to reproduce something that he or
she created or selected earlier during the registration stage.
Pass face is a recognition-based technique, where a user is authenticated by challenging him/her into recognizing human
faces. An early recall-based graphical password approach was introduced by Greg Blonder in 1996.
In this approach, a user creates a password by clicking on several locations on an image. During authentication, the user must
click on those locations. Pass Points builds on Blenders idea, and overcomes some of the limitations of his scheme. Several
other approaches have been surveyed in the following paper.
1.3. References:
[1] William Stallings and Lawrie Brown. Computer Security: Principle and Practices. Pearson Education, 2008.
[2] Robert Morris and Ken Thompson. Password security: a case history. Communications of the ACM, 22:594597, November 1979.

1.4. Overview of Document:

The authentication system works as follows. At the time of registration, a user creates a graphical password by first entering a picture
he or she chooses. The user then chooses several point-of-interest (POI) regions in the picture. Each POI is described by a circle
(center and radius).
For every POI, the user types a word or phrase that would be associated with that POI. If the user does not type any text after selecting
POI, then that POI is associated with an empty string. The user can choose either to enforce the order of selecting POIs (stronger
password), or to make the order insignificant.

2.0.

Overall Description

2.1

System Architecture:

The user shall interact with the external interface by entry his password. This password is then
processed by the external interface and passed on to the verification module. The verification module
accepts or rejects the users password attempt and either allows or blocks access to the targeted file.

2.2

Functional Requirements Specification

Hardware Requirements:

Intel Pentium IV

256/512 MB RAM

1 GB Free disk space or greater

1 GB on Boot Drive

XVGA display monitor

1 Network Interface Card (NIC)

Software Requirements:

MS Windows XP/2000

MS IE Browser 6.0/later

MS Dot Net Framework 2.0

MS Visual Studio.NET 2005

Internet Information Server (IIS)

MS SQL Server 2000

Windows Installer 3.1

1