Software Requirements Specification

for

<3D PASSWORDS>
Prepared by :
M.S.BALA SUBRAMANYAM (08BQ1A0508) G.KRISHNA KANTH (08BQ1A0520) B.CHAITANYA DAS (08BQ1A0507)

VASIREDDY VENKATADRI INSTITUTE OF TECHNOLOGY DATE:08-01-2012

Table of Contents
1. Introduction............................................................................. Error! Bookmark not defined.
1.1 Purpose ....................................................................................... Error! Bookmark not defined. 1.2 Project Scope .............................................................................. Error! Bookmark not defined. 1.3 References .................................................................................. Error! Bookmark not defined.

2. Overall Description ................................................................. Error! Bookmark not defined.

2.1 2.2 2.3 2.4 2.5 2.6 2.7 Product Perspective ..................................................................................................................... 4 Product Features.......................................................................................................................... 5 User Classes and Characteristics.................................................. Error! Bookmark not defined. Operating Environment ............................................................... Error! Bookmark not defined. Design and Implementation Constraints....................................... Error! Bookmark not defined.

assumptions and Dependencies....3

Functional Requirements Specification ......................................................................... 6

2.7.1 user Use Case .....................................................................................................................6 Use case: initialize ........................................................................................................................6

Use case: register

2.7.2 server Use Case .................................................................. Error! Bookmark not defined.

Use case: authentication Error! Bookmark not defined. 3. External Interface Requirements ....................................................................................... 5
3.1 3.2 3.3 3.4 4.1 4.2 4.3 4.4 User Interfaces ............................................................................................................................ 5 Hardware Interfaces .................................................................................................................... 5 Software Interfaces ..................................................................................................................... 5 Communications Interfaces ......................................................................................................... 5 Performance Requirements .......................................................................................................... 6 Safety Requirements ................................................................................................................... 6 Security Requirements ................................................................................................................ 6 Software Quality Attributes ......................................................................................................... 6

4. Other Nonfunctional Requirements ................................................................................... 6

6. Other Requirements ............................................................................................................ 7 Glossary ..................................................................................................................................... 7

1.0. Introduction
1.1. Purpose The purpose of this document is to present a detailed description of the 3D PASSWORDS AUTHENTICATION SYSTEM. It will explain the purpose and features of the system, the interfaces of the system, what the system will do, the constraints under which it must operate and how the system will react to external stimuli. This document is intended for both the stakeholders and the developers of the system . 1.2. Scope of Project The proposed system is a multi factor authentication scheme. It can combine all existing authentication schemes into a single 3D virtual environment .This 3D virtual environment contains several objects or items with which the user can interact. The user is presented with this 3D virtual environment where the user navigates and interacts with various objects. The sequence of actions and interactions toward the objects inside the 3D environment constructs the users 3D password. The 3D password can combine most existing authentication schemes such as textual passwords, graphical passwords, and various types of biometrics into a 3D virtual environment. The choice of what authentication schemes will be part of the user's 3D password reflects the user's preferences and requirements. A user who prefers to remember and recall a password might choose textual and graphical password as part of their 3D password. On the other hand users who have more difficulty with memory or recall might prefer to choose smart cards or biometrics as part of their 3D password. Moreover user who prefers to keep any kind of biometric data private might not interact with object that requires biometric information. Therefore it is the user's choice and decision to construct the desired and preferred 3D password.

1.3. References IEEE. IEEE Std 830-1998 IEEE Recommended Practice for Software Requirements Specifications. IEEE Computer Society, 1998

2.0.

Overall Description
2.1Product Perspective: Current authentication systems suffer from many weaknesses. Textual passwords are commonly used. Users tend to choose meaningful words from dictionaries, which make textual passwords easy to break and vulnerable to dictionary or brute force attacks. Many available graphical passwords have a password space that is less than or equal to the textual password space. Smart cards or tokens can be stolen. Many biometric authentications have been proposed. However, users tend to resist using biometrics because of their intrusiveness and the effect on their privacy. Moreover, biometrics cannot be revoked. The 3Dpassword is a multi factor authentication scheme. The design of the 3D virtual environment and the type of objects selected determine the 3D password key space. User have freedom to select whether the 3D password will be solely recall, recognition, or token based, or combination of two schemes or more.

2.2Product Features The proposed system is a multi factor authentication scheme that combines the benefits of various authentication schemes. Users have the freedom to select whether the 3D password will be solely recall, biometrics, recognition, or token based, or a combination of two schemes or more. This freedom of selection is necessary because users are different and they have different requirements. Therefore, to ensure high user acceptability, the users freedom of selection is important.The following requirements are satisfied in the proposed scheme

1. The new scheme provide secrets that are easy to remember and very difficult for intruders to guess.

2. The new scheme provides secrets that are not easy to write down on paper. Moreover, the scheme secrets should be difficult to share with others.

3. The new scheme provides secrets that can be easily revoked or changed.

Operating environment:
The product will be operating in windows environment. Also it will be compatible with any web browser. The only requirement to use this system would be the internet connection.We also need to create a 3d environment,where the user can interact with different objects. Similar to other web applications, the platform required for the is similar to that of a normal web application. This would consist of a client and a server. An example would be as of below. (i.e. an apache web server and a My SQL database using ).

Design and Implementation Constraints:

The design constraints and implementation constraints are as follows : The user selection of 3d environments is limited. We need a 3d environment to interact with the system.

2.6 Assumptions and Dependencies:

The product needs following third party product. SQL server to store the database. Python to develop the Product
2.7 Functional Requirements Specification: This section outlines the use cases for each of the active users. 2.7.1 User Use Cases: 2.7.1.1 Use case: Registration Diagram:

Description: The user generates the public key Initial step-by-step description: 1:The user selects the group G . 2:Then initializes the public key randomly from G. 2.7.1.2 Use case: Authentication

Diagram:

Description:
The user firsts requests for the login page, i.e. login.php. This page will then pass back a one-time token a, which is stored in the server database (for that session), and passed back to the user. This will be used in the hash later on to prevent using the same, valid credentials. 3.External Interface Requirements 3.1User Interfaces

3.2. Hardware Interfaces Server Side:  Operating System: Windows xp  Processor: Pentium 3.0 GHz or higher  RAM: 256 Mb or more  Hard Drive: 10 GB or more Client side:  Operating System: Windows xp or above, MAC or UNIX.  Processor: Pentium III or 2.0 GHz or higher.  RAM: 256 Mb or more 3.3 Software Interfaces  Database: SQL Server.  Application: python scripts and java applet,web browser  Web Server:apachee is a powerful Web server that provides a highly reliable, manageable, and scalable Web application infrastructure) 3.4. Communications Interfaces The Customer must connect to the Internet to access the Website:  Dialup Modem of 52 kbps  Broadband Internet  Dialup or Broadband Connection with a Internet Provider.

4. Other Nonfunctional Requirements

4.1:

Performance Requirements:

The purpose of the implementation is to make implementing the 3d passwords is to provide a more secure way of authentication. This is achieved by using the 3d environment with a combination .

4.2:Safety Requirements
The database may get crashed at any certain time due to virus or operating system failure. Therefore, it is required to take the database backup.

4.3:Security Requirements
Prevention of obtaining password hashes or plaintext passwords from sniffing the network. The 3d password scheme should be able to avoid bruteforce attack and shoulder surfing attacks. 4.4Hardware Constraints The system requires a database in order to store persistent data. The database should have backup capabilities.The system shoul have a minimum graphics support. 4.5 :Software Constraints The development of the system will be constrained by the availability of required software such as web servers, database and development tools. The 3d environment have to designed with the animating tools.

5.Other Requirements