Download - Final Fyp Print
FINGERPRINT WEB AUTHENTICATION SYSTEM
1 IVNEET SINGH –TP023861
FINAL YEAR PROJECT
FINGERPRINT WEB AUTHENTICATION SYSTEM
(FWAS)
BY
IVNEET SINGH
TP023861
UC2F0907CMT BSc (Hons) in IT: System Security
University of Innovation and Technology
A project submitted in partial fulfillment of award of the
Bachelor of Science (Honors) in
Information Technology: System Security
SUPERVISED BY:
Mrs. INDAH NADIALENNY BINTI MOHD ISMAIL
FINGERPRINT WEB AUTHENTICATION SYSTEM
2 IVNEET SINGH –TP023861
Acknowledgement
I would like to express my heartfelt appreciation to the many people who have helped me in
the completion of this challenging project. Such a project could have been an herculean task
to complete however with the visionary approach of my supervisor Mrs. Indah Nadialenny
Mohd Ismail who was dextrous in guiding me in the right direction proved to be fruitful not
only in completing this project but also in my own personal and intellectual development
too.
I would also like to convey my deepest gratitude to Biometric Ideal Test Organisation in
providing me with their fingerprint database for my research and to Mr. Anil K.Jain for
providing his Phd. as a free open source online research that inheritably helped my research
to attain the epitome of success.
FINGERPRINT WEB AUTHENTICATION SYSTEM
3 IVNEET SINGH –TP023861
Table of Contents
1.0 Introduction ................................................................................................................ 7
1.1 Topic of the System: ................................................................................................... 7
1.2 Purpose for developing a system: ............................................................................... 7
1.3 Problem Content and Rationale: ................................................................................. 8
1.4 Rationale for carrying out the project ......................................................................... 9
1.5 Objective of the System: ............................................................................................. 9
1.6 Scope of the System: ................................................................................................... 9
1.7 Nature of Challenge: ................................................................................................. 10
2 Project management ......................................................................................................... 11
2.0 Project plan ................................................................................................................ 11
2.1 Evaluating and experimenting biometric system ...................................................... 11
2.2 Experimenting with different API ............................................................................. 11
2.3 Testing the Prototype ................................................................................................ 11
2.4 Resources .................................................................................................................. 12
2.5 Development Plan ..................................................................................................... 13
3 Domain research .............................................................................................................. 15
3.0 Introduction to Biometrics ........................................................................................ 15
3.1 Comparison between identification techniques......................................................... 16
3.2 Comparison between each biometric technology...................................................... 17
3.3 Fingerprint technology .............................................................................................. 18
3.4 Review on similar systems ........................................................................................ 20
3.4.1 Biometric Time Attendance Management Fingerprint System .............................. 21
FINGERPRINT WEB AUTHENTICATION SYSTEM
4 IVNEET SINGH –TP023861
3.4.2 Reason for developing such system......................................................................... 21
3.4.3 Conclusion .............................................................................................................. 22
3.5 Bio-web system ......................................................................................................... 22
3.5.1 Overview ................................................................................................................. 22
3.5.2 This system can be used following areas: ............................................................... 23
3.6 Fingerprint matching ................................................................................................. 24
3.6.1 Steps involved in fingerprint matching ................................................................... 24
3.6.2 Minutiae matching: ................................................................................................. 26
3.6.3 Pattern Matching ..................................................................................................... 27
3.6.4 Difference between minutia based and pattern based ............................................. 29
4 Primary Research ............................................................................................................. 30
4.0 Introduction: .............................................................................................................. 30
4.1 Fact Finding Techniques ........................................................................................... 30
4.1.1 Interview ................................................................................................................. 31
4.1.2 Who to Interview .................................................................................................... 32
4.1.3 How the Interview been done ................................................................................. 33
4.2 Survey........................................................................................................................ 33
4.2.2 Survey Techniques .................................................................................................. 33
5 Secondary research .......................................................................................................... 34
5.0 Methodology ............................................................................................................. 34
5.1 Waterfall Model ........................................................................................................ 34
5.2 Incremental Model .................................................................................................... 36
5.3 Boehm Spiral Model ................................................................................................. 37
5.4 Prototyping ................................................................................................................ 39
5.5 Clean room ................................................................................................................ 41
5.6 Object-Oriented ......................................................................................................... 42
5.7 Justification for chosen methodology ....................................................................... 43
6 Languages ........................................................................................................................ 44
FINGERPRINT WEB AUTHENTICATION SYSTEM
5 IVNEET SINGH –TP023861
6.0 ASP.Net ..................................................................................................................... 44
6.1 Java ............................................................................................................................ 44
6.2 PHP............................................................................................................................ 45
6.3 Justification for choosing the programming language .............................................. 46
7 Survey .............................................................................................................................. 47
7.0 Introduction ............................................................................................................... 47
7.0.1 Objective ................................................................................................................. 47
7.0.2 Survey Design ......................................................................................................... 47
Fingerprint Web Authentication System ............................................................................. 47
7.0.3 Survey Analysis ...................................................................................................... 51
7.1 Interview.................................................................................................................... 61
7.1.1 Introduction ............................................................................................................. 61
7.1.2 Objective ................................................................................................................. 61
7.1.3 Interview Analysis .................................................................................................. 62
8 Design .............................................................................................................................. 67
8.0 Design Principles....................................................................................................... 67
8.1.1 Context Level Diagram ........................................................................................... 69
8.1.2 0 Level Diagrams .................................................................................................... 69
8.1.3 1 level Diagram ....................................................................................................... 70
8.1.4 2 Level Diagram ..................................................................................................... 71
8.2 Inner System Functionality ...................................................................................... 72
8.2.1 Context level Diagram ............................................................................................ 72
8.2.2 Initial class diagram ................................................................................................ 72
8.2.3 Final class diagram ................................................................................................. 72
8.2.4 Administrator ELH ................................................................................................. 73
8.2.5 User ELH ................................................................................................................ 74
9 Implementation ................................................................................................................ 75
10 Testing.............................................................................................................................. 84
10.0 Unit testing: ........................................................................................................... 84
FINGERPRINT WEB AUTHENTICATION SYSTEM
6 IVNEET SINGH –TP023861
10.0.1 Test case: Username ............................................................................................... 84
10.0.2 Test case: Loading image ........................................................................................ 85
10.1 Unit testing: ........................................................................................................... 86
10.1.1 Test case: Username and fingerprint image ............................................................ 86
10.1.2 Test case: Adding new staff to database (For Administrator) ................................ 87
10.1.3 Test case: Search staff in database .......................................................................... 88
10.1.4 Test case: Delete staff from database ...................................................................... 89
10.1.5 Test case: Troubleshooting login (Secondary login) .............................................. 89
10.1.6 Test case: Fingerprint matching .............................................................................. 90
10.2 Integration testing .................................................................................................. 91
10.2.1 Requirements Testing: ............................................................................................ 92
10.3 System testing ........................................................................................................ 93
10.3.1 Stress Testing .......................................................................................................... 93
11 Critical Evaluation ........................................................................................................... 94
11.0 Degree of success .................................................................................................. 94
11.0.1 Limitations of the system ........................................................................................ 94
11.0.2 Future enhancement ................................................................................................ 95
11.0.3 Main computational challenge ................................................................................ 95
12 References ........................................................................................................................ 96
13 Appendix A ...................................................................................................................... 98
Coding ...................................................................................................................................... 98
14 Appendix B .................................................................................................................... 100
14.0 Gantt chart ........................................................................................................... 100
15 Appendix C .................................................................................................................... 101
15.0 Survey Design...................................................................................................... 101
15.1 Online Survey Analysis ....................................................................................... 104
15.2 Interview .............................................................................................................. 107
16 Appendix D .................................................................................................................... 108
16.0 Project Specification Form .................................................................................. 108
FINGERPRINT WEB AUTHENTICATION SYSTEM
7 IVNEET SINGH –TP023861
16.1 Log Sheets ........................................................................................................... 114
16.2 Ethics Form.......................................................................................................... 119
1.0 Introduction
1.1 Topic of the System:
Fingerprint web authentication system (FWAS) is basically focused on fingerprint access
control which will be used for university websites login. This system will help in solving the
problems faced by most of universities like unauthorized access by the students using university
staff member’s accounts. Universities use intranet and extranet also to provide services to
students like online library, student webmail and attendance. These websites are also used by
the university staff members like lecturers, academics and examination departments. For the
staff member’s special permissions and services are allocated as compare to students like
updating assignments, results and examination papers. This project involves the development of
the system which will scan the fingerprints of the users and will authenticate them. The users
need to be involved for their fingerprint scanning; they need to scan their fingerprints using the
fingerprint scanner. This system might help university to resolve their security issue regarding
website login and unauthorized access. This project will be designed and might be implemented
to university website. The rules and regulations for the university will be taken care before
implementation of this system
1.2 Purpose for developing a system:
The main purpose of fingerprint web authentication system is to implement secure login
technique which will minimize the security risk from the current system. In the current system if
the student gets access to the username and password for the examination department then it can
easily get access to all confidential data.
Target User : The target users for this system are university full time and part time lecturers and
other staff members of the university like examination department, academics and administration
department
FINGERPRINT WEB AUTHENTICATION SYSTEM
8 IVNEET SINGH –TP023861
1.3 Problem Content and Rationale: These days most of the universities are facing some problems related to internet or web security.
Most general security issue is when there is common websites for both students and staff logins
universities face problem regarding unauthorized access by the students. Now days some
university decided to even upload exam papers on university websites which are only limited to
some staff members like senior lecturer or examination department like APIIT intranet system.
One of the problem as presented by (Albinson, 2004) is that Internet accounts get compromised.
Now days many internet accounts have been compromised due to hacking, people use common
and similar passwords for all accounts. Hackers trap the users by using some techniques like
phishing and key loggers. Key loggers can track the internet activities including the username
and password. So by using biometric technology such as fingerprint scanning the hackers /
intruders cannot get access to the fingerprint image because the image is converted into binary
codes and which cannot be deciphered.
Username and passwords may not fall into the wrong hands due to hackers: users may use their
phone numbers, passports number or family name as their password which can be easily picked
up. The unauthorized users need not be a hacker in order to get access. The fingerprint is the
only tool that can authenticate user.
The problem listed in (Cybercriminals Target Online Banking Customers, 2010) Frauds
happening all around the internet due to phishing: Banking and credit card frauds are more
famous among the fraud list. All this came into picture after the internet banking and online
credit card usage was implemented for the internet users. On the internet many phishing page
are uploaded to get the data for the banking customers. So by using biometric technology such
as fingerprint scanning it is not easy to design phishing page to capture the image of the
fingerprint as compared to username, passwords or credit card numbers.
FINGERPRINT WEB AUTHENTICATION SYSTEM
9 IVNEET SINGH –TP023861
Sometimes internet users forget their account user-name and passwords, as they manage many
accounts for different purposes like social networking, email accounts, banking account,
university accounts or company accounts. Implementing the fingerprint scanning would enable
such users to access their various accounts with minimal hassle.
1.4 Rationale for carrying out the project The reason for developing this system is to secure university websites from unauthorized
access. This system will be able to minimize security risks to university current system and help
staff members for fast and easy access to their accounts. This system will deliver a better and
secure way to login into the university websites. This system can also help in preventing the
problems relating to internet security like accounts get compromised or sometimes user forget
their passwords. By implementing this type of system the universities can upload and share
confidential data within the network.
1.5 Objective of the System: The basic requirement is to develop a system that can security risks and authenticate the
genuine users through a fingerprint web-authentication system (FWAS) using biometric
technology. This system will be mainly for university websites. Before developing this system
researcher need to understand the problem area of the current system and should able to face the
challenges to make the system work fully functional. This system will not only prevent
unauthorized access but also helps in solving various problems regarding internet security.
As developer will minimize the scope of the project to university website login but can also use
this systems in online banking, shopping websites, military or any other websites that contains
confidential data. This system will provide internet security to keep the system and information
safe from malicious software’s, need to maintain privacy and protect sensitive and confidential
information.
1.6 Scope of the System:
This system will be mainly focused on university website to provide security. The users need to
login into their accounts using fingerprint web authentication system, users need to scan their
FINGERPRINT WEB AUTHENTICATION SYSTEM
10 IVNEET SINGH –TP023861
fingerprint to get access to their accounts. This system also helps in solving the problems in the
current system.
To minimize the security risks from the current system (University website).
To improve security for internet users using fingerprint recognizing.
To prevent the happening of fraudulent activities such as hacking of accounts
passwords and misuse them
To obtain fast and accurate authentication results in cost effective manner.
1.7 Nature of Challenge: Attaining device: As the system is based on fingerprint biometric authentication, developer
needs to buy the biometric device which can scan the finger prints of the users. The device
should have software development kit so that by using that kit developer can store the
fingerprints in form of digital data in database.
Cooperation of users or participants: Before the development of the system developer need to do
a research which includes surveys and questionnaires. While conducting the survey and
questionnaire the cooperation of the participants is must.
Authentication: System should verify the genuine user and should be able to minimize security
risk .The verification between human and machine should be claimed. The fake user cannot be
authenticated. Previously authentication system uses username and passwords or digital
signatures. But now new method of authentication is introduced for web-logins.
Authorization: The authorization to the genuine user is must. Each and every user has different
permissions but if the user is genuine and system allows the access to user for other account.
System need to verify the account information before authorizing any user.
FINGERPRINT WEB AUTHENTICATION SYSTEM
11 IVNEET SINGH –TP023861
2 Project management
2.0 Project plan
The detailed research is required to meet the aims and objectives of the system.
2.1 Evaluating and experimenting biometric system Developer need to conduct and experiment, analyze and evaluate biometric systems. The
experiment will be based on working mechanism of biometric systems. Through this experiment
the developer will understand various biometric communication systems such as whether it is
based on client/server or some are also based on peer to peer architecture. By analyzing it
developer will able to decide which communication architecture is going to be used for the
proposed system.
2.2 Experimenting with different API Developer need to do experiment on various programming API. The API also depends upon the
device which is used for developing the system. Selection of the API is very important part for
developing biometric systems because using the API we can develop the system. To enable the
system to work on different platform developer need to choose API this can support platform
independence.
2.3 Testing the Prototype Different type of testing will be conducted to test the prototype. For example – stress testing will
be done to check the performance and availability of the system when the numbers of clients are
high or low. Then other testing will be done to check the output of the system by entering
different values.
Deliverables
After achieving the aims and objectives of the proposed system the system might represent a
better performance and the system that is highly available for the user even if the users are
increased. The system might be implemented to the university website and there will be more
than 160 users for this system. Developer need to make sure about the performance and
availability of the system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
12 IVNEET SINGH –TP023861
2.4 Resources Developer need to find the resources which can be helpful in developing the system.
E-Resources
Access to following main websites for collecting research material:
IEEE-http//:www.ieeexplore.ieee.org/
A fingerprint matching algorithm using phase-only correlation
(IEICE TRANS.FUNDAMENTALS.VOL.E87-A, NO.3 MARCH 2004)
FINGERPRINT RECOGNIZATION
www.biometrics.gov
A simple matching algorithm for fingerprint minutiae
Data sets in accordance with DIN V 66400
(Lisa Thalheim)
Books
Encyclopedia of biometrics, by Stan Z. Li, Anil K.Jain
Security and access control using biometric technologies by Robert Newman
Researcher might conduct survey among the users of the system i.e. university lecturers. The
survey will be designed and distributed among the lecturers within the university. Researcher
might conduct an interview with the company based on biometric and voice recognition
technology for gathering technical information regarding the system. This might help researcher
in gathering technical information regarding the biometric technology.
FINGERPRINT WEB AUTHENTICATION SYSTEM
13 IVNEET SINGH –TP023861
2.5 Development Plan
Problem Identification phase: In this phase developer will identify the problem area for the
system. As developer needs to do a research on problem area as proposed system is based on
fingerprint web-authentication system. Developer needs to analyse the current system and the
problems faced in that system. The problem area that developer will focus is based on university
websites.
Requirement phase: In this phase developer will start requirement and data gathering using
survey and interview. Developer needs to analyse the requirement for the project which would
require the developer to do research and strengthen the understanding on the following areas of
knowledge, both domain and as well as technical research areas, without which the developer
will not be able to deliver a good academic project. Developer will conduct an online survey
with the university lecturers as they will be the users for the proposed system. An interview will
be conducted with project manager of CTI group regarding technical knowledge with current
system.
Specification phase: In this phase developer will decide the specification of the system. Now
developer needs to do a research on the biometric hardware devices available for the system, the
developer need to do a research for the specification of the device that is required to develop the
system. Developer needs to be very careful about specification because if any error is made
within this process, it can create a problem in development of the system. For the development
of the system the developer need to know about the current architecture of the system.
Design phase: In this part the developer will design the database and interface of the system.
The system interface should be friendly and developer should also consider human computer
interface during the development of the system. The database should be highly normalized and
as the proposed system is web based the developer should design web based interface.
Implementation phase: In this phase developer will start coding for the system; developer
should have clear idea about the functionality of the system and the language chosen for the
FINGERPRINT WEB AUTHENTICATION SYSTEM
14 IVNEET SINGH –TP023861
development of the system. This process will take longer time as developer needs to do coding
for the project.
Testing phase: After development of the system is successfully completed developer will now
test the system find errors or bugs. The testing for this system might cover several stages like
stress testing, black box testing, grey box testing and white box testing. If there are any errors or
bugs the developer will try to fix them in this phase.
Deployment phase: In this phase the system is being moved to a working environment, the
development of the system might take place in that environment as there can be some errors in
the system while implementing to a new environment. Once the system is ready to use it will
be monitored to find out any kind of error or future requirements for the system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
15 IVNEET SINGH –TP023861
3 Domain research
3.0 Introduction to Biometrics
Biometric authentication is one of the technical improvements in information technology and
looks set to change the way for majority of people. Security in the present context has become
the harbinger of innovation and has evolved the need for genuine authentication is pertinent.
Personal use of biometric systems is being an issue for authentication and security. Mostly
finger print recognition is used for authentication. This paper is organized as follows: by now,
the reader should have a clear idea about what this project is all about and section one which
consisted for the current problem incurred by the internet users and need for the system
followed by the study of objective , level of challenge and project planning , section two
consists of literature review followed by domain and technical research .Section three will
illustrate how primary research (survey and the interview)and investigation was done and which
methodological choices were made.
Biometrics is defined as behavioural uniqueness that can be used to verify to identify an
individual, which can include fingerprint verification, retinal scanning, face recognition, iris,
and signature verification. Biometric system is authenticates users by its biological
characteristics and behaviour characteristic that can be fingerprint, iris, face and voice. (Ruud
Bolle, 2001)
There are some traditional techniques used for authentication
Manually tokens (Anil Jain, 2000): It refers to identification process in form of
human intervention , means a person will make a decision for deciding whether the
identify is approved or not E.g.: On airports the authentication is done manually by
verifying passports , now the airport immigration authority takes decision regarding
the traveller authentication is verified or not.
Automated tokens (Anil Jain, 2000) : These token does not involve human
intervention for identification. E.g. verification system like ATM, smart cards and
magnetic strip cards.
FINGERPRINT WEB AUTHENTICATION SYSTEM
16 IVNEET SINGH –TP023861
"Authentication is something you have, something you know, and something you are when you
add biometrics" (Charles Kolodgy, 2001) (Lewis, 2001-2002)
Something you know (a password or personal identification number, PIN)
Something you own (an identity card, pass, or token), and
Who you are (one of the distinctive characteristics unique to you)
3.1 Comparison between identification techniques Tokens Can be fake and can be used without knowing to original holders. E.g.
Someone can "steal an identity" and create a new fake ID using any
others personal information.
Passwords Can be cracked or obtained using hacking techniques or tools like password
cracking.
Can be told. If the password is told to a person they can get into your account
and can misuse your personal information.
It can be forgotten which can cause problem for an organization you are
working for E.g. you are working in a organization you need to gain access
to company email account urgently, forgetting password can cause you in
trouble that time.
Biometrics Cannot be fake
Cannot be cracked
Dealing with accuracy sometimes causes problem in biometric device like having
a cut on finger, burn or excessive rubbing on hard surface can bring damage to
your finger then it might not be possible that you can be authenticated by
biometric system that time.
Table 1: Tokens vs. Passwords. Vs. Biometric
FINGERPRINT WEB AUTHENTICATION SYSTEM
17 IVNEET SINGH –TP023861
3.2 Comparison between each biometric technology
Methods Strength Weakness Suitable
applications
Finger print Stable over time
uniqueness
Needs to training
user resistance
Workstation
access control ,
ATM , airline
tickets , physical
access control ,
information
system control
Face Universally present Cultural and religious
issues
physical access
control
Iris Stable over time
uniqueness
Needs to training
user resistance
ATM , airline
tickets , physical
access control
Retina Stable over time
uniqueness
Slow read time user
resistance
physical access
control ,
information
system control
Hand geometry Low failure to enroll
small template
Size of device
childish finger growth
physical access
control ,
information
system control,
time attendance
Voice Less training
excellent user
acceptance
Changes and unstable
over time
Mobile phone
banking
Signature High user acceptance
less training
Enrollment task long
& unstable over time
Portable device
stylus input
FINGERPRINT WEB AUTHENTICATION SYSTEM
18 IVNEET SINGH –TP023861
3.3 Fingerprint technology Fingerprint identification is one of the most well know biometrics because of the uniqueness
and consistency over time. The fingerprint has been used from past century for the identification
purpose but now it has become advanced using biometric technology and computing
capabilities. The fingerprint technology has become so popular because of the ease of use and
several sources (ten dingers) available for collection.
This literature review also addresses on some areas like social and legal issues regarding
fingerprint technology. Human factor that relates to biometric technology and some security
issues for fingerprint biometric technology. The issue effecting biometric technology are
presented as by (Green, 2005) as follows:
Social issues
There are several social issues that affect fingerprint biometric technology like
misunderstanding the usage of the device of technology. Hesitation is also one of the issues
relating to biometric, new users sometime hesitate to use new technology.
Security concerns
No system that tend to be entirely secure there are some intrusiveness in the system including
fingerprint technology. But implementing fingerprint biometric system can be somewhat secure
as compare to stealing and copying passwords, there is a level of security. Mainly passwords
can be broken by using some software but using fingerprints for authentication will be
considered more secure and reliable.
Privacy Concerns
The privacy concerns can be leaving the fingerprints all over the place on daily basis work that
user do. But when a user is involved in using fingerprint technology user might worry about the
privacy.
Third party involvement in data
Other than privacy the concern for the fingerprint is that when the fingerprints are scanned they
are stored in the digital format and are stored in the database. The data store in the database can
be copied or deleted. The fear for the user fingerprint publicity or privacy can be a problem.
FINGERPRINT WEB AUTHENTICATION SYSTEM
19 IVNEET SINGH –TP023861
Health concern
The health concern for the fingerprint is related to the safety of fingerprint technology. While
user interaction there is a direct contact between user and device sensor , user might fear of
electric shock or spreading germs or might experience some kind of pain while using the device.
The graph shows user uncomfortable using biometric technology
Human Factors
Gender Factor:
As per gender woman have slim and smaller fingers with long nails as compared to males. Due
to the change the fingerprint scanning device may not be able to capture a good sample or
authenticate well. The shape and size differs with regards to gender.
Age factor:
As people age increases the fingerprint becomes lighter and there is elasticity in skin. Such a
problem can result with poor acquisition of fingerprint and will not be able to match with the
original samples. It also varies from the sensor and hardware that is being used.
Occupational factor:
As some of people do labor jobs, they might deal with lifting up heavy things and working with
chemical which may result in wearing of fingerprints. This might cause problem for the
60
120140
95110
0
20
40
60
80
100
120
140
160
Fingerprint Iris Scan Retina Scan Voice Recognition Handwritting recognition
Nu
mb
er
of
res
pon
den
ts
FINGERPRINT WEB AUTHENTICATION SYSTEM
20 IVNEET SINGH –TP023861
fingerprint scanner to match it or capture the sample. But there are some sensors available
which use the second layer of the skin to be captured.
Secondary Research
Developer needs to do feasibility study on the current biometric fingerprint system available in
the market before proceeding towards the development of the proposed system. Developer need
to find and analyze the requirements for the system and gather information about the systems.
Developer need to analyze the resources required to develop the system. As there is much
information available on internet regarding biometrics but developer need to be careful before
using that information because the information mentioned can be wrong. While referring the
source developer need to see the website or domain from which the information is being taken,
the information that was gather from internet should be authenticated and verified. The
developer can refer to journals, papers and university website because they are very reliable.
3.4 Review on similar systems There are lots of products available in the market using bio metric technology. Before moving
towards the project, the developer needs to find similar biometric fingerprint systems that have
being already developed and need to review on these systems.
The proposed system (Fingerprint Web Authentication System) which is not yet been developed
in the market but there are similar systems available in the market that are using fingerprint
technology for the authentication.
FINGERPRINT WEB AUTHENTICATION SYSTEM
21 IVNEET SINGH –TP023861
3.4.1 Biometric Time Attendance Management Fingerprint System
Overview
Lone wolf software, Inc was founded in 1991 which has evolved small computer
resources to custom software with clients in multinational companies. The company has
been developing systems of no just time and attendance but also for other management
software’s. The Juno uses the best finger print technology which is highly rated in time
attendance management system. It brings the manual work to automation and faster than
before like it is used in automated time and attendance terminal. It is easy to maintain and
use, need not require much training procedures before using this device. It allows the user
to clock in and out with just a touch of a finger. It’s not only used for clock in and out but
user can also view the previous records and other information like departments and
current projects.
For the audio assistance and verbal conformation speakers are attached on the board.
This product also comes with the internal bell system which uses the internal speakers
for a beep like common start, break time and end time. This product is capable for
holding more than 1,500 templates and 30,000 transactions which makes it the perfect
for any size of the company.
3.4.2 Reason for developing such system
This system is fast replacing the traditional attendance registers. Huge number of employees
works under one company and it’s very difficult to maintain each employee daily records
manually like (attendance, time in and time out). Manually it takes so much time for the
employees to mark the records. The old traditional system was not easy to maintain and was also
so much time consuming, generating a report manually can take so much longer time using
manual attendance system. Reasons for developing or using these types of systems are
mentioned below:
Security: Employees need to punch there finger on the sensor to enter the company and
mark attendance, by this elimination of fake entry and a reduction of time theft. Moreover
reduce the labor cost and saves lots of money.
FINGERPRINT WEB AUTHENTICATION SYSTEM
22 IVNEET SINGH –TP023861
Accuracy: With increase in security this system also provides increase in accuracy.
Besides from time theft, calculating mistakes cost can be reduced easily. The automation
of report generating will be accurate. You will be able to monitor attendance, breaks and
holiday hours; everything will be recorded correctly and fairly.
Easy to Use: Automated attendance and management system are easy to use and
implement. Employees can just log their attendance easily just with a touch of the finger
and managers can.
3.4.3 Conclusion
This system is similar with the developers system as per the technology perspective,
because this system is also using biometric fingerprint technology, but developers system
is mainly based on the web authentication system. The backend working for the system
above and developers system will be similar as in this system developer will be also
storing the fingerprints of the users in the database that are going to use the system.
3.5 Bio-web system
3.5.1 Overview Biometric security solution is company which provides biometric services to wide range of
companies all around UK. This company deals with many biometric products like Biometric
Hardware , fingerprint scanners, Iris cameras, biometric software and signature recognition.
This company has been developing system for not only web-security but also for network login
system, time attendance system and secure USB drives. Bio-web system developed for the web
environment where it can also determine the hardware configurations available on the client
machine. For this fingerprint reader or scanner is required at the client side.
FINGERPRINT WEB AUTHENTICATION SYSTEM
23 IVNEET SINGH –TP023861
The following are the process for Bio-web fingerprint authentication as user’s point of view:
User should navigate to the login page and enable the active x control for fingerprint
authentication.
User needs to login the username and then will be redirected to the fingerprint
authentication page. The user should place the finger on fingerprint reader to scan the
image of the fingerprint.
The users will submit the login details and fingerprint image to the biometric sever
The request will be sent to the server for verification of the fingerprint and username
If the user is verified then user is granted access to their accounts but if the match fails
then user is deemed invalid.
3.5.2 This system can be used following areas:
Intranet: Most of the critical areas of the intranet can be protected using fingerprint
authentication like in some organization they use attendance and payroll systems.
Extranet: Using fingerprint authentication can help users to minimize security risks as
sometimes user does not logout from the extranet, there can be timeout implemented and login
will be using fingerprint authentication.
B2C applications: For B2C like online banking, the user can use for login into banking websites
using fingerprint authentication.
FINGERPRINT WEB AUTHENTICATION SYSTEM
24 IVNEET SINGH –TP023861
3.6 Fingerprint matching Two of the fundamentally important conclusions that have risen from research are:
1. A person's fingerprint will not naturally change structure after about one year since birth.
2. The fingerprints of individuals are unique. Even the fingerprints in twins are not the same.
Each and every fingerprint consists of ridges and valleys. The upper skin segments of the finger
are ridges and the lower skin segments are known as valleys. These ridges form points called
minutia points, there points are formed by identifying ridge endings and ridge splits.
Fingerprints into five categories: whorl, right loop, left loop, arch, and tented arch. Matching
one fingerprint with another fingerprint the system needs to check arch, loop, whorl and delta.
Outlines of typical automated fingerprint recognition system
3.6.1 Steps involved in fingerprint matching In scanning method the digital image is directly taken from the device by placing the finger on
the surface of fingerprint reader. Some sensors like optical are based on frustrated total internal
reflection technique used to capture the live finger prints mostly in forensic and government
agencies use these kind of systems. Some of devices while solid state and sweep sensors based
measures the difference in physical properties such as capacity or conducting friction ridges and
valleys.
FINGERPRINT WEB AUTHENTICATION SYSTEM
25 IVNEET SINGH –TP023861
In the identification phase the user need to touch the sensor, for generating a few fingerprint
image know as query print. The minutia points are extracted from the query print and then go for
match into the database to find the similarity between the common minutia points. Sometimes
due to some variations the fingerprint placement on the sensor or pressure applied to on the
sensor, the points that are extracted from the fingerprint should be aligned before the matching
takes place. Now the matcher will look for a number of pairs of matching minutiae.
In feature extraction from a fingerprint image is characterized into three levels. Level 1:
Feature capture macro details such as friction ridge flow, pattern type and singular points. Level
2: Feature refers to minutiae such as ridge bifurcations and endings. Level 3: Feature includes
attributes of the ridges such as ridge path deviation, width, shape, pores, edge contour and
A fingerprint matching finds a match between two fingerprints, which can be high from the
same fingerprint or low for other fingerprints. Fingerprint matching is difficult pattern
recognition problem due to the variations in the fingerprint, different variations from the same
fingerprint or similarity between the two fingerprints. The variations are caused due to pressure
and placement of the finger on the surface of fingerprint reader some other variations can be
with different conditions like skin dryness or cuts. The similarity can be large as there are only
three types of fingerprint patterns arch, loop and whorl. There are four different type of
FINGERPRINT WEB AUTHENTICATION SYSTEM
26 IVNEET SINGH –TP023861
algorithm used for fingerprint matching: image correlation, phase matching, skeleton matching
and minutiae matching. Minutiae based matching is commonly used because this technique has
been used from many centuries by the forensic experts. The minutiae based representation
provides effective loading and same finger as a match. A system false rate and false non match
rate depends on the operating threshold , when there is large number of threshold for false
match rate at very high false non match rate for a fingerprint matching system it is impossible to
remove both the error for false match rate and false non match rate simultaneously.
Example of fingerprint and two minutiae
3.6.2 Minutiae matching: The minutiae based fingerprint is used widely as this scans the fingerprint card and then extracts
the minutiae from the fingerprint and search, compare or lists the minutiae against other
fingerprints. The minutiae based matching system usually return the number of matched
minutiae on a fingerprint to both query and reference to generate similarity scores. At typical
good-quality fingerprint image contains about 20-70 minutiae points. According to forensic
science if two fingerprint have minimum 12 matched minutiae they are considered to have come
from the same finger. More the minutiae in a fingerprint match more the higher similarity scores.
Enrolment of minutia points
FINGERPRINT WEB AUTHENTICATION SYSTEM
27 IVNEET SINGH –TP023861
In the enrolment process of fingerprint the minutia points are located according to their
positions to each other in the directions recorded. Then the minutia points recorded are stored
in form of template for authentication of the person later on. For the matching of the fingerprint
image the minutia points are extracted and compared with the saved template. The minutia
points are then compared with registered template and try to find out as many points for a
authentication.
Verification using minutia points
3.6.3 Pattern Matching The pattern matching is not only done on the basis of the fingerprint points but also some
characteristics include like ridge thickness, curves, density. The pattern based algorithm is not
widely used due to increased depth of data in a pattern. The pattern based algorithm and minutia
based method suffer the same difficulties varying fingerprint quality. In the pattern based the
image is taken from the sensor and is store in the database as template. Then the image is
cropped in form of square with a fixed region and directions. The cropped region is then
compressed and store in the database for match.
Enrolment with pattern based algorithm
FINGERPRINT WEB AUTHENTICATION SYSTEM
28 IVNEET SINGH –TP023861
The verification begins when another fingerprint image is capture by the sensor and is sent for
the match. The registered small image from the template is then compared with the fingerprint
image to find the degree of the template match.
Verification using pattern based algorithm
FINGERPRINT WEB AUTHENTICATION SYSTEM
29 IVNEET SINGH –TP023861
3.6.4 Difference between minutia based and pattern based Minutia Pattern
Definition Analyzing the points where the ridges
on the fingerprint splits or ends
Analyzing the graphical comparison on
the fingerprint image
How it works The device captures the image and
then fingerprint image is identified
from the core, loop, arch, whorl and
ridges. The directions are marked and
compared with the other image. These
points are known as minutia
Graphical centre of the image is taken
cropped at the fixed size distance and
compressed for a subsequent match. The
more difference between the graphical
images less chance for the fingerprint
match.
Template size As small as 120 bytes average size is
350 bytes
500-700 bytes when compressed
Search speed Depends to template size , smaller the
template size faster the search speed
results
Depends to template size , smaller the
template size faster the search speed
results
Sensitivity to
physical changes
Less sensitive as only 30% of minutia
is required for the match. Cuts and
arch usually do not effect on the
match
If the arch or cut on the finger , the new
template may be required
Sensitivity to
time
Less sensitive to change over time Sensitivity to the physical changes and
placement of the finger on the sensors
Standard X.509 None AAMVA B10.8 None
FINGERPRINT WEB AUTHENTICATION SYSTEM
30 IVNEET SINGH –TP023861
4 Primary Research
4.0 Introduction:
Primary research focuses on data gathering methods for the target users; this section includes the
collection of information from the target users. The information will be used in the development
of fingerprint system, to quote Nobel Prize winner physiologist Albert Szent-Gyorgyi, “Research
is to see what everybody else has seen and to think what nobody else has thought”. Primary data
is the data which is being collected by you and is more reliable and up to date. It’s the data that
has been created first time and there is no other previous source available.
To do a research many facts finding techniques will be carried out by the researcher.
4.1 Fact Finding Techniques To study the system analyst need to have all relevant information and facts required for that
system. For each and every project to be successful depends upon the accuracy of data collected
or available. There are several methods and techniques used to collect the accurate information
or data available. These methods and techniques are termed as fact finding techniques or
methods. When these facts are represented in the form of quantitative termed as data. Interview,
survey, questionnaire, recording views and observation are some fact finding techniques.
Data gathering is very important stage in system development life cycle.
There are two basic types of fact finding techniques and that are:-
The qualitative research includes participant observation, interviews and focus group.
Using this technique provides the quality of data which can be analysed easily as it is
based on expert views and judgment.
The quantitative research includes controlled questionnaires, surveys and experiments.
Using this technique of data is been gathered and much time is required to analyse the
data. The accuracy of data is very accurate.
For the data gathering the developer decided to use both fact finding techniques. For qualitative
research developer decided to conduct an interview and for quantitative research developer
decided to conduct survey.
FINGERPRINT WEB AUTHENTICATION SYSTEM
31 IVNEET SINGH –TP023861
4.1.1 Interview
“An investigation may take six months. A quick interview, profile, a day”
Interview is the method use to collect information for a group of people or individuals. Before
conducting an interview analysts need to select the people related to the system. The interview is
generally done face to face but before that it’s important to take permission and arrange a prior
appointment. We need to choose a suitable place and time for the interview which is comfortable
for the respondent.
During the interview the information collected is quite accurate and reliable as we can clear and
cross check the doubts during interview. Conducting an interview also helps to clear the gaps and
misunderstanding regarding the problems. The interview is further categorized as structured
interview and unstructured interview. The structured interview is the formal interview where
definite questioned are asked and discussion is done on specific information whereas
unstructured interview is more like a casual conversation where topics beyond the areas are
covered.
The interview can be conducted for various purposes and with variety of goals in the mind. The
successful interview should follow certain steps.
Introduction
Background of the project
Fact gathering
Verifying the information gathered
Make sure to confirm the information gathered from the interviewee
Clarification
For the data gathering developer selected to conduct an interview. Like other fact finding
techniques interview has its own advantages and disadvantages. But according to developer the
interviews was best suitable for the scenario as the proposed system was not yet designed before
and developer needed an expert’s view and suggestions to develop the system. The advantages
and disadvantages of the interview will be discussed further.
FINGERPRINT WEB AUTHENTICATION SYSTEM
32 IVNEET SINGH –TP023861
4.1.2 Who to Interview
The most important task for developer was to select the interviewee. Before data gathering
developer need to choose the appropriate person for an interview. This includes the selecting of
interviewees; need to understand what is expected from the person who has to be interviewed at
the specific level and need to understand how to verify the information received.
Advantages of interviewing
Allow participant not restricted to the predetermined categories and also use his or her
own words
Provides high reliability and accuracy for the information
Allow the evaluator to get into more details and insure that participants understand the
questions the way they intended.
Interviewers use their knowledge and interpersonal skills to explore more in details and
many new ideas generate.
Disadvantages of interviewing
Sometime participant say more what they are intended to say.
The interview may be more reactive to personalities and interpersonal dynamics.
Conducting interviews can me more expensive and time consuming as it qualitative
interviewing involves significant skill and experience.
Analyzing qualitative interview is much more time-consuming than analyzing
quantitative data
4.1.3 Justification for choosing Interview Interviews are conducted face to face with individual or a small group. It is better to have small
group or individual for the interview so that everybody gets a chance to contribute. Interview is
used for data gathering process although it takes much time for the process but it is very useful as
the information gathered is reliable and accurate. During the interview we can focus on the
interest or specialized area of the interviewee.
FINGERPRINT WEB AUTHENTICATION SYSTEM
33 IVNEET SINGH –TP023861
4.1.4 How the Interview been done
The developer designed the questions for the interview and gave them to the interviewee i.e. Mr
Y. The interview was recorded for the referencing purposes. It was assured that the information
collected will be kept confidential.
4.2 Survey
This technique is used when we have to extract the information from number of people.
This is done when it is impractical to meet all the people face to face. Adopting this
method requires very skilful analysts. The survey questions should be framed in the
logical manner. The survey questions should be simple and clear, making sure that user
should able to understand properly. This method is very useful for attaining information
from the people who are going to use the system. The questionnaire can be email or
distributed among the people, this is the cheapest source of fact finding.
4.2.1 Survey Techniques: Relative Advantages and Disadvantages
FINGERPRINT WEB AUTHENTICATION SYSTEM
34 IVNEET SINGH –TP023861
5 Secondary research
5.0 Methodology
5.1 Waterfall Model
In earlier days of software development, the source code was written and then debugged. No
formal analysis and design was followed. As written codes and debugging process became
problematic when complex software systems were required. Since these system requirements
should be well understood, which provides a model for development of the system. This model is
known as the waterfall model. It is an approach for the development of the system that
emphasizes completing of each phase before proceeding to next phase.
Sometimes combination of certain phases freezes the development at that point of time. If the
change is being identified in the product then a formal process is followed to make changes. The
graphical representation of the model is downwards flow as of a waterfall. Each phase includes
the documentation and phases below the design phase include software as part of their output.
Moving from each phase to another phase is followed by holding a formal review that is attended
by supervisors. The review provides by the supervisors helps in project progress. At some critical
points in the waterfall model some baselines are established, by the process need to finishes in
order to move forward.
There are difference between hardware and software that waterfall model does not address. As
sometimes hardware & software does not requires no fabrication. If the drawing model is
complete the final product exists. Many of the software development methodologies have
evolved from attempts to optimize the waterfall model for software. Like software prototyping
helps in understanding the requirements of the typical hardware production which understanding
is critical for waterfall model.
FINGERPRINT WEB AUTHENTICATION SYSTEM
35 IVNEET SINGH –TP023861
Advantages of waterfall methodology:
Easy to implement as it is a linear model
Minimum amount of resources required
Each and every phase is documented well, it is easy for developer to understand the
system
Disadvantages of waterfall methodology:
User cannot go back to the phase and makes changes if they have already completed the
phase.
Any changes in the requirement can cause lots of confusion in the project.
Till the final phase is not completed the working model of the project is not ready for the
client.
FINGERPRINT WEB AUTHENTICATION SYSTEM
36 IVNEET SINGH –TP023861
Comparing the Waterfall Model
Description. The waterfall model consists of several phases for the development of system.
Before proceeding to each phase need to make sure those requirements for the pervious phase are
completed. For comparison of waterfall model to other models, the most important attributes of
this model are as follows:
A formal method.
Uses top-down development
Steps are combined
Each phase includes starting and ending point.
Where to Use the Waterfall Model
The waterfall model should be used where the requirements for the system are well defined and
understood.
5.2 Incremental Model
Description:
The incremental model overlaps the sections of waterfall method to compensate the length of
waterfall model projects by producing usable functionality earlier. Incremental model is basically
used in small projects as it may start the project with some general objectives. As small portion
of these objectives are also defined as requirements that are used further in implementation of the
projects. But in small complex project use of the general objectives as requirements is
uncomfortable for the management to use for the development of the systems because some
modules of the project will be completed long before other requirements. Implementing reviews
and audit for this type of system will be more difficult, as there can be a tendency to push the
difficult requirements to future to demonstrate early success of management.
FINGERPRINT WEB AUTHENTICATION SYSTEM
37 IVNEET SINGH –TP023861
Incremental Model
Where to Use the Incremental Model
If developing a whole system at once is too risky, then we consider incremental development
model.
5.3 Boehm Spiral Model
Description: The spiral model is a process for software development. The spiral sometimes uses
the top-down and bottom up technique it can be the combination of waterfall model and
prototype. It combines both design phase and prototyping. The incremental model can be viewed
as a spiral model because it illustrates one of the strengths of incremental model as the resources
remain constant as the system size increases. The size of the spiral corresponds to the size of the
system, while the distance between the coils and the spiral indicates resources.
FINGERPRINT WEB AUTHENTICATION SYSTEM
38 IVNEET SINGH –TP023861
Steps involved in spiral
Requirements are defined in detail which also involves the interviewing the users
The important phase in spiral model is creating preliminary design of the system which
helps the users and developer to understand the system, this phase also helps in
identifying the problems and solutions towards it.
The prototype is constructed from the preliminary design which represents the
characteristics of the system
Then evaluating the prototype in terms of weakness, strength and risks.
Coming up with new requirements
Planning and design for second prototype
Implementing and testing the second prototype
Advantages
Estimations are more realistic as most of the requirements are analyzed in details
It is easier to make changes in the systems as compared to others.
Disadvantages
limiting re-usability
Requires dedication and information management
Not similar for each type of application
High risk for cost and time
When to Use the Boehm Spiral Model
The Bohme model has become very popular with the aerospace and engineering projects. This
model is basically use in the defences engineering project as they are very risky in nature. But
the business projects are more conservative. But sometime spiral model is applicable for many
business projects in which success is not graduate or it may require very much computation like
some business uses decision support systems.
FINGERPRINT WEB AUTHENTICATION SYSTEM
39 IVNEET SINGH –TP023861
Strengths and weaknesses of the waterfall, incremental, and Boehm Spiral model
5.4 Prototyping Description: Prototyping is the part of the process which helps in building the model of the
system. It is included in analysis and system development. This process helps the developer to
build a design for a system to know exactly how the system will work. During the requirement
and analysis phase there is a need to gather the data required for the system. Prototyping is
sometimes intangible but still helps in enhancement of the project. The feedback that is received
from the users after developing the physical design of the system can help us in evaluate the
FINGERPRINT WEB AUTHENTICATION SYSTEM
40 IVNEET SINGH –TP023861
response of the users to this system and then manipulation can be done to the system according
to the requirements. Prototyping comes in many form it’s not only the physical design but can
be the as low as paper sketch to any engineering design tools. Still now also some of the
organization uses the paper sketch as the prototyping but some of them uses some computer
aided software engineering tools to build a prototype.
When to Use Prototyping with the Waterfall
As it was mentioned in the description above of Boehm spiral that it may use waterfall which can
be very useful in the project when the it is required to demonstrate the technical feasibility and
technical risk is very high. It can also be used to better understand the users requirements which
can limit resource cost by understanding problem are before utilizing further resources.
Advantages of prototyping
It reduces the time in the development
It reduces the development cost
For the prototyping process it requires user involvement
Helps the developer in future enhancements
Disadvantages of prototyping
Much analysis not done in prototyping
The expectations for the users are made according to the prototype
Even developers can also be attached to the prototype
Strengths of Prototyping
Focused on the functionality of the project in early stage
The process involved provides perfect requirement definition
This model also provides risk control.
Documentation focuses on the end product not the evolution of the product.
Weaknesses of Prototyping
This technique is applicable to existing system rather than new systems
FINGERPRINT WEB AUTHENTICATION SYSTEM
41 IVNEET SINGH –TP023861
Bad documentation
Sometimes using this technique may produce the system with poor performance.
5.5 Clean room
Description: The basic idea to use this technique is to control the cost by detecting bugs as early
as possible, when they are less costly to remove. Rather than documenting everything for the
software design and requirements it uses off-line review techniques to better understand develop
the software before it is executed. In this technique the programmers are not allowed to perform
trails and errors while execution of the software, the software should execute successfully first-
time. The testing uses statistical examination to focus on the errors of the software that cause
failures.
The conclusion is that much time is spent to verify the program as less time is given for
designing and coding. The program testing must be done side by side as its much reliable than
following traditional life cycle models.
When to Use Cleanroom
Clean room can be combined with other models like incremental, spiral and waterfall to produce
complex systems. This technique provides better results and high quality software instead of
direct productivity increases. This technique requires semantic design model, full procedures and
unit testing before the product is released in the market.
Strengths of Cleanroom
The errors are recognized in the early stage
Provides high quality software and reliable products
Weaknesses of Cleanroom
It requires complete user requirements , only after that we can start developing the system
Using this technique may not produce creative products due to disciplined style.
FINGERPRINT WEB AUTHENTICATION SYSTEM
42 IVNEET SINGH –TP023861
5.6 Object-Oriented
Description:
The object oriented approach is to focus on real world objects in the software development. It is
basically based on the idea that human limitation cannot manage more than seven concepts and
single time. Grady Brooch suggests that, “The principles of software engineering can help us
decompose systems so that we never simultaneously deal with more than seven entities”. The
object oriented also includes object oriented analysis, object oriented design and object oriented
programming.
Where to Use object – oriented
Use Object – oriented in projects where
It can be used where the functional complexity of the software is lesser concern.
Object oriented techniques can be used for implementing the technology as it also
provides adequate tools which are very helpful.
Using object oriented techniques the organization can change its development methods.
Strengths of Object-Oriented:
There is lower maintenance cost as this technique emboldens a complete solution.
The model states the user's sight of certainty.
Weaknesses of Object-Oriented
Using object oriented techniques can be difficult for the developers with the structured
back ground.
Can be difficult to resolve the complex issues.
FINGERPRINT WEB AUTHENTICATION SYSTEM
43 IVNEET SINGH –TP023861
5.7 Justification for chosen methodology
FWAS is a system that can be implemented in any other universities with minimum
requirements. Developer choose waterfall methodology for developing the system because this
methodology includes portioning a large system into a manageable smaller ones and organizing
the details into an understandable by utilizing a top-down approach. This methodology provides
measurable, reviewable and definable product specification. At the end, the process draws on
more system personnel resources as well as user involvement. It increases involvement and
communication between system and users. It also allows allocation of simpler tasks to junior
personnel which mean each and every group member is equally distributed among tasks. A great
impact of this methodology is that the total time and cost are greatly reduced, if system
developed by this methodology is implemented in the organization. It also includes developing
and maintaining the system specification, especially for the outputs.
Waterfall facilitates timelines by allowing project planning, management and control all within a
single methodology. On the usability side, special emphasis is placed on analyzing user’s
requirements. At the same time, the system’s data model is developed and a specification
analysis is carried out. All this is done to match the system’s design to the needs of the user.
It does not require any special skills and can be taught easily to any team member to embrace the
methodology. This translates to speedy implementation and clear communication. The quality of
the end product is controlled as the error rate is reduced by defining certain quality benchmarks
in the beginning and measuring it constantly against current progress. Productivity is improved
by encouraging on-time delivery, meeting business requirements, ensuring better quality, and
utilizing human resources effectively. This means a high quality Online E-recruitment System
can be deployed within a shorter turnaround time. Finally, Waterfall can be used freely without
paying any license fees or royalties to any part.
FINGERPRINT WEB AUTHENTICATION SYSTEM
44 IVNEET SINGH –TP023861
6 Languages
6.0 ASP.Net ASP.Net is the product of Microsoft. It is the extended version of active server pages; which
helps in the web development model that includes basic services required for the developer to
develop the web applications. (Sae-Chin, 2002) It can support various languages like VB, C++,
C#, J# Jscript. Net frame work does not only limit itself to any one language which is the good
about it. It works on the windows environment and also support to the web pages.
6.1 Java It is a programming language used to develop the applications. It is easier to write and develop
application using this language as compared to other languages. The limitation of this language
is that it limits the developer to use only one language that is java. This language also contains
the API which can develop the applications more easily and faster. It is platform independent
the programs use java virtual machines for the abstraction and do not access the operating
system directly.
Level J2EE .NET
1. Presentation
and access
Java server pages are used to build tag-
oriented dynamic web pages for accessing
remote objects. Dynamic pages can also
be built programmatically using servlets.
Swing is used to build rich interactive
GUI
.NET uses ASP.NET for dynamic
HMTL pages. Windows forms are
used for building rich and complex
GUI and web services are used for
programmatic access to remote
business logic.
2. Business logic Enterprise JavaBeans hold the
applications business logic- the code that
implements the functionality of the
system
.NET managed components are
made for .NET environment and
unlike COM components, are
registered in the registry. COM
queued components works
asynchronously, e.g. in scenarios
where the serve is not online all the
time
FINGERPRINT WEB AUTHENTICATION SYSTEM
45 IVNEET SINGH –TP023861
3. Connectivity Java database connectivity provides
access to tabular data. Java connector
architecture allows J2EE components to
access different enterprise information
systems. JMS is a messaging standard
which allows sending and receiving SMS
asynchronously.
ADO.NET is used for accessing
relational databases and provides
integration with XML. An XML
API provided for mapping .NET
components to XML protocols
such as SOAP and WSDL
4. Runtime Java runtime engine , which includes the
java virtual machine, core java classes
and support files
All.NET applications use single
runtime engine, the common
language runtime for all.
6.2 PHP
Level ASP.Net PHP
1. Speed Like all other .Net application
asp.net applications are
compiled which makes it more
faster than PHP
PHP applications are
interpreted, to have same effects
like asp.net PHP accelerator
must be installed on server side
which most of companies avoid.
2. More language support Asp.net is written using object
oriented programming
languages of our choice
PHP is simple scripting
language in compare to other
.Net applications like VB.Net,
C# etc. These languages give
more control and reusability.
3. Development
environment
Free development environment
for Asp.Net id available called
web matrix
This blows all other free
development environments for
PHP out of the water.
4. Part of .Net Using asp.net is very beneficial
as it easy to understand and
using asp.net also helps with the
development of windows
applications.
PHP has PHP-GTK, but it’s
currently very immature
compared to .NET
FINGERPRINT WEB AUTHENTICATION SYSTEM
46 IVNEET SINGH –TP023861
6.3 Justification for choosing the programming language For developing fingerprint web authentication system developer have chosen ASP.Net as a
programming language to develop the system because more hardware support is available for
these languages, many API are available and much research is being done on these
programming language ,it also supports trusted platform.
As survey was also conducted in June 2002 regarding which programming language will be
useful in future. The survey was completed by 633 development managers; the survey showed
that .NET had already gained a strong place in the IT industry. It also showed the ratio of
projects using .Net to J2EE is 28% to 48.8 %, in future it will increase to 52.2% to 51.8%.
Another survey was conducted in October 2002 with 600 developers as it resulted that more
people where using .Net rather than Java. The ratio of using .Net to J2EE was 63% to 61%.As
keep in mind for future implementation of the system developer decided to choose ASP.Net as a
programming language to develop the system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
47 IVNEET SINGH –TP023861
7 Survey
7.0 Introduction
The online survey was conducted among the lecturers and other staff members of the APIIT
University. There are more than 150 lecturers available working within the university. The
developer needs to design the survey online survey form and email survey forms for the
university lecturers and other staff members. The developer conducted this online survey to
know the usage of current system and the problems that users faced in the current system. The
online survey was conducted with 88 lecturers as there were only 34 respondents for the survey
form. The contribution of university lectures and other staff members helped the developer to
complete the survey.
7.0.1 Objective The main objective to conduct this survey was to know about the usage of current system and
issues faced by the users in the current system. The developer will able to know about the level
of authentication required by the users in the current system. From the survey developer will
able to know about the usage of biometric technology by the lecturers and staff members of the
university.
7.0.2 Survey Design
Fingerprint Web Authentication System
This survey is carried out as partial fulfillment for the cause of bachelor's degree research. The
research is entitled as “Fingerprint Web Authentication System ". Objective of this survey is to
collect data from the lectures working in the university and also to know importance of
implementing security into university websites. The data is needed to know about the
importance, security and usability of biometric systems. The Fingerprint Web Authentication
System will authenticate the lecturers using their fingerprint while logging into the university
website. This system will help in increase in security on websites as much confidential
information is been available. I hereby declare that all your personal information will be kept
confidential.
FINGERPRINT WEB AUTHENTICATION SYSTEM
48 IVNEET SINGH –TP023861
Kindly Specify your personal Information * Job Title and Work Experience
How often do you use your university websites? * If you answer "Never" please skip the survey
else continue
Always
Sometimes
Never
What is the main purpose for using university websites?
Frequently
used Seldom Never
Web-mail
Web attendance
Web results
Library
Schedules
FINGERPRINT WEB AUTHENTICATION SYSTEM
49 IVNEET SINGH –TP023861
What are the major issues you face while login into university website "You can choose multiple
options"
GUI problem (Hard to understand the interface of the system)
Security (Sometimes you forget your password or accounts get compromised)
Performance (Delay in time while login)
Others please specify
Logging into university websites using only username and passwords, do you think it is secure as
username and passwords can be easily acquired / hacked If "Agree" with above statement ,
please specify your comments
Agree with above statement
Disagree with above statement
Do you think implementing biometric technology on university websites will increase security
“If you answer No then please skip the survey else continue"
Yes
May be
No
What type of functionality do you think will be best for increase in security?
Using username and fingerprint
Using only fingerprint
FINGERPRINT WEB AUTHENTICATION SYSTEM
50 IVNEET SINGH –TP023861
Using username, security question and fingerprint
"The system will authenticate the university lecturers or staff members using their fingerprint to
login into their university website accounts." Do you require training for using this system?
Yes
May be
No
Please suggest any other technology or system except biometrics to increase in security for
websites (Optional)
FINGERPRINT WEB AUTHENTICATION SYSTEM
51 IVNEET SINGH –TP023861
Question 1
Actual user response
Objective
Result Chart & table
Actual user response
Objective
Result Chart & table
Actual user response
Objective
Conclusion of analysis
Result Chart & table
Actual user response
Objective
7.0.3 Survey Analysis
How often do you access university websites?
If you answer "Never" please skip the survey else continue
Always
Sometimes
Never
The main objective of this question was to know how often lecturers access university
websites. From this developer will get an idea about how frequently the current system
(university websites) are been accessed by the users. Before developing the system for
university developer need to know about the usage of the current system by the users.
Most of the lecturers always access university website but few of them working as part time
lecturers access these website sometimes.
From the above graph and table developer concluded that most of the lectures always use
university websites to login into their accounts. But part time university lecturers some time
access university website as they are not required to mark attendance or check schedule
regularly. So the system that developer will design might be implemented into the university
websites which will be used regularly by the university lectures and other staff members.
Question1 No. of
response
Percentage
Always 31 91%
Sometimes 3 9%
Never 0 0%
FINGERPRINT WEB AUTHENTICATION SYSTEM
52 IVNEET SINGH –TP023861
Result Chart
Question 2
Actual user response
Objective
What is the main purpose for using university website?
The main objective for this question was to know the purpose of using university websites
by the lecturers. From this developer will get an idea about usability and functionality of
current system .
Maximum number of lecturers frequently uses the university websites for web mail, web
attendance and schedules as compared to library and web results.
Number of users
FINGERPRINT WEB AUTHENTICATION SYSTEM
53 IVNEET SINGH –TP023861
Number of users
Number of users
Number of users
Number of users
FINGERPRINT WEB AUTHENTICATION SYSTEM
54 IVNEET SINGH –TP023861
Question-2 Frequently used Seldom Never
Webmail 20 11 2
Web
attendance
30 0 2
Web results 6 16 11
Library 11 11 11
Schedules 30 2 1
Conclusion
From the analysis above developer concluded that maximum lecturer use web space
intranet for web-attendance and for checking time schedules. There are some services
like web results and library which users do not prefer to use much as compared to
other. The analysis above also shows about the usability of the system on regular basis.
FINGERPRINT WEB AUTHENTICATION SYSTEM
55 IVNEET SINGH –TP023861
Conclusion of analysis
Result Chart & table
Question 3
Objective
What are the major issues you face while login into university website
GUI problem (Hard to understand the interface of the system)
Security (Sometimes you forget your password or accounts get compromised)
Performance (Delay in time while logging in)
Others please specify
The main objective of this question was to know about issue faced by the lecturers while
using university website. From this question developer will get an idea about the issues faced
by users so that developer should design such a system which can minimize the issues related
to current system
People may select more than one checkbox, so percentages
may add up to more than 100%
From the analysis developer concluded that, the system interface should be user friendly so
that users can easily access the information. There is an ardent need to implement the system
that can minimize the issues regarding university websites. Implementing fingerprint web
authentication system will help in minimize the security and performance issues faced by the
users. Using this system it will also effect in increase in performance in the current system.
The graphical user interface for the system will be designed in a very user friendly layout so
that users can easily get access to their information.
Question4 No. of
response
Percentage
GUI 12 35%
Security 26 76%
Performance 26 76%
Others 3 9%
While using university websites maximum users face issue regarding security (either they
forget their passwords or their accounts get compromised) and performance (delay in time).
Some lecturer faces GUI problems while using current system as it is hard to understand the
interface of the system.
Actual user response
FINGERPRINT WEB AUTHENTICATION SYSTEM
56 IVNEET SINGH –TP023861
Conclusion of analysis
Result Chart & table
Question 4
Actual user response
Objective
Logging into university websites using only username and passwords, do you think it
is secure as username and passwords can be easily acquired / hacked
o Agree with the above statement
o Disagree with the above statement
The main objective of the question was to know what users think about login security in
current system. The current system only uses username and passwords to login into their
accounts. From this developer will get an idea about what users think about current system as
it is secure or not to login into their accounts.
Maximum number of users disagrees with the statement as they think that it is not secure to
login into the accounts using only username and passwords as they can be easily acquired.
From the above analysis developer concluded that most of the users are not satisfied by the
current system login functionality as it only uses username and password the users thinks
that level of authentication while logging is not strong. So, yes there is a need of a system
which should be highly secure. The security can be implemented to the university website
by using fingerprint web authentication system which will increase the level of
authentication for the user using university websites for logging into their accounts.
Question4 No. of
response
Percentage
Agree 13 38%
Disagree 21 62%
Logging into university websites using only username and passwords, do you think it
is secure as username and passwords can be easily acquired / hacked
Disagree (21)
Agree (13)
FINGERPRINT WEB AUTHENTICATION SYSTEM
57 IVNEET SINGH –TP023861
Conclusion of analysis
Result Chart & table
Question 5
Actual user response
Objective
Do you think implementing biometric technology on university websites will increase
security?
Yes
May be
No
The main objective of this question was to understand what user thinks about implementing
the biometric technology for increase in security to university websites
Most of users think that implementing biometric technology will help in increase in security
of the university websites. As now these days information security is becoming an issue.
Do you think implementing biometric technology on university websites will increase
security? Question4 No. of
response
Percentage
Yes 24 71%
May be 10 29%
No 0 0%
From the analysis developer concluded implementing biometric technology will help in
increase in security. And more even using fingerprint technology also helps the users to have
fast and accurate access to the system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
58 IVNEET SINGH –TP023861
Conclusion of analysis
Question 6
Actual user response
Objective
What type of functionality do you think will be best for increase in security?
Using username and fingerprint
Using only fingerprint
Using username , security question and fingerprint
Before developing the system the developer should know about which level of security
should be implemented for login into the current system. From this question developer will
also understand about what are the user’s requirements for login into the current system.
There was not much variation between the user’s response options but as most of the user
suggested to implement the username, fingerprint and security question for login functionality
of the system.
Question6 No. of
response
Percentage
Username &
finger print
13 38%
Only
Fingerprint
11 32%
Username ,
fingerprint &
security
question
10 29%
What type of functionality do you think will
be best for increase in security?
From the above analysis developer concluded that for login into the current system username
and fingerprint will be much better as it will easy to use and users need not spend much time
on login page by entering their details. But for the secondary login developer will implement
username, password and security question.
FINGERPRINT WEB AUTHENTICATION SYSTEM
59 IVNEET SINGH –TP023861
Conclusion of analysis
Result Chart & table
Question 7
Actual user response
Objective
"The system will authenticate the university lecturers or staff members
using their fingerprint to login into their university website accounts."
Yes
May be
No
Do you require training for using this system?
The main objective of the question was to know about the requirement for the new system
for the users. From this question developer will able to know whether the users need some
sort of training or user manual for the new system or not.
Not much variation was found in user’s response as most of the users require training for the
usage of new system.
Question4 No. of
response
Percentage
Yes 10 29%
May be 9 26%
No 12 35%
"The system will authenticate the university lecturers or staff members using their
fingerprint to login into their university website accounts."
Do you require training or user manual for using this system?
According to the analysis of users response developer decided to design a user manual for
the new system. If further assistance is required by the users then developer might conduct
training program for the users.
FINGERPRINT WEB AUTHENTICATION SYSTEM
60 IVNEET SINGH –TP023861
Conclusion of analysis
Question 8
Actual user response
Objective
Conclusion from survey
From the survey analysis developer concluded that the maximum number of users are familiar
with biometric technology. The usage of the current system is very high and users always use
the system, so the proposed system might be implemented to the current system which will
provide them better security. The proposed system will also minimize the performance and
security issues faced by the users. As the target users are university lecturers and staff
members, training and user manual will be provided for the new system.
From this question developer will be able to know about the other technologies used for
increase in website security and will also be able to compare the security potential among the
other technologies with the fingerprint web authentication system
Please suggest any other technology or system except biometrics to increase in security for
websites
The level of authentication is very good.
TAC Number (like the ones used by banks),
Questions that only the user know the answer, Security Devices that generate a security
number (used by HSBC), digital signatures, third party verification
You can also have an add-on for the passwords to login into the websites.
The cost/benefit ratio and need for deployment of fingerprint readers for login needs to be
considered very carefully.
Alternatives approaches can be explored such as one-time pin via SMS for really critical
applications may be a simpler option. Image-based password, one-time password
From the users response and comments developer concluded that the level of authentication
used in the system is good and to increase the security potential the secondary login can have
the virtual keyboard or SMS pin sending technique which is widely used in most of the
banking websites.
FINGERPRINT WEB AUTHENTICATION SYSTEM
61 IVNEET SINGH –TP023861
7.1 Interview
7.1.1 Introduction The interview was successfully conducted with project manager of CTI Group Malaysia. The
interview was conducted on 19th
April 2011 at 10:00 AM. The developer had pre planned the
interview session with the project manager. The interview was recorded for the documentation
purpose and developer had designed questions for the interview. The interviewee had
tremendous experience for more than 14 years in Information in IT industry and also had done
some of the project related to biometric technology. The developer chose the project manager
for CTI Group because the current system running in the university was developed by the CTI
group and interviewee was the project manager for the system that has been implemented in the
university. So much information can be gathered regarding the current system which will be
helpful for the developer to analyse the current system.
7.1.2 Objective The main objective to conduct the interview was to gather detailed information about the
current system. From the interview developer will able to know about which programming
language and methodology should be suitable for the development of biometric fingerprint
system. The interview was conducted focusing on technical aspects of the current and proposed
system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
62 IVNEET SINGH –TP023861
Question 2
Interviewer response
Question 3
Interviewer response
Question 1
Interviewer response
7.1.3 Interview Analysis The conversation before recording is mentioned in Appendix C
Kindly Specify your
Job Title and work experience
The interviewer is currently working as Project Manager in CTI group. The interviewer has
more than 14 years of experience in IT related projects. The interviewer also worked in
overseas related to the information security systems.
Have you worked on any project related to websites like web-space or intranet APIIT
Yes, currently we are working on new version of web-space with better GUI and using
https for increase in security. It will be very soon used by APIIT University; even we
have developed a training program for the lecturers and university staff members
regarding new web-space
Yes, currently also we are working on a new version of web-space with better GUI and
using https for increase in security. It will soon be used by APIIT University; even we
have developed a training program for the lecturers and university staff members
regarding new web-space
As my system is based on fingerprint web authentication system, do you think that this
system will enhance security and performance as compared to other technologies?
Yes, it can be a further step taken forward towards the security, as it can avoid the sniffer
tools and key-loggers. Yes, it is a solution to the current problems faced by the internet
users but as we focus on using this system overseas it can be problem using this system
as might possible that I do not use my notebook to login into this system.
Interviewee Response
Interviewee Response
Interviewee Response
FINGERPRINT WEB AUTHENTICATION SYSTEM
63 IVNEET SINGH –TP023861
Question 4
Interviewee response
Question 5
Interviewee response
Question 6
Interviewer response
Is there any other technology that can be used as solution for current problems in the
current system?
Yes, we can implement the SMS gateway that can send SMS to the lectures every time
they need to login into their accounts. But as this technology will be very expensive, we
cannot think to implement such a system for the university websites.
Have you done any projects based on biometric technology used by websites?
No, I did not use biometric technology on websites but Yes, I did work on biometric
projects. The project was designed for the government of Iraq which was regarding
voting system. As a part of team member we need to develop the system using C and
C++ languages as by that time C# was not used widely and was also having some bugs.
As your system was based on biometric fingerprint technology, can that system be
implemented as online voting system?
Yes, but they need to design the entire system again for E-Voting systems. The database
can remain the same as the user for E-voting system will be same.
FINGERPRINT WEB AUTHENTICATION SYSTEM
64 IVNEET SINGH –TP023861
Question 7
Interviewee response
Question 8
Interviewee response
Which programming language should be used for the designing the biometric web based
system?
Selecting a programming language does not matter a lot because the functionality of the
system will remain the same. As you are working on web based technology I would
prefer using dot net language like Asp.net for the web designing. You can use MS SQL
database for the designing the database. Using .net programming also limits you to
Microsoft windows based but if you are using java language it can work on any platform.
But using Asp.net is still better as java language it is more difficult to design the web
based system as compared to Asp.net.
As my system will using biometric finger print technology, which type of database should
be used for the web based biometric system
Selecting a database for the system also depends upon the device like if you scan the
fingerprint, it will convert it into the image format. You need to check the compatibility of
the biometric fingerprint device. I would prefer using MS-SQL because as your system is
web based MS-SQL provides much functionality as compared to MS-Access. You can
also use MS-Access but the functionality will be limited to the system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
65 IVNEET SINGH –TP023861
Question 9
Interviewee response
Conclusion for interview
Which methodology do you follow in the IT projects?
“I would suggest you to use waterfall methodology for your system because using this
methodology the process in the project will be well organized without finishing the first
step you cannot move to the next step. E.g: Our team was assigned to the develop a
system for accounts for APIIT but before the clients requirements were defined we started
the project , as the clients requirements does not match , we need to go back and start the
project again which causes wastage of time , money and resources. Using waterfall
methodology we process the project in a well-organized or structured manner.
Most of IT project use CMMI level 3 or level 5, this requires lots of documentations
which also include 41 pages of forms. It takes lots of time and resources to start and
project using CMMI, as per my experience each and every project by the end comes to the
waterfall methodology as they need to think again in the well-structured way to complete
the project within the given time frame.”
The interview was successfully conducted with the project manager of CTI Group. As per
the expert views and advice regarding my system the developer will choose ASP.Net as a
programming language for developing the system because as this system is web based and
using this programming language it will be better to develop the system and also provides
much functionality as compared to other programming languages. The developer will use
MS-SQL database for the system as it is also compatible with the hardware biometric
device and using this database will be much better as compared to MS-Access. For the
project, developer will choose waterfall methodology as this methodology also is well
structured in each and every stage and before completing previous stage the process
cannot move further.
FINGERPRINT WEB AUTHENTICATION SYSTEM
66 IVNEET SINGH –TP023861
Overall Conclusion for primary research
As per the primary research developer had great experience in questionnaires and survey.
Developer had the opportunity to learn more about the biometrics and is now clear with the
requirements of the system. As part of interview, developer decided to work on biometrics live
fingerprint device for the project. Developer will have a clear idea about the programming
language used, storing data in the database and fetching information from the biometric devices.
Developer needs to work on the software development kit (SDK) that comes with the devices
itself. The SDK will help the developer in development and functionality of the system. From
the survey developer concluded that there is less security provide in the current system and
some of the users sometimes face problems in the current system. For implementing the new
system the developer will look forwards towards the performance of the system. For further
assistance of the users developer might provide a user manual for the proposed system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
67 IVNEET SINGH –TP023861
8 Design
8.0 Design Principles
Visibility:
The design should consist of all system functionality and tasks available. The design
should be visible to users without distracting them with unnecessary information. Good design
should not provide users with many different alternatives neither confuse them with the given
functionality. The visibility of the design is possible when you know how to operate the system
or device. The visibility of the design shows the inner and outer functionality of the working
system. The functions should be clear and should also able to differentiate between other
functions available in the system. The visibility depends upon the human behavior like on a
video or a web it is easy to achieve visibility.
Feedback:
The design should able to keep users up-to-date about the actions and explanation, design should
also mention about the change is conditions and bugs that deal with functionality of the system.
In system if there is any error the feedback should be given to the users. Feedback is very
important part of design principles.
The design should able to shows the users about the operations in the system:
How is user going to input in the system
What is user going to input in the system.
Consistency:
For the system we need to follow certain standards for developing the product, also need
to make sure about the actions and command performed within the application. In some
consequences like similar situations consistent sequence of actions are required. In design also
the developer needs to focus on color, layout design, fonts and figures. Exception, like no
duplication of passwords and when delete any user should perform the double check function to
delete.
FINGERPRINT WEB AUTHENTICATION SYSTEM
68 IVNEET SINGH –TP023861
Constraint:
It is a property of object to use the system is limited number of ways. It also helps the
user to minimize the possibility of making errors. The designer needs to make sure that users
should not make errors while using the system. The interface of the system should be easily
accessible and clear to the users.
When the interface of the system is consistent the users will able to learn faster and comfortable
with the system very quickly. Maintaining consistency in the system includes:
The layout of screen
The navigational functions
The graphic designs
The use of images
Mechanism of the system
Consistent design
FINGERPRINT WEB AUTHENTICATION SYSTEM
69 IVNEET SINGH –TP023861
8.1 Diagrams
8.1.1 Context Level Diagram
APIIT INRANETUsers AdminLogin Login
Authenticate and Process Services
Authenticate and Process Services
8.1.2 0 Level Diagrams
User Admin
Login System
Process Service
Logins
Logins
Database
Search
Availability
Process ServiceProvides
FINGERPRINT WEB AUTHENTICATION SYSTEM
70 IVNEET SINGH –TP023861
8.1.3 1 level Diagram
User Admin
Username / fingerprint
Username / fingerprint / security
answer
Database
User services Admin Services
Logins Logins
Logins Logins
Search
FINGERPRINT WEB AUTHENTICATION SYSTEM
71 IVNEET SINGH –TP023861
8.1.4 2 Level Diagram
User Admin
Username / fingerprint
Username / fingerprint / security
answer
Database
Academic Operations Register New user
Login Login
Login Login
Search
Academic administration
Web and Email
Search user
Delete user
Administrator ServicesStaff Services
FINGERPRINT WEB AUTHENTICATION SYSTEM
72 IVNEET SINGH –TP023861
8.2 Inner System Functionality
8.2.1 Context level Diagram
8.2.2 Initial class diagram
Web Fingerprint System
Administrator
Logins
Authentication Report
Logins
Process
Report
Users
Fingerprint Reorganization
Delete Database
Error Messages
Fingerprint Reorganization
8.2.3 Final class diagram
Enroll
Fingerprint
Identification
Feature extraction
Verification
Matching
FINGERPRINT WEB AUTHENTICATION SYSTEM
73 IVNEET SINGH –TP023861
8.2.4 Administrator ELH
Administrator
Add new
Staff
Delete
existing Staff
Administrator
Profile
*Do Fingerprint
Recognition
0
Database
information
0
Delete
Database
Search
existing Staff
FINGERPRINT WEB AUTHENTICATION SYSTEM
74 IVNEET SINGH –TP023861
8.2.5 User ELH
User
Profile
Registration Profile Deletion
*User Profile
Do Fingerprint
RecognitionView Services
FINGERPRINT WEB AUTHENTICATION SYSTEM
75 IVNEET SINGH –TP023861
9 Implementation Website Home Page
Description: The page illustrate above is home page for the website which contains login
button. Menu bar which contains Home , About us and Contact us
Coding: </asp:Content> <asp:Content ID="BodyContent" runat="server" ContentPlaceHolderID="MainContent"> <h2> Welcome to the WEBSPACE-intranet  <asp:Menu ID="NavigationMenu" runat="server" CssClass="menu" EnableViewState="false" IncludeStyleBlock="false" Orientation="Horizontal"> <asp:MenuItem NavigateUrl="~/LogInPage.aspx" ToolTip="Home" Text="Login"></asp:MenuItem> </Items> </asp:Menu> <asp:Panel ID="Panel1" runat="server" BackImageUrl="~/apiitmain.PNG" Height="191px"> </asp:Panel>
FINGERPRINT WEB AUTHENTICATION SYSTEM
76 IVNEET SINGH –TP023861
About Page
Description: The page illustrated above tells about university employability , technology ,
innovation , professional and fun
Coding: <asp:Content ID="HeaderContent" runat="server" ContentPlaceHolderID="HeadContent"> <style type="text/css"> .style2 </style> </asp:Content> <asp:Content ID="BodyContent" runat="server" ContentPlaceHolderID="MainContent"> <h2> About Us</h2> <p> <img alt="" class="style2" src="about.PNG" /></p> <p> </p>
FINGERPRINT WEB AUTHENTICATION SYSTEM
77 IVNEET SINGH –TP023861
Login Page
Description: The image illustrated above shows the APIIT Intranet login system. The user
needs to enter the username and fingerprint image to login into the system
Coding: Dim U1 As Char Dim connection As SqlConnection = New SqlConnection connection.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Ivneet\Desktop\Ivneet_Singh_FYP_Final_Version1.1.2\App_Data\FingerprintDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True") Dim command As SqlCommand = New SqlCommand command.CommandText = ("SELECT Username,Fingerprint FROM FingerprintDetailsTable WHERE Username = '" & TextBox1.Text & "'AND Fingerprint = '" & FileUpload1.FileName & "'") command.Connection = connection connection.Open() Dim reader As SqlDataReader = command.ExecuteReader() If reader.Read = True Then U1 = TextBox1.Text Server.Transfer("StaffPage.aspx") ElseIf TextBox1.Text = "admin" And FileUpload1.FileName = "110_4.tif" Then Server.Transfer("AdminPage.aspx") Else MsgBox("Access Denied ,Try Again!") TextBox1.Text = "" End If
Username: This field
should not be
emptyResult Chart &
table Finger pattern: Enroll
fingerprint image from
database
If username and
fingerprint is not null
then login into system
Cancel: This button will
cancel the current
operation
FINGERPRINT WEB AUTHENTICATION SYSTEM
78 IVNEET SINGH –TP023861
Secondary Login Page
Admin Login
Username: This field
should not be empty
Security question: From
dropdown list user need
to select the question
Security: This field
should not be empty
Password: This field
should not be empty
If username and
fingerprint is not null then
login into system
If username, password
and security answer is
not null then login into
system
FINGERPRINT WEB AUTHENTICATION SYSTEM
79 IVNEET SINGH –TP023861
Description: The image illustrative above shows the services provided to the
administrator for adding new staff , search for staff and delete the staff
Coding: <asp:Content ID="Content1" ContentPlaceHolderID="HeadContent" Runat="Server"> </asp:Content> <asp:Content ID="Content2" ContentPlaceHolderID="MainContent" Runat="Server"> <p> welcome admin </p> <asp:Menu ID="NavigationMenu" runat="server" CssClass="menu" EnableViewState="false" IncludeStyleBlock="false" Orientation="Horizontal"> <Items> <asp:MenuItem NavigateUrl="~/AddStaff.aspx" ToolTip="Home" Text="Add New Staff"></asp:MenuItem> <asp:MenuItem NavigateUrl="~/SearchStaff.aspx" Text="Search Staff Details"/> <asp:MenuItem Text="Delete Staff Details" Value="Contact" NavigateUrl="~/DeleteStaff.aspx"> </asp:MenuIt </Items>p:Menu> <asp:Button ID="Button1" runat="server" BackColor="White" BorderColor="#003366" ForeColor="#003366" Text="Logout" /> </asp:Content>
FINGERPRINT WEB AUTHENTICATION SYSTEM
80 IVNEET SINGH –TP023861
Add new Staff
Description: The image illustrated above shows the fields required to register new staff into
the APIIT intranet system. The administrator will have the rights to register
new staff into the database.
Coding: Dim myconn1 As SqlConnection = New SqlConnection myconn1.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Ivneet\Desktop\Ivneet_Singh_FYP_Final_Version1.1.2\App_Data\FingerprintDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True") Dim scomma1 As SqlCommand = New SqlCommand scomma1.Connection = myconn1 scomma1.CommandText = ("INSERT INTO FingerprintDetailsTable(Username, Password, SecurityQuestion, SecurityAnswer,Fingerprint) VALUES('" & TextBox1.Text & "','" & TextBox2.Text & "','" & DropDownList2.Text & "','" & TextBox4.Text & "','" & FileUpload1.FileName & "') ") myconn1.Open() Dim sdr1 As SqlDataReader = scomma1.ExecuteReader If True Then MsgBox("Saved in Database") Else MsgBox("Access Denied ,Try Again!") End If
User needs to enter their
name
Users need to enter their
password for
registration
Users need to choose
any security question for
login
For the chosen security
question user needs to
mention the answer in this
field
Adding fingerprint
image to a database for
new user
To add a new user into
the database, press this
button
FINGERPRINT WEB AUTHENTICATION SYSTEM
81 IVNEET SINGH –TP023861
Search Staff
Description: The image illustrated above search already registered staff details from the
database
Coding: Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\FingerprintDatabas
e.mdf;Integrated Security=True;User Instance=True
Search from fingerprint_table where username= ” ”
If true then search result else display=”no match found”
This button will navigate
admin back to service
page
This button will search
for staff in the database
FINGERPRINT WEB AUTHENTICATION SYSTEM
82 IVNEET SINGH –TP023861
Delete Staff
Description: The image illustrated above is to delete the already registered staff from the
database.
Coding: Dim myconn1 As SqlConnection = New SqlConnection myconn1.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Ivneet\Desktop\Ivneet_Singh_FYP_Final_Version1.1.2\App_Data\FingerprintDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True") Dim scomma1 As SqlCommand = New SqlCommand scomma1.Connection = myconn1 scomma1.CommandText = ("DELETE FROM FingerprintDetailsTable WHERE Username = '" & TextBox1.Text & "'") myconn1.Open() Dim sdr1 As SqlDataReader = scomma1.ExecuteReader MsgBox("Deleted From Database")
This button will navigate
admin back to service
page
This button will search
for staff in the database
This button will delete
the staff from database
FINGERPRINT WEB AUTHENTICATION SYSTEM
83 IVNEET SINGH –TP023861
Staff Services Page
Description: The image illustrated above shows the services provided to staff in APIIT
Intranet
Coding: <asp:Content ID="Content2" ContentPlaceHolderID="MainContent" Runat="Server"> <p> <strong>Welcome Staf ; <asp:Button ID="Button1" runat="server" Text="Logout" /> </p> <asp:Panel ID="Panel2" runat="server" BackImageUrl="~/intranet.PNG" Height="363px" style="margin-left: 0px" Width="901px"> </asp:Panel> <p> </strong></p> <asp:Panel ID="Panel1" runat="server"> </asp:Panel>
FINGERPRINT WEB AUTHENTICATION SYSTEM
84 IVNEET SINGH –TP023861
10 Testing
10.0 Unit testing:
10.0.1 Test case: Username Function Task Condition Expected Result Actual Result Comments
Username
Login
Enter username for
login into the system
Open login
system and
enter
username
The application
should able to
open the login
system by clicking
login button on
homepage and
then user enters
username in the
system
The application
allowed user to
type username
in the textbox
available in
login system.
Username was
successfully
entered with no
errors
Enter username and cancel The application
should able to
navigate back to
website home
page.
The application
navigated to
website home
page.
If the users enters
the username and
press cancel
button then it
should navigate
the users to home
page.
FINGERPRINT WEB AUTHENTICATION SYSTEM
85 IVNEET SINGH –TP023861
10.0.2 Test case: Loading image Function Task Condition Expected Result Actual Result Comments
Upload /
browse
image
Click on browse
Image button
Browse the
image , select
and open
The application
should be able to
browse the image
from a new
window and select
the image from
fingerprint
database located in
the hard drive.
The application
should allow
browse , select
and open the
image
Image was
uploaded
successfully with
no errors.
Browse, select image and cancel The application
should be able to
navigate back to
website home page.
The application
navigated to
website home
page.
If the users enters
the username and
selects the image
and press cancel
button then it
should navigate
the users to home
page.
Select anything other than
fingerprint image for example any
document
or music/video
The application
should display an
error message box
As expected
The system
displays an error
message box
If the user select
any other format
except than .if the
system displays
an error message
box .
FINGERPRINT WEB AUTHENTICATION SYSTEM
86 IVNEET SINGH –TP023861
10.1 Unit testing:
10.1.1 Test case: Username and fingerprint image Function Task Condition Expected Result Actual Result Comments
Login Enter username and
fingerprint to login
into the system
Open login
system and
enter
username
and upload
fingerprint
The application
should be able to
open the login
page by clicking
login button
available on
homepage and
then user enters
username and
uploads the
fingerprint image
in the system
The application
should accept
the username
and fingerprint
image and then
look for a match
in database.
Username and
fingerprint image
was successfully
entered with no
errors
Enter username and fingerprint ;
press cancel
The application
should be able to
navigate back to
website home
page.
The application
navigated to
website home
page.
If the users enters
the username and
uploads
fingerprint image
press cancel
button then it
should navigate
the users to home
page.
Enter wrong username and
fingerprint image
The application
should detect the
invalid user and
prompt the
message box
“Access deny, try
again!”
The application
detected the
invalid user and
prompt the
message box
“Access deny,
try again!”
Wrong username
and fingerprint
image was
uploaded to login
into the website,
Message box
appeared
“Access deny, try
again!”
FINGERPRINT WEB AUTHENTICATION SYSTEM
87 IVNEET SINGH –TP023861
10.1.2 Test case: Adding new staff to database (For Administrator) Task Condition Expected Result Actual Result Comments
Click on
Add new
staff to
register new
staff in the
database
Add username ,
password ,
security answer
and fingerprint
image into a
valid class
number of
database
A display box
should prompt
saying “Saved to
database”
Display box
appears “user
already exists”.
As expected
A display message
box appears
describing the
success adding new
users to database
and also displaying
in the table.
While registering
the new staff if staff
enters the username
and uploads the
fingerprint that
already exists in
database it will
display a message
that user already
exists.
The register
function for adding
new staff is working
properly with no
errors
If user enters
username or
uploads fingerprint
image twice into the
database it will
shows message box
with user already
exists.
If enters the
same details
that already
exists in
database
Enter invalid
char for
username
example any
special
character like (!
@,$,etc.)
An error message
should display
As expected
When the user enters
anything except
character or integer
the system should
displays error
message box.
If the user selects
any special
character or symbol
for username the
system generates an
error message.
FINGERPRINT WEB AUTHENTICATION SYSTEM
88 IVNEET SINGH –TP023861
Without
uploading
image to
register new
staff and press
Add to
database
Button.
An error message
should be
displayed fill all
details for new
staff registration.
As expected an error
message box
appeared that says
fill all details for
new staff
registration.
If the user doesn’t
select any image
and press - add to
database button
error box is
displayed which
says fill all details
for new staff
registration.
10.1.3 Test case: Search staff in database Task Condition Expected Result Actual Result Comments
Click on
search staff
button
If database
exists
If staff exists the
search button will
display the staff
details
As expected
Staff username was
entered for search, if
staff exists in
database display
details.
If the administrator
of the system wants
to know the
information of the
staff in database
then this button will
be pressed which
will show staff
details.
If database
does not
exist
Nothing will be
displayed
As expected an
No information will
be displayed
If administrator of
the system want to
know that if staff
username is
available in
database or no, by
clicking on search
information will be
retrieved.
FINGERPRINT WEB AUTHENTICATION SYSTEM
89 IVNEET SINGH –TP023861
10.1.4 Test case: Delete staff from database Task Condition Expected Result Actual Result Comments
Click on
delete staff
button
If staff is
available in
database
If staff exists the
search button will
display the staff
details and then
administrator can
delete the staff.
As expected
Staff username was
entered for search, if
staff exists in
database display
details and
administrator deletes
the staff from
database.
If the administrator
of the system wants
to delete the
information of the
staff in database
then this button will
be pressed which
will delete staff
details.
If staff is
not
available in
database.
Nothing will be
displayed on search
As expected an
No information will
be displayed on
search and delete
If administrator of
the system wants to
delete the staff
available in
database clicking on
delete will delete the
staff from database.
10.1.5 Test case: Troubleshooting login (Secondary login) Task Condition Expected Result Actual Result Comments
Click on
Troubleshooting
Login
If users do not
want to use
secondary
login system
or fingerprint
does not work
Enter username ,
password , security
answer to login into
the webspace
account
As expected
Staff username,
password and
security answers
were entered for
login.
The login using
username, password
and security answer
was successful.
FINGERPRINT WEB AUTHENTICATION SYSTEM
90 IVNEET SINGH –TP023861
10.1.6 Test case: Fingerprint matching Task Condition Expected
Result
Actual Result Comments
Click on
login Button
Without
selecting an
iris image
An error
message box
should appear
An error message box
appears displays that
–“Access denied”
To do login fingerprint
image has to be selected
and then the login button
should be pressed so that
system can match it
from the database and
login into the system.
Select an
fingerprint
image but
database is
empty
An error
message box
should appear
As expected
An error message box
“Access Denied” was
displayed
If the user selects any
fingerprint image for
login but database is
empty then the system
will not perform the
matching from the
database.
Select a
fingerprint
image to do
login into the
system.
A result
should be
displayed
As expected
The login should be
successful if there is
matching between
fingerprint and
username.
If any fingerprint image
is selected of a user and
that users image is
already stored to
database then the
matching result will be
displayed.
FINGERPRINT WEB AUTHENTICATION SYSTEM
93 IVNEET SINGH –TP023861
10.3 System testing
10.3.1 Stress Testing
FINGERPRINT WEB AUTHENTICATION SYSTEM
94 IVNEET SINGH –TP023861
11 Critical Evaluation
11.0 Degree of success
Analysing degree of success for this project was not an easy task as it will be partial to compare
the products which are already available in the market with this project. The success criteria are
measured by the objective and deliverables of the proposed system. The development of the
project developer needs to fulfil the basic requirements of the system and should able to deliver it
with full working functionality. Developer was able to complete most of the objectives
mentioned in the project.
This project itself was challenging tasks for the developer to develop fingerprint web based
authentication system. This type of web system has not yet been implemented on any of the
websites. Still the research is going on developing the web based fingerprint application.
Although lots of work is been done on biometric technology but still implementing biometric
technology fingerprint has been still a part of research. Developer also faced some problems in
research as the articles and journals were limited and some of the journals and articles require
paid access. According to the analysis of the system the success rate of the project was good but
security potential was not much high as name based matching was done for authentication of the
fingerprint images.
11.0.1 Limitations of the system
The system developed is only capable to match from one database only. This system is not using
any biometric device for scanning fingerprint image. A dummy database was downloaded for
fingerprint match. The feature extraction functionality was not possible without fingerprint
device and SDK. The system has less security potential as it is using name base fingerprint
matching. The fingerprint image only with format .tif can be added to database system. The
further functionality of the website functions like web attendance and web results were not
created as this system was just a prototype and the main objective was to develop login system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
95 IVNEET SINGH –TP023861
11.0.2 Future enhancement
1. Implementing the enrolment and feature extraction for the fingerprint detection with
device.
2. Using the hardware for fingerprint scan like biometric fingerprint reader.
3. Full functionality of the website working with the fingerprint login system.
4. Increase in the performance of the system with implementing more advance algorithms.
5. Detecting the variations of the fingerprint according to pressure, arch, cuts and dust.
6. Implementing the encryption algorithm for the image conversation.
11.0.3 Main computational challenge
Main challenge for the developer was to understand the functionality of the fingerprint matching
and techniques applied for the feature extraction from the image. The feature extraction process
involves very complicated process and lots of research required to understand the functionality
of the fingerprint system.
The main objective was to provide internet security to the users hence implementing this new
system will be helpful improving internet security. Implementing web based biometric
technology was very difficult task for the developer because it requires running a desktop based
application on the web page. Developer would require to purchase the Bio-plugin and Active x
pro for development of the web based biometric technology which price very high. So, developer
decided to make a prototype of the system without using hardware with name based pattern
image matching for the system.
FINGERPRINT WEB AUTHENTICATION SYSTEM
96 IVNEET SINGH –TP023861
12 References a) Green, Nathan A. Green, 2005. ESTABLISHING PUBLIC CONFIDENCE IN THE
VIABILITY OF FINGERPRINT BIOMETRIC TECHNOLOGY. ESTABLISHING
PUBLIC CONFIDENCE IN THE VIABILITY OF FINGERPRINT BIOMETRIC
TECHNOLOGY, [Online]. 31, 183. Available at:
http://contentdm.lib.byu.edu/ETD/image/etd919.pdf [Accessed 16 December 2010].
b) Jain, Anil, 2001. Personal Identification . Biometric Society, [Online]. 5, 20. Available
at:http://81.70.242.211/eab/manual/Publisher/Kluwer%20www.kluweronline.com/biom
etrics%20personal%20identification%20in%20networked%20society%2097807923834
51%2026558%20c20070107%20%5B422%5D.pdf[Accessed 17 December 2010]
c) Kolodg, Charles , 2001. Biometrics: You Are Your Own Key. Biometrics: You Are Your
Own Key, [Online]. 1, 4. Available
at: http://citm.utdallas.edu/research/Publications/white_papers_source/Biometrics.pdf [A
ccessed 16 December 2010]
d) W. Lewi, Josep, 2002. Biometrics for Secure Identity . Trends and Developments,
[Online]. 13, 26. Available
at: http://faculty.ed.umuc.edu/~meinkej/inss690/lewis.pdf [Accessed 17 December
2010]
e) O’GORMA, LAWRENC, 2003. Comparing Passwords, Tokens, and Biometrics for
User Authentication, [Online]. 3, 20. Available at:
http://isis.poly.edu/~kurt/01246384.pdf [Accessed 17 December 2010]
f) T. Eskridg, Ellise , 2003. BIOMETRIC TECHNOLOGY. TECHNOLOGY, [Online].
Types of Biometric Technologie, 20. Available
at: http://faculty.ed.umuc.edu/~sdean/ProfPaps/Bowie/S09/Eskridge.pdf[Accessed 18
December 2010].
g) Eyenetwatch. 2005. Bio Web-Server. [ONLINE] Available
at:http://www.eyenetwatch.com/Biowebserver/fingerprint_authentication.htm. [Accessed
30 December 10]
FINGERPRINT WEB AUTHENTICATION SYSTEM
97 IVNEET SINGH –TP023861
h) K. Jain, Anil, 2006. Fingerprint. Matching, [Online]. 38, 44. Available
at:http://biometrics.cse.msu.edu/Publications/Fingerprint/JainFpMatching_IEEEComp1
0.pdf [Accessed 02 January 2011]
i) Technology, National Science , 2006. Fingerprint . Matching, [Online]. 3, 13. Available
at: http://www.biometrics.gov/Documents/fingerprintrec.pdf [Accessed 05 January
2011].
j) tech, Fingertech, 2009. FINGERPRINT. TECHNOLOGY WHITE PAPER, [Online]. 1-9,
9. Available at: http://www.biometrics.gov/Documents/fingerprintrec.pdf [Accessed 08
January 2011].
k) . 2011. . [ONLINE] Available at:
http://www.cdc.gov/hepatitis/Partners/Perinatal/PDFs/Guide%20to%20Life%20Appendi
x%20C.pdf. [Accessed 18 January 2011].
l) Sorensen, Reed , 1995. Software Development. A Comparison of Software Development
Methodologies, [Online]. 1-14, 14. Available at:
http://ece.arizona.edu/~ece473/readings/2-
Comparison%20of%20Software%20Development%20Methodologies.doc [Accessed 20
January 2011].
m) Debate – .NET V. PHP: Top 6 Reasons to Use .NET Article » SitePoint. 2011. Debate –
.NET V. PHP: Top 6 Reasons to Use .NET Article » SitePoint. [ONLINE] Available at:
http://www.sitepoint.com/v-php-top-6-reasons-use-net/. [Accessed 05 Feburary 2011].
n) Stan Z. Li, Anil K. Jain, 2009. "Encyclopedia of Biometrics". 2nd ed. ISBN: 0387730028
: Springer.
o) Newman, Robert , 2010. Security and Access Control Using Biometric Technologies. 2nd
ed. ISBN-10: 1435496671: Delmar Learning.
FINGERPRINT WEB AUTHENTICATION SYSTEM
98 IVNEET SINGH –TP023861
13 Appendix A
Coding
Add function Dim myconn1 As SqlConnection = New SqlConnection myconn1.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Ivneet\Desktop\Ivneet_Singh_FYP_Final_Version1.1.2\App_Data\FingerprintDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True") Dim scomma1 As SqlCommand = New SqlCommand scomma1.Connection = myconn1 scomma1.CommandText = ("INSERT INTO FingerprintDetailsTable(Username, Password, SecurityQuestion, SecurityAnswer,Fingerprint) VALUES('" & TextBox1.Text & "','" & TextBox2.Text & "','" & DropDownList2.Text & "','" & TextBox4.Text & "','" & FileUpload1.FileName & "') ") myconn1.Open() Dim sdr1 As SqlDataReader = scomma1.ExecuteReader If True Then MsgBox("Saved in Database") Else MsgBox("Access Denied ,Try Again!") End If
Search function
If true then search result else display=”no match found”
Delete function
Dim myconn1 As SqlConnection = New SqlConnection myconn1.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Ivneet\Desktop\Ivneet_Singh_FYP_Final_Versi
Data
Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\FingerprintDatabase.mdf;Integrate
d Security=True;User Instance=True
Search from fingerprint_table where username= ” ”
FINGERPRINT WEB AUTHENTICATION SYSTEM
99 IVNEET SINGH –TP023861
on1.1.2\App_Data\FingerprintDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True") Dim scomma1 As SqlCommand = New SqlCommand scomma1.Connection = myconn1 scomma1.CommandText = ("DELETE FROM FingerprintDetailsTable WHERE Username = '" & TextBox1.Text & "'") myconn1.Open() Dim sdr1 As SqlDataReader = scomma1.ExecuteReader MsgBox("Deleted From Database")
Login function
Dim U1 As Char Dim connection As SqlConnection = New SqlConnection connection.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Ivneet\Desktop\Ivneet_Singh_FYP_Final_Version1.1.2\App_Data\FingerprintDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True") Dim command As SqlCommand = New SqlCommand command.CommandText = ("SELECT Username,Fingerprint FROM FingerprintDetailsTable WHERE Username = '" & TextBox1.Text & "'AND Fingerprint = '" & FileUpload1.FileName & "'") command.Connection = connection connection.Open() Dim reader As SqlDataReader = command.ExecuteReader() If reader.Read = True Then U1 = TextBox1.Text Server.Transfer("StaffPage.aspx") ElseIf TextBox1.Text = "admin" And FileUpload1.FileName = "110_4.tif" Then Server.Transfer("AdminPage.aspx") Else MsgBox("Access Denied ,Try Again!") TextBox1.Text = "" End If
FINGERPRINT WEB AUTHENTICATION SYSTEM
100 IVNEET SINGH –TP023861
14 Appendix B
14.0 Gantt chart
# Tasks Days Start Finish % Cost Assignments 1 Introduction to Study 3 11/22/2010 11/24/2010 0 $0.00
2 Background to the Project 3 11/25/2010 11/29/2010 0 $0.00
3 Problem Finding 11 11/30/2010 12/14/2010 0 $0.00
4 Literature Review 10 12/16/2010 12/29/2010 0 $0.00
5 Primary Research 18 12/30/2010 1/24/2011 0 $0.00
6 Secondary Research 15 1/25/2011 2/14/2011 0 $0.00
7 Analysis 21 5/4/2011 6/1/2011 0 $0.00
8 Design 12 6/3/2011 6/20/2011 0 $0.00
9 Implementation 7 6/21/2011 6/29/2011 0 $0.00
10 Testing 5 6/24/2011 6/30/2011 0 $0.00
11 Critical Evaluation 2 7/1/2011 7/4/2011 0 $0.00
12 Conclusion 1 7/4/2011 7/4/2011 0 $0.00
FINGERPRINT WEB AUTHENTICATION SYSTEM
101 IVNEET SINGH –TP023861
15 Appendix C
15.0 Survey Design
Fingerprint Web Authentication System
This survey is carried out as partial fulfilment for the cause of bachelor's degree research. The
research is entitled as “Fingerprint Web Authentication System ". Objective of this survey is to
collect data from the lectures working in the university and also to know importance of
implementing security into university websites. The data is needed to know about the
importance, security and usability of biometric systems. The Fingerprint Web Authentication
System will authenticate the lecturers using their fingerprint while logging into the university
website. This system will help in increase in security on websites as much confidential
information is been available. I hereby declare that all your personal information will be kept
confidential.
Kindly Specify your personal Information * Job Title and Work Experience
How often do you use your university websites? * If you answer "Never" please skip the survey
else continue
Always
Sometimes
Never
FINGERPRINT WEB AUTHENTICATION SYSTEM
102 IVNEET SINGH –TP023861
What is the main purpose for using university websites?
Frequently
used Seldom Never
Web-mail
Web attendance
Web results
Library
Schedules
What are the major issues you face while login into university website "You can choose multiple
options"
GUI problem (Hard to understand the interface of the system)
Security (Sometimes you forget your password or accounts get compromised)
Performance (Delay in time while login)
Others please specify
Logging into university websites using only username and passwords, do you think it is secure as
username and passwords can be easily acquired / hacked If "Agree" with above statement ,
please specify your comments
Agree with above statement
Disagree with above statement
FINGERPRINT WEB AUTHENTICATION SYSTEM
103 IVNEET SINGH –TP023861
Do you think implementing biometric technology on university websites will increase security
“If you answer No then please skip the survey else continue"
Yes
May be
No
What type of functionality do you think will be best for increase in security?
Using username and fingerprint
Using only fingerprint
Using username, security question and fingerprint
"The system will authenticate the university lecturers or staff members using their fingerprint to
login into their university website accounts." Do you require training for using this system?
Yes
May be
No
Please suggest any other technology or system except biometrics to increase in security for
websites (Optional)
FINGERPRINT WEB AUTHENTICATION SYSTEM
107 IVNEET SINGH –TP023861
15.2 Interview Date: 19
th April 2011 Time: 10:00 AM – 10:45 AM
Interviewee: (Project Manager CTI Group) Location: CTI Group
Y: interviewee K: Interviewer
K: Good Morning! Mr. Sir! My name is Ivneet Singh
Y: Good Morning! You can call me Reza!
K: Ok, Mr. Reza! First, I would like to thank you for allowing me to conduct interview
Y: You are most welcome!
Y: Would you like to have some coffee or tea!
K: No, Thanks a lot sir
Y: Hope you don’t mind if one of my employee wants to join!
K: No sir, in fact it will be a great idea
Y: ok!
K: Sir! Can I record our interview conversation for my documentation purpose?
Y: yes sure! But is it really necessary
K: It will be very helpful for me for further documentation in my project
“The rest of the detailed conversation is being recorded and documented in analysis part.”
FINGERPRINT WEB AUTHENTICATION SYSTEM
108 IVNEET SINGH –TP023861
16 Appendix D
16.0 Project Specification Form
Project Specification Form (PSF)
Name : Ivneet Singh
Student ID : TP023861
Title :
Next Generation Web-Authentication System By Emerging Biometric
Technology
Supervisor : Indah Nadialenny Binti Mohd Ismail
A. Title:
Next Generation Web-Authentication System By Emerging Biometric Technology
B. Brief description on project background. (.i.e. problem context, rationale, description of
problem area, nature of challenge)
Now day’s internet is being used widely, and online users are increasing rapidly. Through
internet people do things like banking, shopping, communications, manage their business and
other confidential data is also being transfer through internet.
Current problems:
1. Internet accounts get compromised (Hacking of accounts like email accounts , social
networking accounts , banking accounts).
2. Frauds happening all around the internet.
3. Sometimes users forget their account user-name or passwords.
4. Not able to authenticate genuine user
5. Hackers mostly use sniffer tools on the network to hack into someone’s account and get their
personal information. There are many tools available that can track your activity that you are
performing on PC or laptop while you are working, it can even store the keystrokes like which
keys you are using while entering your user-name and password.
Current solution in market:
1. Companies comes up with sign-in seals on their account to verify the user.
2. Some banks sends SMS with password every time you want to login in your account.
3. To prevent key loggers some people use anti-virus and firewalls but some key loggers are
not detected by anti-viruses and firewalls.
Developer might come up with a new solution that might help internet users to be safe, so that
they can use internet safely and can perform several operations on internet like banking (money
transfer), shopping (buy and sell products) etc. Developer might face big challenges to build up
such an application which will authenticate online user on website using biometric technology.
User will be recognizing on their thumb impression, they need not to login or remember their
FINGERPRINT WEB AUTHENTICATION SYSTEM
109 IVNEET SINGH –TP023861
username and password every time they login. They just need thumb impression to be
recognized and authenticated.
This is business oriented project that can help the companies and domestic users to be safe on
internet world. This system will be one step ahead for improving the security problem in the
current system as the system might authenticate the user using biometric technology. The
developer might develop a dummy data for the biometric database which might consists the
biometric details of the users that are thumb prints.
C. Brief description of project objectives.
(i.e. scope of proposal and deliverables)
The Motto of the project is: "Providing Internet Security "
The scope of the project is to design and develop a biometric authentication system in order to
eliminate the current problems related to internet security.
The aim of the project is to develop a biometric authentication system.
The objectives of the project are:
1. To improve security for internet users using thumb recognizing.
2. To prevent the happening of fraudulent activities such as hacking of accounts passwords and
misuse them
3. To obtain fast and accurate authentication results that is cost effective.
Proposed system: This system will be prototypical implementation of real system
In order to solve the major problems facing the manual authenticating system, the developer
would at least deliver the following as core functions of the system:
1. Users biometric database: This function will add/edit and store biometric details such as
(thumb) biometric information of users.
2. Users authentication: This function will identify the user and grant access to their account. It
will identify the person’s biometric details from database and authenticate respectively.
However, in addition to the above mentioned core functions, if sufficient time and resources
are available for the developer after having completed the core functions, the developer will
also attempt to implement the following enhancement functions and special features, though
these features are out of scope of the project.
Enhancement Functions:
FINGERPRINT WEB AUTHENTICATION SYSTEM
110 IVNEET SINGH –TP023861
1. Designing full website for login using bio-metric.
2. Face recognizes system integrated with proposed system.
Special Features:
1. Authenticate users while login
2. User really don’t need to remember there ID and Password while login into their accounts
The project will deliver the following as project deliverable:
A biometric authentication system consisting at minimum the above mentioned core functions.
Technical documentation and user manual of the system.
D. Brief description of the resources needed by the proposal.
(i.e. hardware, software, access to information / expertise, user involvement etc.)
Hardware resources:
A computer system with a J2EE Integrated Development Environment (NetBeans bundled with
the application and database server would be sufficient) is required to design and develop the
system.
A biometric thumb reader will be required to test the biometric authentication function if this
function is going to be implemented in the system.
Technical requirements:
Components Specifications
COMPUTER
Laptop – Sony vaio
Backup - Lenovo
Processor
Minimum
2.1 GHz
32 bit
Intel Core 2 Duo processor
Recommended
2.4 GHz and above
32 bit and above
Core 2 Duo , Core 2 Quad and later
RAM
2 GB or more
Hard Disk
FINGERPRINT WEB AUTHENTICATION SYSTEM
111 IVNEET SINGH –TP023861
250 GB or less
Software resources
Environments Specifications
Visual studio 2010
HTML
C#
Asp.net
Net Beans 06
ORACLE/ SQL 2010
User Involvement:
Students
University lecturers
E. Academic research being carried out and other information, techniques being learnt.
(i.e. what are the names of books you are going to read / data sets you are going to use)
The project would require the developer to do research and strengthen the understanding on the
following areas of knowledge, both domain and as well as technical research areas, without
which the developer will not be able to deliver a good academic project.
Domain Research:
1) Existing biometric systems will be analyzed and research in these field will be done.
Technical Research:
Thumb Recognition: Research is required on how thumb recognition function can be built into
the system.
Relational Database Management Systems (RDBMS): Research on the different RDBMS is
important to determine which database is most appropriate to be used in this particular
scenario.
Fault Tolerance: This area is important for research because this characteristic is of utmost
importance due to the nature of the system (authenticating systems cannot tolerate any down
time during its operation).
System Development Methodologies: Research needs to be done to examine different system
development methodologies and determine which methodology best suits this project. This
might require the developer to combine tools and techniques used in different methodologies
and to come up with a hybrid methodology.
The following is an initial list of resources the developer plans to use to do research on the
afore mentioned technical areas;
FINGERPRINT WEB AUTHENTICATION SYSTEM
112 IVNEET SINGH –TP023861
Books:
1. Harry Henderson,1998. Systems Analysis and Design Methods. 4th ed. The McGraw-Hill
Companies, Inc.
2. Gosselin and Don , 2000 . ASP.NET programming with C# & SQL server.
3. C. J. Gahan , January 2004 . BT Technology Journal , Volume 22 Issue 1 . The Kluwer
Academic Publishers
4. John Chirillo and Scott Blaul , April 2003.Implementing Biometric Security, 1 edition
The Hungry Minds , Inc
F. Brief description of the development plan for the proposed project.
(i.e. which software methodology and why, the major areas of functions to be developed
and the order in which developed)
Waterfall model has well-structured and clear cut stages.
These stages can be completed step by step as top down approach.
This gives a clear picture even for the novice developer as the stages are very straight forward,
so the developer can plan in detail what activities to do at each stage in turn and even set a
schedule to complete individual stages.
Development activities cannot be carried out in parallel as the project will be done by one
developer and therefore a step by step approach would be more appropriate.
Biometric systems are very straight forward in terms of its functionality. Once the requirements
are identified it can be frozen without any hassle therefore there is almost zero chance for a
scope creep to happen due to the static nature of the system.
Requirement Phase:
In the analysis phase the developer will study the current system and define the requirements
for the new system. The problems will be clearly defined and the deliverable at the end of this
phase will be a requirement document. This stage includes a detailed study of the business
needs of the aviation. The developer will make a set of interview questionnaires which is
required to be filled by the client. The focus of the questionnaire is to understand the business
processes, the activities and also to investigate the problems in the current system.
Design Phase:
The input for the design phase is the requirement document resulting from the requirements
phase. During this phase the developer will select the algorithms and data structures will be
chosen. The internal data flows will also be determined. The developer might decompose the
system into modules and design these modules with well-defined interfaces to other modules.
The developer might use object-oriented design techniques. The deliverables of this stage will
be the architectural design and detailed design documents.
FINGERPRINT WEB AUTHENTICATION SYSTEM
113 IVNEET SINGH –TP023861
Implementation Phase:
The input to this stage is the design documents produced during the design phase. In this phase
the developer will code the various component modules according to the design documents.
G. Brief description of the evaluation and test plan for the proposed project.
(i.e. what is the success criteria and how will be evaluated & implementation will be
tested, indicate the estimated size of the demonstration/test database)
The functions/features will be tested by using dummy data on testing simulators. The project
will be considered as successful if the test results for the core functions show success status in
all types of tests that are performed. After the implementation of the system, it will be tested by
the users .
Comments:
A basic idea of the proposed project is clear. Can continue with the research and development.