This document proposes and explores two geographic authentication schemes called GeoPass and GeoPass-Notes. GeoPass requires users to select a location on a map as their password, while GeoPass-Notes adds an annotation associated with the location. User studies found that annotated location passwords have increased security with minimal usability impact. The document also describes a system that allows employees to privately share commute routes and locations with their employer to earn rewards, while maintaining location privacy through encryption. It outlines modules for users to view locations, routes, and share encrypted locations and passwords with administrators, who can then decrypt and view the data.
An exploration of geographic authentication schemes abstract
1. An Explorationof GeographicAuthentication
Schemes
ABSTRACT:
We design and explore the usability and security of two geographic
authentication schemes: GeoPass and GeoPass- Notes. GeoPass requires
users to choose a place on a digital map to authenticate with (a location
password). GeoPassNotes—an extension of GeoPass—requires users to
annotate their location password with a sequence of words that they can
associate with the location (an annotated location password). In
GeoPassNotes, users are authenticated by correctly entering both a
location and an annotation. We conducted user studies to test the
usability and assess the security of location passwords and annotated
location passwords. The results indicate that both variants are highly
memorable, and that annotated location passwords may be more
advantageous than location passwords alone due to their increased
security and the minimal usability impact introduced by the annotation.
Geographic authentication schemes can be explained by our project geo
authentication. In which the remembrance of password and password
hacking can be overcome by choosing a place on the google map and set
it as a password for further authentication which also contains a Geo
notes followed by geo pass which is nothing but the description about
the place which the user wish about the place.
The project also includes location privacy saying how the location is
shared without the interference of the third party which can be done by
encryption and decryption techniques where the user encrypt his location
and send that location to the user and separately send password in the
password share module to the email service if only if the admin is
having the password he can decrypt the users location. Thus made the
whole process as secured and implemented location privacy. A demo for
this can be given with the following scenario, .A Company which
promotes green commuting and wellness may reward their employees
who walk or bike to work. The company may encourage daily walking
2. goals of some fixed number of miles. Employees need to prove their past
commuting paths to the company along with time history. This helps the
company in reducing the healthcare insurance rates and move towards
sustainable lifestyle. Location can be shared secretly to others without
the interference of third party.
The user module consists of four category .They are:
My Location
Route
Sharing location
Sharing Password
In the location the user can find his current location. And in the route the
user can find his route to his destination place. The share it module is
used to share user position to admin for further processing .Where the
location is shared secretly with the admin by AES encryption and
decryption method with a password.
GEO AUTHENTICATION:
In the registration the user has two registration modules they are geo
registration and app registration. Without geo registration he can’t share
his location to admin thus made it clear that anyone can’t share his
location without the knowledge of the user if only if the geo
authentication password is known the location can be shared made the
system as perfectly protected.
The admin module again consists of three categories they are:
User details
Location details
Sending SMS
3. In the user details the admin can view the registered user details. And in
the location details the location of the user will be displayed which will
be revealed only when the admin is able to decrypt the encrypted data
with the same password which the user has used to encrypt the data.
When the admin decrypt the data he will be able to see the time, date,
user name and the location of the user. For decryption he needs a
password which is used by the user, the user sends he password to the
user through email, from there admin can view the password and utilize
it for decryption. Further the admin can verify the distance of the user
from the office location. On determining the distance if it is of minimum
distance the admin will encourage the user to come by walk or to take
bicycle to reach office or the user can be provided with any gift voucher
by doing this the company will get reduced of health insurance issues.
Thus the user can share his location proof secretly with admin and the
admin too use his distance for office sake.
EXISTING SYSTEM:
Passwords have well-known problems relating to their memorability and
vulnerability to being easily guessed by an adversary. The security
problems with passwords appear to be even worse than previously
believed. To ensure security requirements are met, unusable password
policies are implemented that cause an increasing burden on users.
When passwords are forgotten, many systems rely on secondary
authentication such as challenge (or “personal knowledge”) questions
for resetting his or her password. Unfortunately, such methods also
appear to offer questionable security. These issues motivate new user
authentication strategies that have improved memorability and security.
Location privacy is an extremely important factor that needs to be taken
into consideration when designing any location based systems.
Revealing both identity and location information to an untreated party
poses threats to a mobile users. Today's location-based services solely
rely on users' devices to determine their location, e.g., using GPS.
4. DISADVANTAGE:
Passwords have well-known problems relating to their
memorability and vulnerability to being easily guessed by an
adversary.
Passwords are forgotten.
Revealing both identity and location information to an untreated
party poses threats to a mobile users.
Lack of accuracy. It is very burden to Users.
Lot of paper works.
PROPOSED SYSTEM:
People generally have better memory for images over words this has
motivated many graphical password schemes that involve users
remembering images (or parts of images) instead of words. We
hypothesize that location passwords should be highly memorable under
an appropriate system design; after all, map locations are visual, and
represent places (which may be more “concrete” and easier to
remember). A challenge that we tackle is designing location password
interfaces that are memorable and provide security against guessing
attacks. Therefore, we aim to enhance the security of location passwords
by asking users to choose a note they can associate with their chosen
location; we call this combination of the location password and its note
an annotated location password. Users are authenticated by correctly
entering both a location and an annotation. In essence, an annotated
location password is using the location component to cue a user’s
memory for text information; however, both components (location and
text) are used together for stronger authentication. GeoPassNotes is our
implementation of an annotated location password system.
5. ADVANTAGE:
stronger authentication
The addition of the annotation is simple but purposeful
Increase resistance to both online and offline attacks
Reduce time for searching the route between the locations. Gives
accurate details about the current location.
User friendly. Reduces paper works. Easy communication between
user and the admin.
AREA COVERED:
Geo authentication
Location privacy
Encryption
Decryption
Efficient usage of GPS.
Architecture:
Architecture:
USER
Encrypt
Admin
SharingLocation Decrypt CheckLocation
Key
Geo authentication
6. MODULES:
The location proof application consists of two modules .They are:
Admin
User
ADMIN:
The admin module consists of three categories they are:
User details
Location details
Sending SMS
USER:
User Module has two registrations. They are:
Geo Registration
App Registration
App Registration:
App Registration lets you to register and login to the user module you
can use the user module.
Geo Registration:
Geo registration, without geo registration he/she can’t share his location
to admin thus made it clear that anyone can’t share his location without
the knowledge of the user if only if the geo authentication password is
known the location can be shared made the system as perfectly
protected.
The user module consists of three categories they are:
7. My location
Finding route
Sharing location
Sharing password
My Location:
In the My location the user will find his current location in the Google
map on single button click helps him to find his current location.
Finding Route:
Finding route the user can find his route with distance to reach his
destination along with the time taken to reach the distance.
Geo Authentication:
Unless you register in the geo registration you can’t step into share it
module. In the authentication it will ask for geo pass and geo notes
associated with the geo pass. On successful login you will be redirected
to share it module.
Sharing location:
In the sharing location the user will share his location to the user .Where
sharing is made privacy. This means the user share his location
encrypted with a password. And if only the password is known by the
admin, he can decrypt the user location which is known as the privacy
preserving location sharing.
Sharing password:
8. For sharing password the user will share his password to the admin
through mail. The admin will utilize the password from the mail.
WORK FLOW:
WORK FLOW:
9. SYSTEM SPECIFICATION:
HARDWARE REQUIREMENTS:
System : Pentium IV 2.4 GHz.
Hard Disk : 40 GB.
Floppy Drive : 1.44 Mb.
Monitor : 14’ Colour Monitor.
Mouse : Optical Mouse.
Ram : 512 Mb.
SOFTWARE REQUIREMENTS:
Operating system : Windows 7 Ultimate.
Coding Language : Java.
Front-End : Eclipse.
Data Base : SQLite Manger.
CONCLUSION:
Passwords have well-known problems relating to their memorability
and vulnerability to being easily guessed by an adversary. Passwords
are forgotten. To overcome this type of problems we are using
location as password. Thus we can overcome password forgotten
problem because people have better memory over place than the
passwords. Stronger authentication. The addition of the annotation is
simple but purposeful. Increase resistance to both online and offline
10. attacks. Reduce time for searching the route between the locations.
Gives accurate details about the current location. User friendly.
Reduces paper works. Easy communication between user and the
admin. Thus geo authentication is explained.