An Efficient QR Code Based Web Authentication Scheme

Nowadays, web authentication is the main and important measure which guarantees the information security and data privacy. Web authentication provides the basis of user accessibility and data security. In the last few years, frequent outbreaks in the password databases lead to a main concern in the data security. The default method for the web authentication is password only mechanism. There are many security problems associated with the password only approach. Many users have a tendency to reuse the same password in different websites. So when one password is being compromised, it may lead to the password break of the other websites due to the password reuse. In order to improve the security, Two factor authentication (TFA) is strongly recommended. But despite of this, TFA has not been widely accepted in the web authentication mechanism. Due to the high scale and drastic popularity of the mobile phone and an inbuilt function of the barcode scanning through camera lead to a new two factor authentication method. In this paper, the proposed two factor authentication protocol uses mobile phone with one or more camera as the second factor for the authentication. The proposed TFA in web authentication counter various attacks such as man in the middle attack (MITM), phishing attacks and so on. Here password is the first factor and mobile is used as the second factor for the web authentication. The communication between the mobile phone and the PC is with the help of visible light. Visible light communication has many advantages as compared with other communication mechanisms. There is a less cellular cost in this scheme which indicates the user does not need cellular network or Wi-Fi for the authentication

Profile Analysis of Mobile Application Security

ABSTRACT This thesis conducts profile analysis on the mobile application security using peer-review articles that were published from 2010 to 2018. From the analysis, we will identify prolific authors, intuitions, and geographic regions as well as the topics addressed by the articles. The profile analysis will reveal most frequently used research methods, research approaches (quantitative, qualitative and mixed), and theories used to study the field. This thesis reveals that none of the researchers have made significant contributions to the field, and researches are not collaborating to solve their research problems. The profile analysis shows that surveys and experiments are the most utilized research methods, and most researchers studied the field at a higher level, i.e., security was the focus of the research but did not go deeper into various aspects of security such as privacy, security vulnerabilities, and mobile application security best practices