DESIGN AND IMPLEMENTATION OF A SECURE SYSTEM DOCUMENT

FOLDER LOCKER

BY

NDA/11069
CDT E KOGBARA

SUPERVISOR:
Dr. PO ODION

DEPARTMENT OF COMPUTER SCIENCE, NIGERIAN DEFENCE ACADEMY

KADUNA

2019

1
 CHAPTER ONE

INTRODUCTION

1.1 Background of the Study

Because of the increasing threat to computer system and the information they store and

process are valuable resources which need to be protected. Authentication refers to the

techniques where users have to prove the claim of their identity to the identifier. There are

many techniques through which users can be authenticated. Some of the password

authentication techniques are knowledge based, token based, and biometric. Text password

based technique and graphical password based technique comes under knowledge based

authentication technique. A text password is a secret word or string of character that is used

for user authentication to proven identity or for access approval to gain access to a resource.

The easier a password is for the owner to remember generally means it will be easier for an

attacker to guess.

However, passwords which are difficult to remember may also reduce the security of

a system because

1) user might need to write down or electronically store the password,

2) users will need frequent password resets and

3) users are more likely to re-use same password. Unfortunately, these passwords are broken

mercilessly by intruders by several simple means such as masquerading, Eaves dropping and

other rude means say dictionary attacks, shoulder surfing attacks, social engineering attacks.

A graphical based password is one promising alternatives of textual passwords, as

according to human psychology, humans brain can recall or memories the visual thing in a

well manner than text. In graphical password based technique sequence of images are uses

which are more memorable than sequence of characters. There are many graphical based

2
password scheme is available. Of interest herein are cued-recall click-based graphical

passwords. Example systems include pass point, cued click points and persuasive cued click

points. The guessing attacks capture attack, and hotspot problems reduce the security of pass

points and cued click point.

To overcome this we are trying to implement persuasive cued click point’s technique

that is here we are using image password for authentication and security and we are also

implementing SHA for encrypting the folder to provide more security to folder. The paper is

structured as follow. We discuss about graphical password technique, persuasive cued click

point, methodology, modules description, application, security and conclusion.

Locking folders is the best way to guarantee that nobody accidentally or intentionally

gets access to your financial, health, private, and confidential information. Presently used

password based systems have a number of associated inconveniences and problems such as

user needs to remember passwords, passwords can be guessed or broken down via brute force

and also there is problem of non-repudiation. Image password seems to be a better way out.

1.2 Statement Of Research Problem

Providing security to the folder is most challenging job for the developers to be developed

which will neither access or decrypted by the crackers. Information seekers tend to handle a

system and search all the system folders seeking for information from the system which can

be used by them. Friends have turn out to be more of a treat than a friend, because the fact

that you gave them access to your system, they explore it and made away with your vital

credentials on the system. Therefore, the challenge of creating a folder locker need arise, and

creating one with a secure and reliable source of authentication.

1.3 Aim and Objectives of the stud

3
 The main aim of the study is to develop folder encryption password to prevent

unauthorized users gaining access to the folders. The following objectives to achieve

in this study.

i. Develop a secure system folder locker

ii. Build a new algorithm for the security model of the folder locker application

iii. Create a windows application for securing any folder with its contents, by setting

a pass key for accessing that folder.

iv. The new system design will be an image authentication system and an alternative

of alphanumeric one too.

1.4 Significance of the Study

This work will enhance the security level of one’s privacy on his system. It will be a one-step

project to the level at which information is high jack from the hackers. The research will also

be beneficial to the researcher. This is because the study will expose the researcher to so

many related areas in the course of carrying out his research, this will enhance the

researcher’s experience, knowledge and understanding on real live application and solution

solving techniques.

1.5 Scope of the study

This research work is centered on system application for security validation of folder access

control and its content. Therefore, this study will work out only for the application which a

folder locker using an image model or alphanumeric is passing key for validation means or

authentication.

1.6 Limitation of the study

Inaccessibility to some documents, which arose due to security, imposed on some of the

organization documents by the management. It was not also possible to make an in-dept

study of these documents, which would have helped in the development of the project work.

4
Time allotted may post some major limitation to this write up, there was not enough time to

study the details of the various field of the information department of the organization and

unavailability of textbook needed for this write – up was not found in the institution library.

1.7 Motivation for study

Before I embarked on this research work, a careful study with a feasibility study was carried

out by me; I discovered that my friends keep having access to my private files in the folder

where they are kept. What actually motivated me to carry out this work was for the reason

that, I made once visited my friend, a computer wizard and he had do much trust on me and

left me with his system and I took an advantage of it, I searched all his system folders and

files and explore it, copied some of the project he is working on, al his data that I should not

have access to. Third parties information was all copied by me. After that, on a second tough

I think the same way someone else can do same to me, I had to come up with an idea of a

folder locker where my personal data will be saved and secured from anyone using my

system to have access to.

1.8 Methodology

Research methodology is a systematic study of principles guiding scientific and other types

of investigations. This has to do with procedures or techniques of investigations i.e. methods

used by the researcher to collect data or information.

There are various methods of data collections Primary and Secondary methods. Primary

methods includes interviews, questionnaire etc and Secondary methods includes

documentation and so on.

1.7.1 Method of Data Collection

5
There are different methods of data collection but the method of data collection that will be

used in this project work is Documentation Method. Documentation method is a secondary

method of data collection. This method involves the use of journals, handbooks, newspapers

and projects. This method of data collection was used because it serves as a basis of reference

to existing research work. This includes:

a) Internet: This method of data collection is secondary. The web was used in sourcing

for information such as historical development of cryptography, the types of cryptography

through various web sites such aswww.securitydata.com.

b) Past Projects: Information sourced from past projects includes definitions,

illustrations, and references.

1.7.2 Design of the Proposed System

This software is designed to ensure that files are well secured on systems be it personal

computers, companies computers and the likes. A first time user that intends to encrypt a file

with this software will be required to start by creating his preferred user name and password

and when this is the done, the software automatically generates a user id for the person, now

the user can move to the next stage where he can encrypts desired file. At the encryption

stage, the user id that was generated will be requested for as well as the user name and

password, when this is done accordingly, it will request for E-key which means encryption

key and then it will request for the file location; it will automatically display the file

extension after which the user clicks on the encryption button and the file will be encrypted.

To decrypt the encrypted file, the file name will be requested for and it can be found in the

drop down menu where all encrypted files will be listed, once the file is selected, user will

click on decrypt button, it will requests for key which will be the same key that was used to

encrypt the file since the symmetric key algorithm is employed, if the user enters the right

6
key and press enter, the file will be decrypted and then the interface can be closed and the

user can now open the document from wherever it is on the system

1.7.3 Input Specification

Input specification is the logical presentation of how data is stored in the computer’s

memory.

1.7.4 Output Specifications

The output specification refers to the arrangement of headings and other data on the output

document either as “Soft copy” or as “Hard copy”. The aim is to give a clear picture (format)

of the output to the user and software developer

1.7.5 System Requirements

System requirement is a combination of hardware and software components that makes work

to be carried out. The system requirement for this research work is subdivided into Hardware

and Software requirements.

Hardware Requirements: Hardware is the computer equipment and devices that are

involved in the function of a computer system together with the software components.

Hardware are the physical components of the computer system assembled together to interact

with the software in order to form a composite system.

The minimum hardware requirements are:

i.CPU Pentium III (886 MHz) processor

ii.100MB available disks space

iii.RAM (256MB)

iv.Keyboard

7
 v.Mouse

vi.14’SVGA Coloured Monitor

vii.U.P.S 650va (uninterrupted power supply)

viii.Hard Disk Drive (HDD) of 60GB

Software Requirements: Software is set of program modules needed to control and co-

ordinate the activities of the hardware device of the computer system.

The software requirements are:

i. Operating System (O/S) (e.g. Windows XP)

ii. Visual Basic 12.0

iii. Ms-Access 2010

1.7.6 Use Case Diagram

Use Cases are services or functions provided by the system to its users and to identify the

primary elements and processes that form the system. The primary elements are termed as

“actors” (User) and the processes are called “Use cases”. The Use Case diagram shows how

actors interact with each use case and the purpose of a Use Case diagram is to provide a

graphical view of the functionality provided by the system in terms of actors, goals of actors

(represented as Use cases) and dependencies between Use cases.

1.8 Definition of Key terms

Encryption: is the process of encoding messages or information in such a way that only

authorized parties can read it.

8
Decryption: The process of decoding data that has been encrypted into a secret format.

Decryption requires a secret key or password.

Lock: a mechanical device used to secure items of importance.

A password: is a word or string of characters used for user authentication to prove identity or

access approval to gain access to a resource (example: an access code is a type of password),

which is to be kept secret from those not allowed access.

Authentication: is a process in which the credentials provided are compared to those on file

in a database of authorized users' information on a local operating system or within an

authentication server.

Validation: is act of confirming that a user details meets the needs of its users

Software: These are program for computer which allows certain specific task to be

accomplished e.g. word process etc.

Hardware: Computer equipment used to perform input processing and system output

activates.