Presentation of website analytics in webi

hemantshrivas2004 11 views 16 slides Oct 13, 2024
Slide 1
Slide 1 of 16
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16

About This Presentation

authentication of device

Size: 2.52 MB
Language: en
Added: Oct 13, 2024
Slides: 16 pages

Slide Content

Jawahar Education Society’s, A. C. Patil College of Engineering, Kharghar, Navi Mumbai-410210 University of Mumbai(AY 2022-2023) Department of Computer Engineering E-AUTHENTICATION FOR THE WEBSITE HEMANT BUDDHADEV DAS (231041009) PARTH PRAKASH DESAI (231041053) SAKSHI AJAY SHUKLA (231041025) PRATIKSHA BALAJI RATHOD (231041006) Name of the Mentor Prof. Bhagyashri Kulkarni

Authentication for Software E-authentication for mobile apps refers to the process of verifying the identity of a user electronically, ensuring that the person accessing the app is who they claim to be. This is critical in mobile applications, especially those dealing with sensitive information like banking, healthcare, or personal data

MOTIVATION Protection of Personal Data: E-authentication safeguards your sensitive information, reducing the risk of identity theft and fraud. Enhanced Security: Strong authentication methods provide multiple layers of security, making it harder for unauthorized users to gain access. Compliance with Regulations: Many industries require strict authentication protocols. Implementing these can help ensure compliance and avoid legal issues. User Empowerment: E-authentication gives users control over their accounts, allowing them to manage their security settings and be proactive about their online safety.

Key Aspects of E-authentication in Website: 1. *Security*: E-authentication helps protect against unauthorized access, data breaches, and fraud by ensuring that only verified users can access the app. 2. *Types of E-authentication*:    - *Password-based Authentication*: The most common method, where users log in using a username and password. However, it can be vulnerable to attacks like phishing or brute force.

LITERATURE SURVEY AUTHOR BOOK TITLE PUBLICATION YEAR ADVANTAGES DISADVANTAGES Bill Harper Mastering OAuth 2.0: Build secure and scalable systems 2021 OAuth 2.0 allows *delegated access*, enabling third-party applications to access a user's data without requiring them to share their credentials. OAuth 2.0 can be *complex to implement*, especially when managing advanced features like token refresh and ensuring security against token interception or leakage. Aaron Parecki OAuth 2.0 simplified 2017 It makes OAuth 2.0 easier to understand and implement, allowing developers to quickly grasp the basics and integrate it into their applications It risks over-simplification, which can lead to security issues or difficulties when dealing with more advanced use cases.

AUTHOR BOOK TITLE PUBLICATION YEAR ADVANTAGES DISADVANTAGES Brain Pontarelli Securing Applications with Multi-factor Authentication 2019 Enhanced Security* – Multi-factor authentication significantly improves security by requiring users to provide multiple forms of verification, making it harder for attackers to gain unauthorized access. *User Friction* – Implementing MFA can introduce additional steps for users, potentially leading to frustration or lower adoption rates due to the extra effort required during the login process Eve Maler, Drummond Reed The laws of decentralized Identity & Authentication 2020 User Control and Privacy* – Users have full control over their identity data, reducing reliance on centralized authorities and enhancing privacy. Complexity for Users* – Managing cryptographic keys and credentials can be difficult, especially for non-technical users, and losing keys may result in permanent loss of access.

Research gaps in e-authentication in websites:

The objectives of e-authentication (electronic authentication) To secure digital identities, protect sensitive data, comply with regulations, enhance user trust, and provide a convenient yet secure user experience. Additionally, it aims to support scalability, facilitate auditing, prevent fraud, and achieve cost efficiency.

Architecture Components: Mobile App (Client) User Interface (UI) Local Storage (for biometric data, access tokens) API Client Authentication Server Database (stores user credentials and tokens) Authentication APIs Token Manager (issues and verifies JWT tokens) OTP Generator Third-Party Services Push Notification Service (for OTP delivery) Biometric SDK (for fingerprint/face authentication)

Block Diagram

Algorithm Authentication Algorithm: User Authentication (Password or Biometric): The user enters a username and password or provides biometric input. If biometric authentication is used, the mobile app utilizes the device's biometric sensor to capture the biometric data and compares it with the stored biometric template using the device's secure hardware. If password-based authentication is used: The app sends the username and hashed password to the server. The server validates the credentials against the stored user data. If valid, proceed to OTP authentication. OTP Authentication: After successful password verification, an OTP is generated and sent to the user's registered phone number or email. The user enters the OTP in the app. The app sends the OTP to the server for validation. If the OTP is valid, a JWT token is generated. Token Generation: The server generates a JWT token containing the user’s unique identifier and sets an expiration time. The token is returned to the mobile app, which stores it securely. For subsequent requests, the app includes the JWT token in the headers to access protected resources. Session Management: The JWT token is checked for validity with each request. If expired or invalid, the user must re-authenticate.

Phishing and Social Engineering: Protecting users from sophisticated phishing schemes and social engineering attacks that can compromise authentication mechanisms. Compliance and Privacy: Adhering to stringent data protection regulations while implementing authentication processes that responsibly handle personal and sensitive information . PROBLEM STATEMENT

Design Server-Side (Authentication Server): Credential Validation: Upon receiving the username and password, the server hashes the password and compares it with stored credentials. OTP Generation: If OTP authentication is enabled, the server generates an OTP and sends it via email/ SMS. Token Issuance: After successful authentication, the server issues a JWT token, which is returned to the client. Client-Side (Mobile App): Login Screen: Users enter their credentials (username/password). Biometric Authentication: On supported devices, users can authenticate with biometrics instead of passwords. OTP Authentication: After entering credentials, an OTP is sent to the user’s phone/email for further verification. Token Management: Upon successful authentication, a JWT (JSON Web Token) is issued, which the app stores and uses for future requests.

Data Flow Registration: User submits registration data System hashes the password Data stored in the 'Users' Table Verification email sent. Login: User submits credentials   System verifies credentials against 'Users' table If valid, generate a session in the 'Sessions' table Token returned to user. Session Validation: User makes a request with a token System checks the token against 'Sessions' table If valid and not expired, allow access. Password Reset: User request a password reset System generates reset token and stores in 'Password Resets' table Email sent to the user User submits new password with the token System validates the token and updates the 'Users' table.

CONCLUSION E-authentication websites ensure secure online transactions, user verification, and identity management. The success of e-authentication systems lies in their ability to balance security with ease of use, allowing users to safely access digital services while maintaining their privacy and data integrity. As technology evolves, continuous updates and innovations in authentication methods will be vital to meet the growing security and user convenience demands.

REFERENCE WE CREATED OUR PROJECT BY USING YOUTUBE VIDEOS THROUGH CODING VIDEOS. WE HAVE RESEARCHED OUR APP THROUGH GOOGLE USING AI THIS HAS HELPED US CREATE OUR APPLICATION WE HAVE ALSO USED THE FIREBASE CONSOLE AND WE HAVE USED VARIOUS LANGUAGES LIKE (HTML, CSS, AND JAVASCRIPT) WE HAVE STUDIED THESE LANGUAGES FROM YOUTUBE, AND THE CODES THAT WERE AVAILABLE WE TOOK FROM GOOGLE(AI)
Tags
Categories
Technology Education Marketing
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 11
  • Slides 16
  • Age 413 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category