What the $#*! IS my password? Secure Online Password Storage Lon Smith Aaron Gremmert.

Slides:

Advertisements

Similar presentations

Alexander Carrington and Liam Martell. Introduction Client: Tom Goldsworthy – G-Group Security Project: Electronic Incident Reporting System Online access.

Advertisements

Mobile Date: A Dating Application For Mobile Phones Mark Mucha and Juan Carcheri EEL-6788 Advanced Topics in Wireless Networks Spring 2010.

Service Oriented Architecture for Mobile Applications Swarupsingh Baran University of North Carolina Charlotte.

User Data Convergence CT4 specifications Jean-Jacques Trottin

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.

Overview I-LINE2 is a browser based, train weight management software package, designed to provide an information interface for Weighline and Streamline.

1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.

Novell from Home Net Storage. Novell access via NetStorage 1-Web Interface Connect to your shared drive through your web browser Windows, Mac or Linux.

310KM Mobile Commerce Applications Lab/Tutorial 7 Kwong Chak Cheung, Dick ( ) Wong Cheuk Lun, Tim ( )

Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6.

Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.

Nu Contract Management System A web based tool to manage contracts.

Scriptum ConceptStore Gábor Uhrin Scriptum Informatics Inc.

We are glad to share our unique positions among other competitors in mobile application development.  We concentrate mainly on cloud based enterprise.

Overview What are the provisioning methods used in the Australian registry system? How are these provisioning systems secured?

Week 7 Lecture Web Database Development Samuel Conn, Asst. Professor

Microsoft Azure Introduction ISYS 512. Microsoft Azure Microsoft Azure is a cloud.

OSIA Portal 2009 Mid-Term Presentation Nazim Öztahtaci Jiawei Chen Parvinder Gill Ye Tian Xin Guo Communication System Design 2009 Fall Mid-Term Workshop.

E- Services and e- Uppsala, Sweden Stefan Hanna Municipal government, Uppsala.

REST.  REST is an acronym standing for Representational State Transfer  A software architecture style for building scalable web services  Typically,

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

Enabling Embedded Systems to access Internet Resources.

PHP With Oracle 11g XE By Shyam Gurram Eastern Illinois University.

In the name of God :).

Architecture Planning and designing a successful system Use tried and tested techniques Easy to maintain Robust and long lasting.

Goals One ASP.NET Membership story – Web APIs and Web Apps Profile. Extensibility allows for non SQL persistence model. Improve unit testability of.

School of Computing and Information Systems CS 371 Web Application Programming PHP – Forms, Cookies, Sessions and Database.

Copyright 2012 Gladinet Inc. Cloud Storage Storage Account Access Key Gladinet Cloud Identity Active Directory Identity Cloud Cluster Remote Access CIFS/SMB.

Mobile Photo James Anderson, Dustin Duran, Trevor Hamilton, Ahror Rahmedov, Vivek Rajkumar, Matthew Renzelmann.

1 Welcome to CSC 301 Web Programming Charles Frank.

Mainframe (Host) - Communications - User Interface - Business Logic - DBMS - Operating System - Storage (DB Files) Terminal (Display/Keyboard) Terminal.

OmnėMail Nicholas Allen Effie Goenawan Annie Liu.

Grid Chemistry System Architecture Overview Akylbek Zhumabayev.

VirtuaGrades A Web-Based Gradebook Application Don Tinsley CS 470 Project.

GOAL User Interactive Web Interface Update Pages by Club Officers Two Level of Authentication.

I4ma Server Overview. High Level Architecture Internet Mobile Device Web Browser I4ma Server SMS SMS Service.

Unified Distributed (UDub Mail) Life Cycle Objectives Sachin Pradhan Gabriel Maganis.

CS779 Term Project Steve Shoyer Section 5 December 9, 2006 Week 6.

Application Development

E a s y S h a r e Jung Son Ky Le. Operational Concepts Recent years, huge number of growth in Internet users and broadband usage File-sharing become extremely.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 Essentials of Design.

Web Services An Introduction Copyright © Curt Hill.

Features Of SQL Server 2000: 1. Internet Integration: SQL Server 2000 works with other products to form a stable and secure data store for internet and.

IM Shopping Instant Messenger that sells and buys Lou Pan Jian Wu.

CSE 403 LCO Presentation Chris Scoville. Operational Concepts Create a built in 411-type system in a cell phone Allows the user to find a person’s phone.

PhotoBytes Burt Bielicki. Overview What is PhotoBytes? Who Will Use PhotoBytes? System Requirements System and Software Architecture Lifecycle Plan Feasibility.

AirLock Secure storage for all your sensitive account data Cross platform (Windows, Linux, Mac) (Optional) Sync between multiple pc’s (Optional) Access.

Centralized Grading System. LCO Objectives Operational Concepts System Requirements System and Software Architecture Lifecycle Plan Feasibility Rationale.

Introduction to Oracle  Oracle Database XE, APEX and Oracle SQL Developer.

Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 19/09/2015David Postlethwaite.

Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."

Scaling out and in with Azure SQL DB Elastic Scale DBA-203 Warner Chaves, MCM/MVP, SQLTurbo.com, Pythian.com.

Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."

WHERE TO TRAVEL Capstone Project. Content Introduction Project Management Plan Requirement Specification Design Description Implementation Testing Summary.

Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 18/06/2016David Postlethwaite.

Mary Ganesan and Lora Strother Campus Tours Using a Mobile Device.

Server Concepts Dr. Charles W. Kann.

Multilevel Marketing Tree Viewer

What this activity will show you

“CODE IT” CATEGORY BABL [Jinx takes the stage.].

What do you Wanna Do? The LCO Overview.

Web-based Console for Controlling a Wireless Sensor Network (WeConWSN)

Introduction to Databases Transparencies

An Introduction to Cloud Computing

Brad Woodward Ben Higgins

Online Multilevel Media Sharing

Presentation transcript:

What the $#*! IS my password? Secure Online Password Storage Lon Smith Aaron Gremmert

Who Has a Password? Who has 10? 50? 100? Must be changed every 3 months? Can’t use previous 3 passwords? And must be: at least 8 chars long include A-Z and a-z and 0-9 and can’t be any part of your username....

Concept Requirements The Big Idea To create an online secure resource for storing and accessing sensitive data. Essential Concept Requirements Secure : durable encryption and user identification schemes. Accessible : from any internet connection. User Friendly : intuitive forms for finding and modifying data, and a friendly sign in process.

System Architecture : Overview DB Server The database stores encrypted information and fulfills web service requests. Client applications allow the user to securely view / modify their account, through the common web service interface. Web Service Web SiteDesktop AppWEP / Palm The web service works with the DB to provide a uniform secure interface for client applications. Server Client

System Architecture : The Server The Database Could be one of many available technologies (e.g. mySQL) Adhere to a strict XML schema for modeling the data and relations. Play nice with its friend, the web service, communication through a number of stored procedures. The Web Service Could be developed with Java/.net platforms. Works with the db to process validated requests from the client, and to encrypt/decrypt data as needed.

System Architecture : The Client The Web Application Could be developed with the Java/.net platform. Provide user friendly web forms for creating a new account, signing in, viewing and editing data. Sign in would include a typical user name / password form, and a second “image based password”, to validate the users identity. Desktop and Mobile Apps Likely to be beyond the scope of the quarter. But… is certainly within range once the web service / db are in place. Both Java/.net have tools to play with.

Picture Password Demo

Feasibility Rationale Two key assumptions: Feasibility of encrypted communication between server and client. Technology platform that will support database server and web client interaction. Both address the core functionality of the system Without these, the system isn’t useful.