A PROTOTYPE OF HOTEL MANAGEMENT SYSTEM WITH A SECURED GRAPHICAL PASSWORD TO AVOID SHOULDER SURFING ATTACK

  

Deshinta Arrova Dewi1 and Alberto Santiago Ayong Angue Nchama2, Lai Mei Yoon 3

  

1,2,3 Faculty of Information Technology and Sciences (FITS), INTI International University, Nilai, Negeri Sembilan, Malaysia.

 

Corresponding Author: deshinta.ad@newinti.edu.my


Abstract

This paper mainly focuses on two things: secured graphical password and hotel management system. The aim of this study is to propose a new Hotel Management System that is secured from a shoulder surfing attack using a graphical password. This graphical password has been introduced by previous research and this paper offers a contribution to implement it into a hotel management system. Hotel management system has been chosen for this study because they are considered as people second home whereby personal information resides in hotels and the confidential information of the Hotels themselves are registered and kept in the Management System. The Management System has to deal with day to day activities, therefore, it has to be secured and the best way of doing so is to set a password. Passwords are used to authenticate real users from attackers, the most common Computer Authentication Method is to make use of alphanumerical usernames and passwords. There are significant drawbacks to this method because passwords are easily guessed by the attackers. To overcome this problem, the use of Graphical Password Authentication is introduced for Hotel Management System as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication and significantly able to avoid shoulder surfing attack. The PHMS is developed using SQL server 2014, the ASP.NET and the C# programming language for a recreation of the secured graphical password.

Keywords: Graphical Password Authentication, Shoulder Surfing Attack, Hotel Management System


Vol.1, 2018(25)