SOFTWARE REQUIREMENTS SPECIFICATION

1.INTRODUCTION
1.1 DESCRIPTION
The number of smartphone users is rapidly increasing worldwide, especially the of
Android OS users devices most often used for IT. Services are changing from PCs
and
laptops to smartphones and tablets. These devices need to be small for increased
portability. The technologies are convenient, but as the devices start to contain
increasing amounts of important personal information, better security is required.
Security systems are rapidly being developed. The aim of the project is to develop
anandroid-basedsmart phone application. Today more people using simple and
cheaper hardware such as mobiles and handheld
devices we can communicate & also we can do business transactions. It provides
much better mobility than PCs. Technology is moving towards mobiles which has
wide spread usage and
acceptability. Lot of protocols and softwares has been developed. The recent surge in
popularity of smart handheld devices, includingsmart-phonesand tablets, has given rise
to new
challenges in protection of Personal Identifiable Information (PII). Indeed modern
mobile devices store PII for applications that span from email to SMS and from social
media to location- based services increasing the concerns of the end user s privacy.
Therefore,there is a clear need and expectation for PII data to be protected in the case of
loss, theft, or capture of the portable device.

Android is a software platform and operating system for

mobile

devices

based

on

the

Linux

operating

system

and

developed by Google and the Open Handset Alliance. It allows

developers to write managed code in a java like language that
utilizes Google- developed Java libraries, but does not support
programs developed in native code. It includes an operating
system, middleware and key applications. The Android SDK
provides the tools and APIs necessary to begin developing
applications on the Android platform using the Java programming
language. It allows developers to write managed code in aJavalikelanguage that utilizesGoogle-developedJava libraries, but does
not support programs developed in native code.
The unveiling of the Android platform on 5 November 2007 was
announced with the founding of the Open Handset Alliance, a
consortium of 34 hardware, software and telecom companies devoted
to advancing open standards for mobile devices. When released in
2008, most of the Android platform will be made available under the
Apache

free-softwareand open source license. Currently Android represents

31.2 percent of the U.S Smartphonemarket

. Android has a large

community of developers writing application programs. There are

currently over 150,000 apps available for Android. Android Market
is the online app store run by Google, though apps can also be
downloaded from third party sites.

1.2 PURPOSE
The aim of the project is to provide more security to the handheld devices.
Now a days smart phones contains a large number of official data s that should be
secured. The future electronic payment is through smart phones authentication and
facial recognition Card less Mobile Cash Access (MCA) solution, which not only
eliminates the threat of card skimming at the ATM, but also allowsfinancial
institutions to provide a secure mobile wallet solution without installing additional

hardware on ATMs orpoint-of-sale(POS) terminals.Smart phones are becoming

increasingly more deployed and as such new possibilities for utilizing. The smart
phones many capabilities for public and private use are arising. This project will
investigate the possibility of using smart phones as a platform for authentication by
using android.

1.3SCOPE
To gain a more practical understanding of the challenges mobile authentication
Encounters, The case study performed in this project.
Create a secure centralised authentication where all the users cannot access data as
per their respective privileges.
To ensure that user data is not abused, all requests for access must be approved by
the account holder.
Access control has two components, authentication and authorization.
Services allow users to sign in to your application. And any application that
requires access to a user's data must be authorized by the user.
The authentication made should be sensitive and it should prevent the intruders
acting on it.

Analyzing the implications of faulty authentication in that area. There are numerous
applications for Android.

Traditional approaches to authentication involving strong passwords have several

limitations in the context of mobile phones. Miniature keypad (and in latest
deviceson-screentouchkeypad) tend to motivate users to choose simpler, and thus
weaker, passwords.

1.4DEFINITION
Android is the name of the Linux based operating system that is backed by
Google and the other members of the open handset alliance .because of the androids
opens source nature. Android based smart phones should be cheaper to produce than
those to use operating system such as Microsoft windows mobile that require a

loyalty fee to be paid for such use. T mobile G1 was the first android Os smart phone
to be officially introduced to themarket

.Android phones typically come with

severalbuilt-inapplication and also supportthird-partyprograms. Developers can create

programs for Android using the free Android SDK (Software Developer Kit). Android
programs are written in Java and run through Google's "Davlik" virtual machine, which
is optimized for mobile devices. Users can download Android "apps" from the online
AndroidMarket

.Since several manufacturers makeAndroid-basedphones, it is not

always easy to tell if a phone is running the Android operating system. If you are unsure
what operating system a phone uses, you can often find the system information by
selecting "About" in the Settings menu.

1.5 ABBREVATIONS
PKI Public key infrastructure
PIN Personal identification number
SIM Subscriber identity module
QoS Quality of Service
OTP One time password
MITM Man in themiddle
ID
Identity
Confidentiality, Integrity and
CIA
availability

1.6TECHNOLOGIES TO BE USED
Android
Java
Sql database

1.7ANDRIOD SYSTEM ARCHITECTURE

In android operating system, there are four layers. Android has its own
libraries; it is helpful for developing and designing any application of android
platform.These libraries are written in C/C++. Linux kernel is the 1 stlayer which is
written in C. Linux also helps to wrap the application.
The unveiling of the Android platform on 5 November 2007 was

announced with the founding of the Open Handset Alliance, a consortium of 34

hardware, software and telecom companies devoted to advancing open standards for
mobile devices. When released in 2008, most of the Android platform will be made
available under the Apachefree-softwareand open source license. Currently Android
represents 31.2 percent of the U.S Smartphonemarket

. Android has a large

community of developers writing application programs. There are currently over

150,000 apps available for Android. Android Market is the online app store run by
Google, though apps can also be downloaded from third party sites.

1.8 Features of Android

Application Framework enabling reuse and replacement of components.
Dalvik Virtual Machine optimized for mobile devices
Integrated browser based on the open source Web Kit engine
SQLite for structured data storage
Media

support

for

common

audio,

video

and

still

formats(MPEG4,H.264,MP3,AAC,AMR,JPG,PNG,GIF)
GSM Telephony(hardware dependent)
Bluetooth,EDGE,3G, andWi-Fi(hardwaredependent)
4

Camera, GPS, Compass and accelerometer(hardware dependent)

1.9 Android Architecture

The following diagram shows the major components of the Android
operating system. Each section is described in more detail below:
Application
Application Framework
Libraries
Android Runtime

image

Application Components
Application components are the essential building blocks of
an Android application. Not all components are actual entry points
for the user and some depend on each other, but each one exists
as its own entity and plays a specificrole-eachone is a unique
building block that helps define your applications overall behavior.
There are four different types of application components. Each type
serves a distinct purpose and has a distinct lifecycle that defines
how the component is created and destroyed.

1.10 OVERVIEW
The SRS includes two sections namely:
Overall Description:
This section will describe major components of the system, interconnections and
external interfaces.
Specific Requirement

2. OVERALL DESCRIPTION
This describes the contents that the available authentications present in the
smarphones and
the type of the authentication given.

2.1 Authentication
Authentication is usually divided into two services, peer entity authentication
and
data origin authentication.
The prover, and the verifier. The prover needs to present proof of the association

between the principal and identity and the verifier is responsible for verifying the
correctness of the proof.
When dealing with authentication systems, there are four essential issues that must
be considered:
Effectiveness, usability, cost and impersonation attacks. As we have discussed
previously in this section it is very difficult to achieve perfect and absolute
security and the same applies to authentication, due to technical and nontechnical
factors.
Impersonation attacks in which a prover attempts to demonstrate a false identity
claim, must be considered.
In general masquerades can be achieved by replaying or relaying valid sequences,
during authentication .
The prover has to provide information to the verifier which usually takes the form
of credentials or items of value to really prove the claim of who the prover is.
The items of value or credential are based on several unique factors that show
something you know, something have, or something you are.
The first authentication factor consists of using a secret which a human subject
mentally possesses, or in the case of a device such as a smartcard a key stored in
secure. This memory could be a password or a key, which is only known by the
prover and the verifier.
The secrets have to be hard to guess to avoid guessing attacks such as dictionary
attacks and this is why people are encouraged to use difficult to guess passwords.
Characteristics of the subject such as voice, fingerprints or iris patterns. subjects
and relates to the biometric.

Authenticating a principal based on the first authentication factor (something

that
achieved using three families of mechanisms:
you know), can be
Basic
authentication, Onetime passwords and Challenge response.
Basic authentication consists of a reusable password which is shared between the
prover and the verifier, the prover must reveal the password to the verifier to be
authenticated.

2.2HOW IT WORKS

Fig:2.1 Flowchart

2.3 COMPARISON WITH OTHER SYSTEMS

Design and Implementation of Improved Authentication System
Slide Lock: No security
Glass Lock: No security.
Keypad Lock: Requires afour-digitpassword, so it provides key space of about
10,000 (0 to 9999). Brute force attack is easy.
7

Pattern Lock: There are nine dots on the screen, each of which can be touched and
dragged one dot at a time to make a password. It provides approximately one
million (= 9P4 + 9P5 + 9P6 + 9P7 + 9P8 + 9!) of key space. Better than Keypad
Lock but not very secure.
Lock Screen: It has about ten million (6^9 = 10077696) key spaces with 9 inputs. It

can also be made larger by increasing the number of repetitive touches. The bigger
the key space, the more difficult is a brute force attack.

2.4IMPROVED AUTHENTICATION SYSTEM

Redundancy input(re-touchingthe circle) is allowed.
When the circle is touched more than once, it changes colour (maximum
of seven times) so that the user can identify the correct input.
This Lock Screen system has about ten million (6^9 = 10077696) key
spaces. It can also be made larger by increasing the number of
repetitive touches.
The security power depends upon the size of the key space; the bigger
the key space, the more difficult is a brute force attack.
To control the usage, besides entering the password, the acceleration
sensor (shaking the mobile phone) can be used. Touching is not
required.

Fig:2.2 Authentication System

3.SPECIFIC REQUIREMENTS
3.1 STRUCTURE
Android is a widely anticipated open source operating system for mobile

devices that provides a base operating system, an application middleware layer, a

Java software development kit (SDK), and a collection of system applications.
Android mobile application development is based on Java language codes, as it
allows developers to write codes in the Java language.

Fig : 2.3 Structure

Android will ship with a set of core applications including an email client, SMS
program, calendar, maps, browser, contacts and others. All applications are written
using the Java programming language.

3.2 Application Framework

After that, there is Application Framework, written in Java language. It is a
toolkit that all applications use, ones which come with mobile device like contacts or

SMS box, or applications written by Google and any Android developer. It has
several components.
The Activity Manager manages the life circle of the applications and provides
a common navigation back stack for applications, which are running in different
processes. The Package Manager keeps track of the applications, which are installed
in the device.The Windows Manager is Java programming language abstraction on
the top of lower level services that are provided by the Surface Manager.

3.3 Android Runtime

At the same level there is Android Runtime, where the main component
Dalvik Virtual Machine is located. It was designed specifically for Android running
in limited environment, where the limited battery, CPU, memory and data storage are
the main issues.
Android gives an integrated tool dx, which converts generated byte code from .jar
to.dex file, after this byte code becomes much more efficient to run on the small
processors. As a result, it is possible to have multiple instances of Dalvik virtual
machine running on the single device at the same time. The core libraries are written
in Java language and contains of the collection classes, the utilities, IO and other
tools.

Fig 2.5: Conversion from .java to .dex file

3.4 Application Components

Application components are the essential building blocks of an Android
application. Not all components are actual entry points for the user and some depend
on each other, but each one exists as its own entity and plays a specificrole-eachone
is a unique building block that helps define your applications overall
behavior.There are four different types of application components. Each type serves
a distinct purpose and has a distinct lifecycle that defines how the component is
created and destroyed

10

3.4.1 Activities
An activity represents a single screen with a user interface. Although the
activities work together to form a cohesive user experience in the email application,
each one is independent of the others. As such, a different application can start any
one of these activities.An activity is implemented as a subclass of Activity and you
can learn more about it in the Activities developer guide

3.4.2 Services
A service is a component that runs in the background to performlongrunningoperations or to perform work for remote processes. A service does not
provide a user interface. Another component, such as an activity, can start the service
and let it run or bind to it in order to interact with it.A service is implemented as a
subclass of service and you can learn more about it in the Services developer guide.

3.4.3 Content Providers

A content provider manages a shared set of application data. Data can be
stored in the file system, a SQLite database, on the web, or any other persistent
storage location, the application can access. Through the content provider, other
applications can query or even modify the data. As such, any application with the
proper permissions can query part of the content provider (such as Contacts
Contract. Data) to read and write information about a particular person.Content
providers are also useful for reading and writing data that is private to the application
and not shared.

3.5 Eclipse IDE

Eclipse is amulti-languagesoftware development environment comprising an
integrated development environment (IDE) and an extensibleplug-insystem. It is
written mostly in Java. It can be used to develop applications in Java and, by means
of various plug- ins, other programming languages including Ada, C, C++, COBOL,
Perl, PHP, Python, Ruby (including Ruby on Rails framework), Scala, Clojure,
Groovy and Scheme. Development environments include the Eclipse Java

development tools (JDT) for Java, Eclipse CDT for C/C++ and Eclipse PDT for
PHP, among others.

11

The initial codebase originated from Visual Age. The Eclipse SDK (which
includes the Java development tools) is meant for Java developers. Users can extend
its abilities by installingplug-inswritten for the Eclipse Platform, such as
development toolkits for other programming languages, and can write and contribute
their ownplug-inmodules.
Released under the terms of the Eclipse Public License, Eclipse SDK is free
and open source software. It was one of the first IDEs to run under GNU Class path
and it runs without issues under Iced Tea.
Android is thehead-to-headcompetitor for iOS (Apple) created by Google
Inc. and Open Handset Alliance. Nowadays its becoming more and more popular
among the mobile app developers because of its simplicity, reliability and ease of
coding.
There are many ways to develop Android applications on your PC. The
easiest way is integrating the ADT (Android Developing Tools) with the Eclipse
IDE.

3.6 Architecture
The Eclipse Platform usesplug-insto provide all functionality within and on
top of the runtime system, in contrast to some other applications, in which
functionality is hard coded. The Eclipse Platform's runtime system is based on
Equinox, an implementation of the OSGi core framework specification.

Thisplug-inmechanism is a lightweight software component framework. In

addition to allowing the Eclipse Platform to be extended using other programming
languages such as C and Python, theplug-inframework allows the Eclipse Platform to
work with typesetting languages like LaTeX, networking applications such as telnet
and database management systems. Theplug-inarchitecture supports writing any
desired extension to the environment, such as for configuration management. Java
and CVS support is provided in the Eclipse SDK, with support for other version
control systems provided bythird-partyplug-ins.

12

4.TECHNOLOGIES TO BE USED
4.1 Android with Eclipse
It provides the following:
The Android project wizard, which generates all the required project files.
Android-specificresource editors.
The Android SDK and AVD (Android Virtual Devices) Manager.
The Eclipse DDMS perspective for monitoring and debugging Android
applications.
Integration with Android Log Cat logging.
Automated builds and application deployment to Android emulators and
handsets.
Application packaging and code signing tools for release deployment.

4.2 Creating Android Projects

The Android Project Wizard creates all the required files for an Android application.
Open
Eclipse and follow these steps to create a new project:

Choose File, New, Android Project or click the Android Project reactor icon,
which
looks like a folder (with the letteraand a plus sign :) on the Eclipse toolbar.
Choose a project name. In this case, name the project Droid1.
Choose a location for the project. Because this is a new project
Create New Project in Workspace radio button. Check the Use Default
Location checkbox.
Select a build target for your application. For most applications, you want to
select the
version of Android most appropriate for the devices used by your target audience and
the
needs of your application
Specify an application name. This name is what users will see. In this case,
call the application Droid #1.
Specify a package name, following standard package namespace
conventions for Java. Because all code in this book falls under the
com.androidbook.namespace, use the package name com. androidbook.droid1.
Check the Create Activity check box. This will instruct the wizard to create
a default launch Activity class for the application. Call your activity Droid
Activity.

13

Confirm that the Min SDK Version field is correct. This field will be set to
the API level of the build target. If you want to support older versions of the
Android SDK, you need to change this field.
However, in this case, we can leave it as its default value.
Click the Next button.
The Android project wizard allows you to create a test project in
conjunction with your Android application. For this example, a test project is
unnecessary.
However, you can always add a test project later by clicking the Android
Test Project creator icon, which is to the right of the Android project wizard
icon on the Eclipse toolbar.
Test projects are discussed in detail in Hour 22, Testing Android Applications.
Click the Finish button.

4.3 JAVA
Java is a programming language. The language derives much of its syntax
from C and C++ but has a simpler object model and fewerlow-levelfacilities than
either C or C++.Java applications are typically compiled to byte code(class file) that
can run on any Java Virtual Machine(JVM) regardless of computer architecture.
Java is a programming language and computing platform first released by
Sun Microsystems in 1995.It Is the underlying technology that powers
state_of_the_art programs including utilities, games and business applications. Java
runs on more than 850 million personal computers worldwide, including Mobile and
TV devices.

Why do we need Java?

There are lots of applications and websites that wont work unless you have
java installed and more are created every day. Java is fast, secure and reliable. From
laptops to datacenters, game consoles to scientific supercomputers, cell phones to the
internet.

4.4 SQLite Database

SQLite

is

anACID-compliantembeddedrelationaldatabase

management

systemconta0ined in a small (~275kB)Cprogramminglibrary.SQLite implements

most of theSQLstandard, using a dynamically and weakly typed SQL syntax that
does not guarantee thedomain integrity.In contrast to other database management
systems, SQLite is not a separate
14

process that is accessed from the client application, but an integral part of it. SQLite
read operations can be multitasked, though writes can only be performed
sequentially. Thesource codefor SQLite is in thepublic domain.SQLite is a popular
choice for local/client storage onweb browsers.It has manybindingsto programming
languages. It is arguably the most widely deployed database engine, as it is used
today by several widespread browsers, operating systems, and embedded systems,
among others.

SQLite is an open source embeddable database engine written in C by D.

Richard Hipp. It is entirelyself-containedwith no external dependencies. It was

introduced as an option in PHP V4.3 and is built into PHP V5. SQLite supports much
of the SQL92 standard, runs on all major operating systems, and has support for the
major computer languages. SQLite is also surprisingly robust. Its creator
conservatively estimates that it can handle a Web site with a load of up to 100,00 hits
a day, and there have been cases where SQLite has handled a load 10 times that.
Databases have been an integral part of software applications since the dawn of the
commercial application market several decades ago. As crucial as database
management systems are, they also come with a large footprint, and considerable
overhead in system resources and administration complexity. As software
applications become less monolithic and more modular, a new type of database can
be a better fit than the larger and more complex traditional database management
systems. Embeddable databases run directly in the application process, offerzeroconfigurationrun modes, and have very small footprints. This article introduces the
popular SQLite database engine and describes how to use it in application
development. SQLite's support of the SQL92 standard includes indices, limitations,
triggers, and views. SQLite does not support foreign key constraints, but supports
Atomic, Consistent, Isolated, and Durable (ACID) transactions.

4.5 DALVIK VIRTUAL MACHINE

Dalvik is theprocess virtual machine(VM) inGoogle'sAndroid operating
system.It is the software that runs theappson Android devices. Dalvik is thus an
integral part of
Android, which is typically used on mobile devices such asmobile phonesandtablet
computersas well as more recently on embedded devices such as smart TVs and
media streamers. Programs are commonly written inJavaand compiled tobyte
code.They are then
converted fromJava VirtualMachine-compatible.classfiles toDalvik-compatible .dex
(Dalvik Executable) files before installation on a device. The compact Dalvik
Executable format is designed to be suitable for systems that are constrained in terms
15

ofmemoryandprocessorspeed. Dalvik isopen-sourcesoftware.It was originally written

by Dan Bornstein, who named it after the fishing village ofDalvikinIceland,where
some of his ancestors lived.

4.6 Design
Unlikeclientserverdatabase management systems, the SQLite engine has no
standaloneprocesseswith which the application program communicates. Instead, the
SQLitelibraryislinked inand thus becomes an integral part of the application
program. The library can also be called dynamically. The application program uses
SQLite's functionality through simplefunction calls,which reducelatencyin database
access: function calls within a single process are more efficient thaninterprocesscommunication.SQLite stores the entire database (definitions, tables, indices,
and the data itself) as a singlecross-platformfileon a host machine. It implements this
simple design bylockingthe entire database file during writing.

4.7 Use in mobile devices

Due to its small size, SQLite is well suited to embedded systems, and is also
included in:
Apple'siOS(where it is used for the SMS/MMS, Calendar, Call history and
Contacts storage)
Symbian OS
Nokia'sMaemo
Google'sAndroid
RIM'sBlackBerry
Linux Foundation'sMeeGo
Palm'swebOS
Androids Java interface to its relational database, SQLite. It supports an
SQL implementation rich enough for anything youre likely to need in a mobile
application including a cursor facility.

16
Application layer:

It is the most upper layer in android architecture. All the applications like camera,

Google maps, browser, sms, calendars, contacts are native applications. These
applications works with end user with the help of application framework to operate.
Application framework:
Android applications which are developing, this layer contain needed classes and
services. Developers can reuse and extend the components already present in API. In
this layer, there are managers which enable the application for accessing data. These
are as follows:
Activity manager:
It manages the lifecycle of applications. It enables proper management of all the
activities are controlled by activity manager.
Resource manager:
It provides access to noncoderesources such as graphics etc.
Notification manager:
It enables all applications to display custom alerts in status bar.
Location manager:
It fires alerts when user enters of leaves a specified geographical location.
Package manager:
It is use to retrieve the data about installed packages on device.
Window manager:
It is use to create views and layouts.
Telephony manager:
It is use to handle settings of network connection and all information about services
on device.
Android runtime:
In this section, all the android applications are executed. Android has its own virtual
DVM (Dalvik Virtual Machine), which is used to
android
machine
execute the
application.
With this
DVK, users are able to execute multiple applications at same time.
Libraries:
Android has its own libraries, which is written in C/C++. These libraries cannot be
accessed directly. With the help of application framework, we can access these
libraries.There are many libraries like web libraries to access web browsers, libraries
for android and video formats etc.

17

Linux kernel:
This layer is core of android architecture. It provides service like power
management, memory. Management, security etc. It helps in software or hardware
binding for better communication.

4.8IMAGE BASED AUTHENTICATION

Provides strong security for websites, web and mobile applications, and mobile
devices through the use ofone-timepasswords andout-of-band,twofactorauthentication.
Decreases Tech Support costs by reducing the number ofpassword-relatedsupport
calls.
Decreases IT costs by delivering securetwo-factorauthentication without the need
for costly hardware tokens, smart cards or biometrics.
Improves the user experience, which can help drive loyalty and increase
revenue.
Meets regulatory compliance requirements for strong authentication, including
FFIEC authentication guidelines.
Helps prevent phishing, fraud, security breaches related to stolen login credentials,
identity theft and spam.
Can be used as a unique messaging or advertising platform by including your own
images within theimage-basedauthentication and verification challenges.

4.9Deployment Options
Confident KillSwitch is an optional feature that can be used with any of our imagebased authentication solutions. Administrators can determine how many
KillSwitch categories users should establish, how many failed authentication
attempts are allowed, and what action should be taken when the KillSwitch is
triggered.

As acloud-basedtechnology, it can be easily integrated with risk engines, frauddetection platforms and other adaptive security systems to provide those systems
actionable data about the attack as its happening and determine a course of
action. It is available forwhite-labelintegrations by security vendors, application
developers and businesses wanting to incorporateimage-basedauthentication in
their own mobile applications, web services or security offerings.

18

Fig:4.1

Fig:4.2

19
Fig:4.3

LOGIN

Use Case Name

Login

Priority

Essential

Trigger

The user account is existing in the database

and
the user is not yet logged in.

Basic Path
1. The user enters the username and password
and clicks submit.
2. This information is validated and then sent
to
the database for authentication.
3. If authenticated, the user is granted
permission and is logged in.
If the user enters incorrect
Alternate Path
username/password,
an error message is displayed and the user is
requested tore-entercredentials.
If the user forgot password, the user clicks the
Forgot Password button and the password will
be send to the users email address.
20
Postconditio The user is logged in and has access to all
n
the
privileges that have been assigned.

LOGOUT
Use Case NameLogout
Priority

Essential

Trigger

Menu
Selection

21

5.CONCLUSION AND FUTURE WORK

Android is being installed in tablets and many other IT devices that require good
security systems.By dividing the mode of entry, users convenience and security have
been improved. The use of this improved authentication system ensures protection of
personal information. But this is not the ultimate solution. This can be improved further.
The devices used for IT services are changing from PCs and laptops to smartphones
and tablets. Smartphones are characterized by low efficiency and low power . They need
to be small for increased portability. They do not support the security software which
require continuous monitoring to detect threats. As these devices start to contain
increasing amounts of important personal information, better security is required.
Security systems are rapidly being developed, however, even with these, major problems
could result after a device is lost. Thus, strong authentication mechanisms are required to
protect important personal information, even after the device is lost.

22

6.REFERENCES
Books
1.Professional Android Application Development,Reto Meier,Wiley
Publishing, 2009
2.Database Design,GioWiederhold,McGraw-Hill,1989
3.Android Application Development,Rick Rogers, John Lombardo,
ZigurdMednieks, andBlake Meike, OReilly Media, 2009
4.Android Cookbook,Ian F. Darwin, OReilly Media, 2010
5.The Busy Coder's Guide to Advanced Android Development,Mark L.
Murphy, Commons Ware, 2009
6.Design and Implementation of Improved Authentication System for Android
Smartphone Users,Kwang Il Shin, J. S. (2012).26th International Conference on
Advanced Information Networking and Applications Workshops.
Websites
1.http://developer.android.com
2.www.androidpeople.com
3.www.codeproject.com
4.http://stackoverflow.com
5.www.mkyong.com
6.www.vogella.com
7.http://android-helper.blogspot.in
8.www.androidhive.info
9.http://en.wikipedia.org