Access control is a critical component of any network and computer security mechanism. An effective access control mechanism ensures that only users with valid log in credentials can access a computer network or resources on a network. A common form of login access control is the username and password authentication mechanism. The mechanism could be a single stage or multi-stage authentication process. In a single stage authentication mechanism a valid password is sufficient to grant access to a system. A multi-stage authentication mechanism requires further information beyond valid username and password to authenticate a user. For example, a user might need to enter a valid security code after the system verifies the user’s password.
In this project, you will develop a Java computer program to simulate access control to a system network. The username and password authentication mechanism is used as an access control mechanism in this project. The program needs to authenticate the user with their username and hashed password stored in Access Manager User (AMU) file.
To create an Access Manager User file, you need to develop a java program that takes username and password as input and then generates a file containing the username, hashed password, and plaintext password. In real world, the plaintext are not saved in the AMU file. However, you need the username and corresponding plaintext password for testing of your main program. The structure of the AMU file is shown in the appendix. Note that this should be done as a separate program.
The main program operates in the following manner. It first prompts the user to enter username and password. After the user enters both username and password, it hashes the password and search the AMU file to verify both the user name and password. If the program verifies the username and password, it returns the message “Access Granted.” If the program could not verify the username, it returns the message “Access Denied. You are not a registered user.” If the program verifies the username but not the password, it prompts the user to enter the password again. If the user enter the password three times incorrectly, the system locks the user account and gives this message. “You exceeded entering the allowable number of incorrect password. Your account is locked. Contact system administrator to unlock your account”
The computer program must be well documented. A sample of a well documented program is attached.
Project Learning Objectives
Gain a good understanding of user authentication mechanism
Identify security issues with username and password authentication mechanism
Computer Programming Learning Objectives
1. To enhance your knowledge of Java programming particularly in the following areas:
User defined functions and classes
Utilization of Java libraries and functions
Object oriented programming
2. To design a well documented program according to the industry standards
Upon the successful completion of this project, you will gain a better understanding of the following course concepts
Access control mechanism using user authentication process
Shortcomings of single stage access control mechanism
Additionally, you will enhance your knowledge and skills in writing a well documented java program with medium complexity according to software engineering standards.