smart bike sharing system for institute of higher … · buzzer and a wifi shield. wifi shield is...
TRANSCRIPT
SMART BIKE SHARING SYSTEM FOR INSTITUTE
OF HIGHER LEARNING USING TIME-BASED ONE-
TIME PASSWORD ALGORITHM
HUSNA HUMAIRA BINTI ABU BACKER SIDEK
BACHELOR OF COMPUTER SCIENCE (COMPUTER
NETWORK SECURITY) WITH HONOURS
UNIVERSITI SULTAN ZAINAL ABIDIN
2018
SMART BIKE SHARING SYSTEM FOR INSTITUTE OF HIGHER
LEARNING USING TIME-BASED ONE-TIME PASSWORD ALGORITHM
HUSNA HUMAIRA BINTI ABU BACKER SIDEK
Bachelor of Computer Science (Computer Network Security) with Honours
Faculty of Informatics and Computing
Universiti Sultan Zainal Abidin, Terengganu, Malaysia
MAY 2018
i
DECLARATION
I hereby declare that this report is based on my original work except for quotations
and citations, which have been duly acknowledged. I also declare that it has not been
previously or concurrently submitted for any other degree at University Sultan Zainal
Abidin or other institutions.
_____________________________________
Name : Husna Humaira Bt Abu Backer Sidek
Date : 20 / 5 / 2018
ii
CONFIRMATION
This is to confirm that:
The research conducted and the writing of this report was under my supervison.
____________________________
Name : Dr. Azrul Amri Bin Jamal
Date :
iii
DEDICATION
First of all, I would like to express my gratitude to Allah The Almighty for His grace
and mercy, which give me the opportunity to complete my final year project. I could
not have completed this project on my own, therefore I would like to sincerely thank
the people who made this project easier. First and foremost, I have to thank my
parents for their love and support throughout my life. Thank you both for giving me
strength to reach for the stars and chase my dreams. My siblings deserve my
wholehearted thanks as well. I would like to sincerely thank my supervisor, Dr. Azrul
Amri Bin Jamal for the continuous support, advice and tutoring for this project, for
believing in me and the motivations he gave throughout this project. To all my friends,
thank you for your understanding and encouragement in many, many moments of
crisis. Especially to Fazlin, Suraya, Rashafiya and Adib. Your friendship makes my
life a wonderful experience. I cannot list all the names here, but you are always on my
mind.
iv
ABSTRACT
This project is about a smart bike sharing system using time based one-time
password (TOTP) which helps user to rent the bike easily without any manual works
involved. Using a smart bike sharing system, the renting process can be managed
automatically. This system uses Arduino as a main device to manage the bike and use
Time Based one Time Password to keep the renting process secured. The purpose of
this project is to put all these devices into one well connected system which will help
the management to manage all the bikes without being worried about the security of
the bikes. The whole system can be divided into two main parts. The first part is about
the hardware development whereby all electronics components are connected via the
circuit design. This hardware part includes, a numeric keypad, LCD, micro servo,
buzzer and a WIFI Shield. WIFI Shield is used as the means of communication
between the database server and the microcontroller (Arduino). The second part is the
software part which is used for program and controls the whole system. The program
is written using PHP and C languages. Therefore, with this system, the renting process
will be more efficient and secure. It's also the best way to increase the quality of
management and can reduce time constraints.
v
ABSTRAK
Projek ini adalah mengenai sistem perkongsian basikal pintar menggunakan
“Time Based One-Time Password” (TOTP) yang membantu pengguna menyewa
basikal dengan mudah tanpa sebarang kerja manual yang terlibat. Menggunakan
sistem perkongsian basikal pintar, proses penyewaan boleh diurus secara automatik.
Sistem ini menggunakan Arduino sebagai alat utama untuk menguruskan basikal dan
menggunakan “Time Based One Time Password” untuk memastikan proses menyewa
terjamin. Tujuan projek ini adalah untuk meletakkan semua peranti ini menjadi satu
sistem penyambung yang baik yang akan membantu pihak pengurusan menguruskan
semua basikal tanpa perlu risau tentang keselamatan basikal. Seluruh sistem boleh
dibahagikan kepada dua bahagian utama. Bahagian pertama adalah tentang
perkembangan perkakasan di mana semua komponen elektronik disambungkan
melalui reka bentuk litar. Bahagian perkakasan ini termasuk, “numeric keypad”,
“LCD”, “micro servo”, “buzzer” dan “Wi-Fi Shield”. “Wi-Fi Shield” digunakan
sebagai medium komunikasi antara pelayan pangkalan data dan mikrokontroler
(Arduino). Bahagian kedua adalah bahagian perisian yang digunakan untuk program
dan mengawal keseluruhan sistem. Program ini ditulis menggunakan bahasa PHP
dan C. Oleh itu, dengan sistem ini, proses penyewaan akan lebih cekap dan selamat.
Ia juga cara terbaik untuk meningkatkan kualiti pengurusan dan dapat mengurangkan
kekangan masa.
vi
CONTENTS
PAGE
DECLARATION i
CONFIRMATION ii
DEDICATION iii
ABSTRACT iv
ABSTRAK v
CONTENTS vi
LIST OF TABLES ix
LIST OF FIGURES x
LIST OF ABBREVIATIONS xi
CHAPTER I INTRODUCTION
1.0 Background 1
1.1 Problem statement 2
1.2 Objectives 2
1.3 Scope and Limitation 3
1.4 Conclusion 3
CHAPTER II LITERATURE REVIEW
2.0 Introduction 4
2.1 Studies on Technique Involved 4
2.1.1 One Time Password (OTP) 4
2.1.2 HMAC-based One Time Password (HOTP 5
2.1.3 Time-based One Time Password (TOTP) 6
2.2 Discussion 7
2.2.1 Advantage of Time-based One Time
Password (TOTP)
7
2.2.1 Disadvantage of Time-based One Time
Password (TOTP)
7
2.2.3 Why Choose Time-based One Time
Password (TOTP)
8
2.2.4 Table of Technique Comparison 8
2.3 Types of Attack 9
vii
2.3.1 Passive Attacks 9
2.3.2 Active Attacks Passive Attacks 9
2.4 Conclusion 10
CHAPTER III
METHODOLOGY
3.0 Introduction 11
3.1 Analysis Study and Research Paradigm
Justification
12
3.1.1 Initial Planning Phase 13
3.1.2 Planning Phase 13
3.1.3 Requirements Phase 13
3.1.4 Analysis and Design Phase 13
3.1.5 Implementation Phase 14
3.1.6 Testing Phase 14
3.1.7 Evaluation Phase 14
3.2 System Requirement 15
3.2.1 Software Requirement 15
3.2.2 Hardware Requirement 15
3.3 System Design 16
3.3.1 Framework 16
3.3.2 Process Model 17
3.3.2.1 Context Diagram (CD) 17
3.3.2.2 Data Flow Diagram (DFD) 18
3.3.3 Data Model 19
3.3.3.1 Entity Relationship Diagram (ERD) 19
3.3.4 Database Modelling 20
3.3.4.1 Overall Table 20
3.3.4.2 Bicycle Table 21
3.3.4.3 Rent Table 21
3.3.4.4 User Table 22
3.4 Summary 22
viii
CHAPTER IV IMPLEMENTATION AND RESULT
4.0 Introduction 23
4.1 Interfaces Design 23
4.1.1 Admin Interfaces 24
4.1.2 User Interfaces 30
4.2 Testing 33
4.2.1 Test Cases 33
4.2.1.1 Login 34
4.2.1.2 Admin 35
4.2.1.3 User 36
4.3 Hardware Design 36
4.4 Summary 37
CHAPTER V
CONCLUSION
5.0 Introduction 38
5.1 System Contribution 38
5.2 System Constraints 38
5.3 Future Work 39
5.4 Conclusion 39
REFERENCES 40
ix
LIST OF TABLES
TABLE TITLE PAGE
2.1 Technique Comparison 8
3.1 Data Table 20
3.2 Bicycle Table 21
3.3 Rent Table 21
3.4 User Table 22
4.1 Test Case Admin Fail Login 34
4.2 Test Case Admin Success Login 35
4.3 Test Case Add Bicycle 35
4.4 Test Case TOTP Verification 36
x
LIST OF FIGURES
FIGURE TITLE PAGE
3.1 Iterative Model 12
3.2 Framework of the Project 16
3.3 Context Diagram (CD) 17
3.4 Data Flow Diagram (DFD) 18
3.5 Entity Relationship Diagram (ERD) 19
4.1 Admin Login Form 24
4.2 View List of Renters 25
4.3 View List of Bikes 26
4.4 Add New Bicycle 27
4.5 View List of Students 28
4.6 Report 29
4.7 View List of Bicycle 30
4.8 Interface shows after selecting the bicycle 31
4.9 Interface shows after user has been verified 32
4.10 Smart Bike Sharing System using TOTP Porotype 37
xi
LIST OF ABBREVIATIONS / TERMS / SYMBOLS
CD Context Diagram
DFD Data Flow Diagram
ERD Entity Relationship Diagram
FYP Final year project
GA Genetic algorithm
HCI Human computer interface
TOTP Time-Based One-Time Password
1
CHAPTER I
INTRODUCTION
1.0 Background
Bicycles have several advantages over other modes of public transportation for
short-distance urban trips because they do not create pollution in their operation, and
generally do not add to vehicular congestion. Usually bicycles are not commonly
thought of as a form of public transportation. However, recent technological advances
have allowed this to be successfully challenged throughout the world with the bike
sharing technologies. The basic premise of the bike-sharing concept is sustainable
transportation and this technology promote healthy lifestyles and sustainability among
commuters, casual riders, and tourists.
The evolution of bike sharing technologies and business models has led to a
range of options for program implementation. For instance, Mexico City one of the
most congested cities in the world, implemented bike sharing as a way to help reduce
traffic congestion. Despite historically low cycling levels, this program has reached
capacity of 30,000 users (Susan Shaheen And Stacey Guzman, 2011).
2
1.1 Problem Statement
The central pillar of modern systems, the bike sharing scheme which has no
fixed docking station is having major issues where people keep bikes longer than the
allowed period. Despite of these technologies, there continue to be bicycles that are
parked indiscriminately, which causes obstruction or inconvenience to the public, such
as users of wheelchairs and other personal mobility aids and this cannot be easily
integrated into Institute of Higher Learning. Unfixed stations lack the flexibility to
meet the needs of students who make quick and short-distance trips. Some experts say
that's largely because many cities were not designed to be bike friendly. Although the
rising popularity of the bike sharing systems, there are limitations. The bike sharing
programs have the potential for being abused, which has been proven by recent
vandalism and theft in Paris. Approximately 9,000 bicycles were lost or damaged in
the past year alone (Megan Scott, 2013).
Therefore, in this project, a smart bike sharing system which has fixed docking
station is essential to meet the needs of the modern college student. Time-based one-
time password (TOTP) algorithm is used to provide access control to the bike with a
reasonable level of security.
1.2 Objectives
The objectives of this project are:
• To study a suitable algorithm and technique for smart bike sharing
system.
• To develope a smart bike sharing system that have docking station.
• To implement a secured bike sharing system.
3
1.3 Scope and Limitation
The bike sharing program is specifically designed for the Institute of Higher
Learning environment. The concept is using bicycle docking stations and each station
is equipped with a kiosk connected to a remote server that verifies user access
privileges. The system relies on a server that will authenticate the user to the service
and it will synchronize data of all users and bikes. The server will dispense access
codes to the authenticated users to let them use the bikes. The smart bike lock is an
important element because it provides security and access control for the shared bikes.
It holds the reserved bike for the user who made the request and prevents theft when a
bike is left in a public place. With a simple electronic authentication, the user can be
off riding to their next place in no time.
1.4 Conclusion
Bike sharing system have continued to become ingrained into modern cities as
an economic, environmental, and enjoyable mode of transportation. College campuses
would benefit from similar systems. However, college students have different needs
than most users in cities. Students will take greater number of shorter trips, where
parking location is of utmost importance. To meet the need of students, the bike
sharing system technology must find a balance between flexibility in bike parking and
security. The Time-based One-time Password Algorithm achieves both through the
scalable communication system, and remote server application. With the introduction
of the bike sharing system, biking can become a hyper-efficient and enjoyable
transportation method for college students across the country.
4
CHAPTER II
LITERATURE REVIEW
2.0 Introduction
A Smart Bike allows individuals to meet their transportation needs in an
environmentally sound manner (Paul J. DeMaio, 2015). Bike sharing is a flexible
form of personal public transport. With a smart card or other form of identification, a
user can check out a bike from a station, use it for a short ride, and return it to any
other station (Shreya Gadepalli, 2012). Smart Bikes are ideal for short-distance urban
trips due to their advantages over other types of public transportation. Smart Bike
provide on-demand transportation, require less infrastructure than other modes of
transportation and do not create pollution in their operation (Paul J. DeMaio, 2015).
2.1 Studies on Technique Involved
In order to build the system, studies on major technique is needed. There are
One Time Password (OTP), HMAC based One Time Password (HOTP) and Time-
based One Time Password (TOTP).
2.1.1 One Time Password (OTP)
OTP is an instant password, in other words it is a code that changed after every
time we use it to authenticate (Sung-Jae Lee, 2011). OTP are passwords that are only
5
valid for a single or small number of transactions. A one-time password (OTP) is a
password that is valid for only one login session or transaction. OTPs avoid a number
of shortcomings that are associated with traditional (static) passwords (Ms.
E.Kalaikavitha, 2013). They are not vulnerable to replay attacks. This means that a
potential intruder who manages to record an OTP that was already used to log into a
service or to conduct a transaction will not be able to abuse it, since it will be no
longer valid. OTP generation algorithms typically make use of pseudo randomness or
randomness. This is necessary because otherwise it would be easy to predict future
OTPs by observing previous ones.
2.1.2 HMAC-based One Time Password (HOTP)
The authors in (Bellare, Hoornaert, 2005) define HOTP as an HMAC-based
One Time Password technique. The HOTP algorithm is based on an increasing
counter value (Sung-Jae Lee, 2011). Both the client and server will typically have a
counter value. Server generates the password to use the counter. If both passwords
match, the server authenticates the user and updates the counter (increment/ decrement
the counter), it may happen that the counter at client and server may drift (due to
passwords generated by client but not submitted, or passwords submitted by client but
does not reach to server due to network failure, etc.). In this case will response to
server with denial service. In (Bellare, Hoornaert, 2005), the researchers have
provided the output of the HMAC-SHA-1 calculation in 160 bits, they have to
truncate this value to something that can be easily entered by a user.
HOTP (K, C) = Truncate (HMAC-SHA-1(K, C))
6
Where truncate represents the function that converts an HMAC-SHA-1 value
into an HOTP value. The Key (K), the Counter (C), and Data values are hashed high-
order byte first.
2.1.3 Time-based One Time Password (TOTP)
The Time-Based One-Time Password (TOTP) Algorithm is an extension of the
HMAC-based One- Time Password (HOTP) Algorithm that uses time as the moving
factor (TokulaUmaha I., 2015). Time dynamism is an OTP generation principle
widely utilized in two-factor authentication (2FA) schemes. Two-factor authentication
usually referred to a two-step of verification. It’s a security process which the user
provides two authentication factors to verify they are who they say they are. A
different password is needed for different time to prevent number of attacks, this
schema depends on two periods, static period is designed for user to input the OTP
into the login form upon receipt of the dynamic period password, and the length of
which can always be customized by the client (Xuguang Ren, 2012).
Basically, TOTP is defined as TOTP = HOTP (K, T), where T is an integer
present time, k present secret key. The current time present initial time for the user
login.
The user calculates T = [(𝑐𝑢𝑟𝑟𝑒𝑛𝑡 𝑡𝑖𝑚𝑒− 𝑇𝑜)
𝑋]
X represents the time step in seconds (default value X = 180 seconds) and is a
system parameter. 𝑇𝑜 is the Unix time to start counting time steps (default value is 0).
7
2.2 Discussion
To meet those requirements for this project, comparison is necessary in order
to choose which one is the best technique. This will include an advantage, why TOTP
and a table of comparison.
2.2.1 Advantage of Time-based One Time Password (TOTP)
The benefit of using time based instead of a counter is that it continually
changes and gives new values automatically. An OTP usually remains valid for a
given time period. The authentication server performs the same computations as the
user and since they share the same secret and current time, the codes will be identical.
A power of TOTP is that it does not need any form of network connectivity to
generate new codes. As long as the clock of the device is partially in synchronization
with the rest of the world, it's going to keep generating a valid OTPs.
2.2.2 Disadvantage of Time-based One Time Password (TOTP)
TOTP is vulnerable to time-manipulation attacks. The combination of secret
key and timestamp generates always exactly the same token result. Allowing internal
clock manipulation weakens the entire concept, possibly leading security problems. If
the internal clock was moved back on a device, the 6-digit codes from earlier would
become valid again.
8
2.2.3 Why Choose Time-based One Time Password (TOTP)
Using TOTP, trust is established by ensuring the user has possession of the
shared key and the strength in this algorithm is its resistance to brute force attacks. If
someone is attacking the key, the attack is potentially invalidated or set back every
time increment of the TOTP because the target has moved. OTP changes every minute
(depends on time-step size), so the attack is pretty much invulnerable to the system.
TOTP provides short-lived OTP values, which are desirable for enhanced security.
2.2.4 Table of Technique Comparison
The main difference between HMAC-based One Time Password (HOTP) and
Time Based One Time Password (TOTP) is that HOTP key can be valid for an
unknown amount of time. Whilst TOTP key keep on changing and only valid for a
certain amount of time. Due to this difference, TOTP is considered as a more secure
One-Time Password solution.
Table 2.1: Technique Comparison
9
2.3 Types of Attack
Attack is to gain unauthorized access to destroy, expose, change or steal assets.
Two types of attacks are involved here:
2.3.1 Passive Attacks
Passive attacks mean the monitoring of transmission or traffic analysis. Passive
attacks are very difficult to detect because they do not involve any alteration of the
data. Such as Eavesdropping Attack (Taiwo Dayo Ajakaiye, 2011). Eavesdropping
creates the opportunity for adversaries to listen to or possibly extract personal details
and information of their victims. Eavesdropping can be carried out through several
ways. One way is by installing a spyware on the system. Another way is by using a
network sniffer on the network to capture and reassemble packets as they are
transmitted across the network.
2.3.2 Active Attacks Passive Attacks
The second major type of attacks is active attacks. These involve some
modification of data stream or the creation of a false stream through stealth, viruses,
worms, or Trojan horses. Active attacks result in the disclosure of data files, DOS, or
modification of data. In active attacks, the attacker’s goals are to make changes to data
on the target or data en route to the target.
10
2.4 Conclusion
Based on the literature review on the previous existing paper and journal,
many theories have been proposed by the researcher to explain about the smart bikes
and one-time password scheme. The main reason why one-time password is important
nowadays is to reduce and avoid from an authorized user. In this chapter, we
discussed about OTP techniques (TOTP and HOTP) also we introduced concepts
about the types of attacks that can happen. All the technique that proposed has their
strengths and weakness.
11
CHAPTER III
METHODOLOGY
3.0 Introduction
Methodology is a set of activities that are done based on principles, rules,
discipline or procedures. This chapter discuss about the approach and process flow
that is used to complete this project. Project methodology that has been used in the
project is Iterative Model. Each phase in the methodology will be discussed
specifically based on what will be accomplished before, during and after the
development of the project.
12
3.1 Analysis Study and Research Paradigm Justification
Figure 3.1: Iterative Model
In the Iterative model, iterative process starts with a simple implementation of
a small set of the software requirements and iteratively enhances the evolving versions
until the complete system is implemented and ready to be deployed. An iterative life
cycle model does not attempt to start with a full specification of requirements. Instead,
development begins by specifying and implementing just part of the software, which
is then reviewed to identify further requirements. This process is then repeated,
producing a new version of the software at the end of each iteration of the model.
13
3.1.1 Initial Planning Phase
In this phase, ideas on what type of system to be developed are proposed. The
system proposed has to be feasible. Smart Bike Sharing System is chosen as the title
for the project. Based on that, an abstract is written.
3.1.2 Planning Phase
During this phase, the possible outcome from the system is explored. Details
such as objectives, problem statement and scope are identified after making reviews
from related research. A proposal is prepared based on the output of feasibility study.
Added value for this project is also figured out, which is Time-Based One Time
Password (TOTP) Algorithm. Among all the algorithm, TOTP found to be the most
suitable approach to be implemented in this system.
3.1.3 Requirements Phase
User Requirement and system requirements are identified. In this phase, we
determine the needs and condition to meet for the system. Feasibility study helps in
giving the general idea of how the project will be. The weakness of the existing
project is also taken into account so that the added value can be implemented in the
proposed project.
3.1.4 Analysis and Design Phase
Once planning in complete, an analysis and design is performed to design the
phase that will be build. The layout of the plans must be included physical instruction,
operating system, computer hardware and programming language. Then the process of
prototyping and reviewing interfaces for system is constructed before it goes to
deployment phase.
14
3.1.5 Implementation Phase
With the planning and analysis out of the way, the actual implementation and
coding process can now begin. All planning, specification, and design docs up to this
point are coded and implemented into this initial iteration of the project.
Implementation process for Arduino and related sensor is to get user information, and
it’s directly configured to be connected to the server so TOTP can be generated.
3.1.6 Testing Phase
Once this current build iteration has been coded and implemented, the next
step is to go through a series of testing procedures to identify and locate any potential
bugs or issues that have cropped up. Thus, ensuring there is no problem for the system
to execute command from the user. Testing will be done in various approaches:
1. Data Movement in/out database
2. Security Mechanism (TOTP Verification)
3.1.7 Evaluation Phase
Once all prior stages have been completed, it is time for a thorough evaluation
of development up to this stage. This allows the developer, as well as clients or other
outside parties, to examine where the project is at, where it needs to be, what can or
should change, and so on.
15
3.2 System Requirement
In this section, a list of hardware’s and software required for the development
of the system is shown.
3.2.1 Software Requirement
Software requirement that involves in this project are:
• PHP 4.6.5.1
• Apache 2.4.10
• Mysql
• Notepad++
• Arduino Sketch
3.2.2 Hardware Requirement
Hardware requirement that involves in this project are:
• HP Pavilion i7-6500U Processor
• Arduino Mega 2560 Rev3
• Cytron ESP8266 WiFi Shield
• SG90 TowerPro RC Micro Servo
• Membrane 3x4 Matrix Keypad
• Buzzer 6-12V c/w Wire
• Serial LCD Module IIC I2C TWI 1602 16x2
16
3.3 System Design
The System Design describes the design and framework of the project. It
includes physical design which is framework and logical design which are Context
Diagram (CD), Data Flow Diagram (DFD) and Entity Relationship Diagram (ERD).
Making an early modelling can help to discover the needs, problem and possible
solutions during the project. This data modelling will decide on how the flow of the
system.
3.3.1 Framework
Figure 3.2: Framework of the Project
The framework of Smart Bike Sharing System using TOTP is provided as
shown in the Figure 3.2. The frameworks show the workflow of the whole process for
the authentication system. First, users need to choose the bike and enter matrics
number and NRIC in the verification screen. Then the system will compare the input
17
data with the database. If the data are matched with the system, users can take out the
bike from the docking station.
3.3.2 Process Model
Process models are processes of the same nature that are classified together
into a model. One possible use of a process model is to prescribe how things
must/should/could be done in contrast to the process itself which is really what
happens. A process model is roughly an anticipation of what the process will look
like. What the process shall be will be determined during actual system development.
3.3.2.1 Context Diagram (CD)
Figure 3.3: Context Diagram (CD)
The Context Diagram shows the system under consideration as a single high-
level process and then shows the relationship that the system has with other external
entities (systems, organizational groups, external data stores). Figure 3.3 shows the
CD of the system. The Smart Bike Sharing System is at the center of the diagram.
There are two entities (User and Server) placed around the center process. Eight (8)
18
data flows are involved in the interaction between the central process and the entities.
The User entity has three outgoing data flows which are registration details, rental
registration details and return information. The incoming data flows are bicycle status.
The Server has one outgoing data flow, which is bicycle status. The incoming data
flows are registration records, rental record and return record.
3.3.2.2 Data Flow Diagram (DFD)
Figure 3.4: Data Flow Diagram (DFD)
In Smart Bike Sharing System, there is one entity used in the DFD Level 0
which is ‘User’. While there are three processes involve in this system such that,
‘Register’, ‘Renting Bikes’, ‘Return Bike’. In the meanwhile, this system has three
data stores which are ‘User’, ‘Rental’ and ‘Bicycle’.
3.3.3 Data Model
Data modelling is the process of creating a data model for an information
system by applying certain formal techniques. Data models have been built during the
19
analysis and design phases of a project to ensure that the requirements for a new
application are fully understood. A data model can be thought of as a ERD that
illustrates the relationships between data.
3.3.3.1 Entity Relationship Diagram (ERD)
Figure 3.5: Entity Relationship Diagram (ERD)
Figure 3.5 shows that ERD of the system. It shows the entity and the attribute
that involves in the system
20
3.3.4 Database Modelling
A database is a collection of information that is organized to show the
information. It is easy to access, manage and update the information.
3.3.4.1 Overall Table
Table 3.1: Data Table
Table 3.1 shows the entities that involve in the project which consist of
bicycle, rent and user.
21
3.3.4.2 Bicycle Table
Table 3.2: Bicycle Table
Table 3.2 shows the database of the bicycle’s tables. It has three attributes
which are bicycle_id, bicycle_no and status. The bicycle_id is the primary key for this
table.
3.3.4.3 Rent Table
Table 3.3: Rent Table
22
Table 3.3 shows the database of the rent’s tables. It has five attributes which
are rent_id, card_id, bicycle_id, date and time. The rent_id is the primary key for this
table and the foreign key are card_id and bicycle_id.
3.3.4.4 User Table
Table 3.4: User Table
Table 3.4 shows the database of the rent’s tables. It has four attributes which
are card_id, matric_no, name and phone_numb. The card_id is the primary key for
this table.
3.4 Summary
In this chapter, a few diagrams have been used to describe and elaborate
system flow. The design and modelling are very crucial to the developer and the
system development as a guideline. The diagram shows the visualization how the
system will run.
23
CHAPTER IV
IMPLEMENTATION AND RESULT
4.0 Introduction
This chapter discusses about the implementation and testing of the system.
This project is implemented according to the framework that designed in the previous
chapter. Due to the high cost of the real servers, this project is implemented using
local servers instead of the real servers. In this project, the database applied to the
system is using XAMPP Server by using SQL language. During the implementation
phase, a few tests for the system had been done. Testing is process where executing
takes place with intent to finding the errors.
4.1 Interfaces Design
User interface design is the design of computers, appliances, software
applications and websites with the focus on the user’s experience and interaction. The
goal in designing user interface is to make a great interaction between user and the
system in term of efficiency, user-friendly, compatible of the system with target users.
The interfaces should be understandable, easier to use with a proper arrangement of
system flow.
24
4.1.1 Admin Interfaces
Figure 4.1: Admin Login Form
Figure 4.1 shows the admin login form. Admin have to login to the system
before access to the module. The username and password must be valid to success the
attempt. If the right password was entered for the user, it will redirect to admin
homepage. The system will display an error if the verification was failed.
25
Figure 4.2: View List of Renters
Figure 4.2 shows a list of renters. This process can only be done by Admin that
had been successfully logged into their account. In this section, Admin clicks on
“PRINT” button to print the list of renters. A tabs function was provided to select
students by faculty.
26
Figure 4.3: View List of Bikes
Figure 4.3 shows a list of bikes. This process can only be done by Admin that
had been successfully logged into their account. In this section, Admin clicks on
“PRINT” button to print the list of bikes. Admin can add a new bicycle by click on
“+New Bicycle”. The status of bicycle also will be shown whether it’s broken or in a
good condition.
27
Figure 4.4: Add New Bicycle
Figure 4.4 shows process to add a new bicycle. In this section, Admin will
insert a Bicycle ID and bicycle status.
28
Figure 4.5: View List of Students
Figure 4.5 shows a list of students. A tabs function was provided to select
students by faculty. Admin can add a new student by fill in the form at the bottom of
the page.
29
Figure 4.6: Report
Figure 4.6 shows a report of students that rent a bike and had exceeded the
limit of days allowed.
30
4.1.2 User Interfaces
Figure 4.7: View List of Bicycle
Figure 4.7 shows a list of bicycle. This is user interfaces. The user must select
the bike and new pop-up will be shown for renting process. The green colour means
the bicycle is available and grey colour means the bicycle is in used.
31
Figure 4.8: Interface shows after selecting the bicycle
Figure 4.8 is pop-up window will be shown if the user selects available
bicycle. The Student ID and Student IC must be valid to success the attempt. If the
right input was entered for the user, it will generate TOTP code. The system will
display an error if the verification was failed.
32
Figure 4.9: Interface shows after user has been verified
Figure 4.9 shows the TOTP code will be generated after the user has been
verified by the system. The code has a time limit, if user not entered the code after 5
minutes. The code will not valid.
33
4.2 Testing
In order to ensure the system developed according to the functional
requirement state by the user and fulfilled the main objective, the testing is done
throughout the implementation process. System testing of software or hardware is
conducted on a complete integrated system to evaluate the system’s compliance with
its specified requirements. Testing was conducted to uncover error that was made
inadvertently as the design and constructed by testing individual program component
to get the intend result from the system develop. The processes involve system testing
are unit testing and environmental testing. The system also being tested using two
tests method, which is white box testing and black box testing.
4.2.1 Test Cases
A test case is a document, which has a set of test data, preconditions, expected
results and post-conditions, developed for a particular test scenario in order to verify
compliance against a specific requirement. Test Case acts as the starting point for the
test execution, and after inserted a set of input, the application has a definitive
outcome and leaves the system at some end point or also known as execution post-
condition. The table below shows the test cases for several processes of the Smart
Bike Sharing System.
34
4.2.1.1 Login
Table 4.1 represent test case for Fail Login
Table 4.1: Test Case Admin Fail Login
Step Procedure Expected Result Pass/Fail
1 Go to login page Preview page loaded Pass
2 Enter the following
details: Pass
Username: Adm!n
3 Enter the following
details: Pass
Password: @123
4 Click “Login” button Message “Your username Pass
or password are wrong”
5 Re-enter the correct Login page Pass
username and password
35
Table 4.2 represent test case for Admin Success Login
Table 4.2: Test Case Admin Success Login
4.2.1.2 Admin
Table 4.3 represent test case for Add Bicycle
Table 4.3: Test Case Add Bicycle
Step Procedure Expected Result Pass/Fail
1 Click “List of Bikes” then Form to add bicycle Pass
“Add New Bicycle”
2 Enter the following details:
Bicycle ID: A009 Pass
Stastus: GOOD
3 Click “Submit” button Display fail or success Pass
message
Step Procedure Expected Result Pass/Fail
1 Go to login page Preview page loaded Pass
2 Enter the following
details: Pass
Username: 001
3 Enter the following
details: Pass
Password: 12345
4 Click “Login” button Login successful. Display Pass
Admin homepage
36
4.2.1.3 User
Table 4.5 represent test case for TOTP Verification
Table 4.4: Test Case TOTP Verification
Step Procedure Expected Result Pass/Fail
1 Enter TOTP code Verify TOTP Pass
2 Press “#” button to submit Display fail or success Pass
message
4.3 Hardware Design
Smart Bike Sharing System using Time Based One-Time Password is using
Arduino Mega microcontroller to send and receive data from databases. Arduino will
verify the TOTP by communicate with the database server that connected with web-
based system.
37
Figure 4.10: Smart Bike Sharing System using TOTP Porotype
Figure 4.10 shows the prototype of the system. Arduino Mega is connected to
Wi-Fi Shield, Numeric Keypad, LCD and Micro Servo using male jumpers and
female jumpers.
4.4 Summary
This chapter discussed the detail of implementation of coding and the testing
of the system. In order to complete the report, we will discuss about the system
contribution, constraints and suggestion for future work.
38
CHAPTER V
CONCLUSION
5.0 Introduction
In this chapter, the goal and objectives of the project is discussed and
concluded. Other than that, this chapter also included the project constraints and
possible future work that should be took in the future. The achievement and
contribution can be seen by looking at the completeness of the objectives of the
system.
5.1 System Contribution
Smart Bike Sharing System using Time Based One Time Password is
developed to meet the need of students. It gives students a. With this facility, students
can easily move inside the campus. The management also does not have to think about
the problem of misplaced bicycle. The introduction of smart bike sharing system,
biking can become a hyper-efficient and enjoyable transportation method for college
students across the country.
5.2 System Constraints
During the implementation, several problems have been identified which
restricted the quality of system developed. It takes a long period of time to connect
39
Arduino with the localhost database. The Ethernet shield have a problem to detect the
IP Address of localhost database. To solve this problem, WIFI Shield is used to
replace the Ethernet shield.
5.3 Future Work
The system can be enhanced to more efficiently in handle a user that not
returned the bicycle within time given by implement a message notification to notify
the user about the due date.
5.4 Conclusion
As a conclusion, to meet the need of users, the bikeshare technology must find
a balance between flexibility in bike parking and security. The success of bike sharing
systems that use time based one-time password depends heavily on the users. If the
users find the system easy to work with and feel incentivized to care, the bikes will be
well secured and in good condition. In contract, if the users do not care and lock the
bikes in bad, insecure ways or just leave them anywhere, the bikes will be easily lost
and broken. This is one of the reasons why the smart bike sharing system is suitable
for small sharing programs, where users share a connection, by belonging to the same
institute, for example.
40
REFERENCES
[1] Susan Shaheen And Stacey Guzman. “Worldwide Bikesharing”. ACCESS,
Number 39, Fall 2011
[2] Megan Scott. https://www.criticalcycles.com/blogs/blog/16490364-the-pros-and-
cons-of-bike-sharing Accessed on 22 November 2013.
[3] Paul J. DeMaio, City of Alexandria, Virginia. “Will Smart Bikes Succeed as
Public Transportation in the United States?”. 2015.
[4] Bellare, Hoornaert, Naccache. “HOTP: An HMAC-Based One-Time Password
Algorithm”. RFC4226, 2005.
[5] Sung-Jae Lee, Jae Seong Lee, Mun-Kyu Lee, Sang Jin Lee, Doo-Ho Choi, and
Dong Kyue Kim. “Low-Power Design of Hardware One-Time Password
Generators for Card-Type OTPs”. ETRI Journal, Volume 33, Number 4, August
2011.
[6] TokulaUmaha I. and EsiefarienrheBukohwo Michael. (2015, November).
“Design and Implementation of a Two-Factor, One Time Password
Authentication System”. International Journal of Computer & Organization
Trends –Volume26 Number1 - November 2015.
[7] Xuguang Ren, Xin-Wen Wu, and Kun Tang. “TSPass: A Dynamic User
Authentication Scheme Based On Time and Space”. IJCSNS International
Journal of Computer Science and Network Security, VOL.12 No.10, October
2012.
[8] Shreya Gadepalli, Christopher Kost, Bradley Schroeder. “Public cycle sharing
systems. A planning toolkit for Indian cities”. National Public Bicycle Scheme,
December 2012.
[9] Sung-Jae Lee, Jae Seong Lee, Mun-Kyu Lee, Sang Jin Lee, Doo-Ho Choi, and
Dong Kyue Kim. “Low-Power Design of Hardware One-Time Password
Generators for Card-Type OTPs”. ETRI Journal, Volume 33, Number 4, August
2011.
[10] Ms. E.Kalaikavitha, M.Phil., Mrs. Juliana Gnanaselvi, M.Philm. “Secure Login
Using Encrypted One Time Password (Otp) and Mobile Based Login
Methodology”. Research Inventy: International Journal Of Engineering And
41
Science Vol.2, Issue 10 (April 2013), Pp 14-17.
[11] Xuguang Ren, Xin-Wen Wu, Kun Tang. “TSPass: A Dynamic User
Authentication Scheme Based On Time and Space”. IJCSNS International
Journal of Computer Science and Network Security, VOL.12 No.10, October
2012.
[12] Taiwo dayo ajakaiye, karl senanu kudzo krause. “Online Based Authentication
and Secure Payment Methods for M-Commerce Applications”. Master of Science
Thesis in the Programme Secure and Dependable computer systems, Chalmers
University of Technology, University of Gothenburg July 2011.