Abstract:
The need for secure authentication into systems has led to exploring of alternative secure authentication
mechanism. QR code is deemed more secure and has thus increased in popularity, but implementation of
QR code has downside of periodic polling; where client devices periodically poll the server to confirm
whether the authentication was successful. Periodic polling contributes additional traffic, leading to
increased response time, and often resulting to Denial of Service. The purpose of the study was to
investigate the effect of implementing WebSocket feature to provide permanent connection between
server and client in QR code authentication environment. Two experiments were setup where the
control/reference experiment was used to determine baseline of response time for growing number of
clients. It tested response time characteristics where periodic polling was at play. The treatment/
conceptual experiment implemented a persistent authenticated connection via WebSocket to eliminated
periodic polling. The study hypothesized that a reduction in response time would be observed, when
periodic polling in eliminated. The study applied experimental research design by simulating the control
and treatment experiments, with an increasing number of clients in the OMNeT ++ simulator.
Descriptive and inferential statistics were used to gather and evaluate data, comparing the performance
of conceptual and reference models. It was observed that while the treatment/conceptual experiment
demonstrated a considerable reduction of more than 80 percent, the response time in the
control/reference experiment rose as the number of clients increased. With a standard variation of 22.99
ms, WebSocket persistent connection feature significantly lowered response time in QR code
authentication. While the results look promising, the study recommended practical testing of this feature
in real-environment to ascertain the model's ability to address the periodic polling challenge that
negatively impacts on response times, which often leads to Denial of Service in Quick Response-based
authentication.
Description:
The need for secure authentication into systems has led to exploring of alternative secure authentication
mechanism. QR code is deemed more secure and has thus increased in popularity, but implementation of
QR code has downside of periodic polling; where client devices periodically poll the server to confirm
whether the authentication was successful. Periodic polling contributes additional traffic, leading to
increased response time, and often resulting to Denial of Service. The purpose of the study was to
investigate the effect of implementing WebSocket feature to provide permanent connection between
server and client in QR code authentication environment. Two experiments were setup where the
control/reference experiment was used to determine baseline of response time for growing number of
clients. It tested response time characteristics where periodic polling was at play. The treatment/
conceptual experiment implemented a persistent authenticated connection via WebSocket to eliminated
periodic polling. The study hypothesized that a reduction in response time would be observed, when
periodic polling in eliminated. The study applied experimental research design by simulating the control
and treatment experiments, with an increasing number of clients in the OMNeT ++ simulator.
Descriptive and inferential statistics were used to gather and evaluate data, comparing the performance
of conceptual and reference models. It was observed that while the treatment/conceptual experiment
demonstrated a considerable reduction of more than 80 percent, the response time in the
control/reference experiment rose as the number of clients increased. With a standard variation of 22.99
ms, WebSocket persistent connection feature significantly lowered response time in QR code
authentication. While the results look promising, the study recommended practical testing of this feature
in real-environment to ascertain the model's ability to address the periodic polling challenge that
negatively impacts on response times, which often leads to Denial of Service in Quick Response-based
authentication.