Secure and usable QR codes

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Luccio, Flaminia it_IT Wahsheh, Heider Ahmad Mutleq <1987> it_IT 2018-12-12 it_IT 2019-07-24T08:06:46Z 2019-03-20 it_IT
dc.description.abstract Barcode is a universal technology that provides visual data representation using series of horizontal lines (1D), or matrix of squares and dots (2D), organized in a specific standard way. Barcodes are represented as images that can store data with various data types and sizes, used to identify the object that carries the barcode. In the literature, there is no standard mechanism for providing authenticity and confidentiality of the barcode content. Attacks such as the malicious links encoding are realistic and feasible in practice. In this work, we present a comparative study of 2D barcodes’ threats and the available protection mechanisms. We highlight the limitations of these mechanisms, and explore their security capabilities. Moreover, we suggest practical solutions based on the recommendations from the European Union Agency for Network and Information Security (ENISA). For what concerns usability, we present the first systematic study of usable cryptographic primitives inside QR codes. We have performed extensive experiments to analyze the factors that affect the barcodes usability, by developing a barcode reader application that collects the users’ feedback. We have analyzed scanning time, data size, image size and users’ feedback. Based on ISO 9241, we have defined Barcode Usability Score (BarScore) an observable and quantifiable value that represents the overall usability, by calculating the average of effectiveness, efficiency and satisfaction. We have built a barcode usability guidance for recommended image and data sizes under different usability levels. Then, we have implemented a systematic secure/usable QR code generator and compared the digital signature and encryption mechanisms based on usability and security. The obtained results show that QR codes can support powerful, usable and secure solutions. Finally, we present a comprehensive review of barcode reader applications by analyzing their properties. We categorize these apps into four groups; URLs security, Crypto-based security, Save-privacy and Other popular applications. We also highlight their weaknesses and present design recommendations for usable, secure and privacy-guaranteed scanner applications. We have developed a proof-of-concept Android reader app that follows our recommendations, and performed a user usability and security survey. The results show that when following the design tips, user’s security awareness and usability increase. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Heider Ahmad Mutleq Wahsheh, 2019 it_IT
dc.title Secure and usable QR codes it_IT
dc.title.alternative it_IT
dc.type Doctoral Thesis it_IT Informatica it_IT Dottorato di ricerca it_IT Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear Dottorato - 31° Ciclo - 2015-2017 it_IT
dc.description.cycle 31 Focardi, Riccardo it_IT
dc.location.shelfmark D001960
dc.location Venezia, Archivio Università Ca' Foscari, Tesi Dottorato it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 956262 it_IT
dc.format.pagenumber X, 121 p. : ill.
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT it_IT it_IT
dc.provenance.upload Heider Ahmad Mutleq Wahsheh (, 2018-12-12 it_IT
dc.provenance.plagiarycheck Flaminia Luccio (, 2019-01-18 it_IT

Files in this item

This item appears in the following Collection(s)

Show simple item record