Off-campus Eastern Washington University users: To download EWU Only theses, please use the following link to log into our proxy server with your EWU NetID and password.

Non-EWU users: Please talk to your local librarian about requesting this thesis through Interlibrary loan.

Date of Award



Access perpetually restricted to EWU users with an active EWU NetID

Document Type

Thesis: EWU Only

Degree Name

Master of Science (MS) in Computer Science


Computer Science


"Computers have become a basic need for the majority of people around the world. Governments, companies, and individuals have a large number of sensitive information stored online; electronic transactions using these data becomes daily activities. Consequently, computer security has become a major concern . Authentication method is used to verify a user's identity. The strength of an authentication method is based on how many factors are used. There are three authentication factors. The first factor is something the user knows, such as username and password. The second factor is something the user has, such as Smart-card. The third factor is something the user is, such as biometric factors like fingerprints. Single factor authentication is considered a weak mechanism. For example, Email system is considered a weak mechanism because the user is authenticated based on one factor (usemame and password), which can be guessed online or offline. However, there are many methods are designed to control data access. Those methods are variety between simple and complex. Researchers are still trying to find an authentication method that is a secure and usable at the same time. In this work, we developed the Geo-Secure system for data access. The Geo-Secure system authenticates a user based on his/her geographic data. The user's device must have a built-in GPS receiver in order to be located. The user needs to create his/her secure area by drawing a polygon on a map when creating an account. This secure area is the only geographical region that the user can login from, and which can be changed when the user need. The user must provide his/her usemame and password in every logon process also. We have developed this system to reduce the possibility of being hacked, which otherwise could happen by shoulder surfing and social engineering . Also, since the user is authenticated based on his/her location, it is an opportunity to reduce the restriction on passwords to make them more usable"--Leaves iv-v.