SGX-UAM: A Secure Unified Access Management Scheme With One Time Passwords via Intel SGX

With the convergence of fixed and mobile networks, heterogeneous networks are becoming ubiquitous. Internet giants seeing plight identity authentication. To address this issue, unified access management (UAM) was conceived. This paper provides a novel scheme, named SGX-UAM, with one-time passwords (OTPs) based on Intel software guard extensions (SGX). SGX-UAM outperforms generic UAM for providing resistance to most client attacks, man-in-the-middle (MITM) phishing replay attacks denial service (DoS) which implementaions vulnerable. Specifically, prevented by ensuring input security memory security, where former is achieved through shuffle mapping “periodic hooking” strategy, latter mainly guaranteed SGX; MITM transferring ciphertext rather than plaintext; avoided authorization control; cannot succeed because we adopts OTPs, contain time-related dynamic factors that expire in few seconds; as DoS attack, blunted its edge blocking-invocation identical user connection. also differs from it relieves concerns sevice providers (SPs) protects users' privacy at little cost performance. An exceptional value brings lightweight OTP solution eliminates need additional hardware devices, thus reducing costs. The experimental results show consumes almost same time OpenID OAuth2.0 one login request performs steadily when handling sequential requests. Furthermore, resource usage acceptable.