Security Levels for Web Authentication Using Mobile Phones
نویسندگان
چکیده
Mobile phones offer unique advantages for secure authentication: they are small and portable, provide multiple data transfer channels, and are nearly ubiquitous. While phones provide a flexible and capable platform, phone designs vary, and the security level of an authentication solution is influenced by the choice of channels and authentication methods. It can be a challenge to get a consistent overview of the strengths and weaknesses of the available alternatives. Existing guidelines for authentication usually do not consider the specific problems in mobile phone authentication. We provide a method for evaluating and designing authentication solutions using mobile phones, using an augmented version of the Electronic Authentication Guideline.
منابع مشابه
Contributions to Web Authentication for Untrusted Computers
Authentication methods offer varying levels of security. Methods with one-time credentials generated by dedicated hardware tokens can reach a high level of security, whereas passwordbased authentication methods have a low level of security since passwords can be eavesdropped and stolen by an attacker. Password-based methods are dominant in web authentication since they are both easy to implemen...
متن کاملTruWalletM: Secure Web Authentication on Mobile Platforms
Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and...
متن کاملMHIDCA: Multi Level Hybrid Intrusion Detection and Continuous Authentication for MANET Security
Mobile ad-hoc networks have attracted a great deal of attentions over the past few years. Considering their applications, the security issue has a great significance in them. Security scheme utilization that includes prevention and detection has the worth of consideration. In this paper, a method is presented that includes a multi-level security scheme to identify intrusion by sensors and authe...
متن کاملWeb Authentication using Graphical Virtual Environment
Authentication has become integral part of 90% of web sites. The major issue in web authentication is the limitation of human memory to remember the password string for longer period. Almost all websites are still using traditional recall-based textual password to identify their remote users. Vulnerability of this authentication mechanism due to the sophistication of online identity theft has l...
متن کاملSecure Web Authentication with Mobile Phones
As computing becomes pervasive, people increasingly rely on public computers to do business over the Internet. But accessing today's web-based services invariably requires typing a username and password to authenticate – a significant vulnerability, since the password can be captured by the public computer and later reused by a hostile party. We introduce a solution to this problem using a mobi...
متن کامل