Website Credential Storage and Two-Factor Web Authentication with a Java SIM
نویسندگان
چکیده
In this paper two mobile website authentication schemes are proposed. The first enables authentication credentials (username and password) to be stored and retrieved securely from a mobile handset, and requires no changes to existing websites. The second scheme, which may optionally be used with the first, utilises a one-time password and is intended for applications requiring an enhanced level of authentication, e.g. financial services. Both authentication schemes use a Java SIM and ubiquitous mobile phone; with its familiar and convenient form factor and high user acceptance. Both schemes also provide protection against online phishing attacks.
منابع مشابه
CredEx: User-centric Credential Selection and Management for Grids
User authentication is a crucial security component for most computing systems. Yet different systems rely on different authentication mechanisms based on their particular security needs. Specifically, systems such as independently-managed Grids vary with regard to the type of credential or security token used to prove the user's identity (username/password, X.509 certificates and Kerberos tick...
متن کاملSeamless and Secure Authentication for Grid Portals
Grid portals typically store user grid credentials in a credential repository. Credential repositories allow users to access Grid portals from any machine having a Web browser, but their usage requires several authentication steps. Current portals require users to explicitly go through these steps, thereby hindering their usability. In this paper we present intuitive and easy to use tools to ma...
متن کاملNovel framework for secure mobile financial services
The financial sector is always looking for new services delivery platforms to improve customer confidence and satisfaction. To achieve this, the banking service delivery platform must provide end-to-end security to safeguard the financial information exchanged between the bank and the customer. Today a number of banks offer mobile banking service to their customers. However, still banks have be...
متن کاملMobile Provided Identity Authentication on the Web
Introduction One of the key elements to improve the user experience on the Web is the enhancement of the user security, however not compromising the usability of the solutions. In that sense, the take-off of the mobile Internet, with users always carrying (in a way that was only equaled previously by keys, watches or wallets) a personal device, i.e., the mobile phone, equipped with a Subscriber...
متن کاملModified Authentication Using One Time Password to Support Web Services Security
Freshness in accessing a web service is a challenge identified by the security of the website itself. It usually including advantages and disadvantages on architecture security and the machine language used by the site. With the recent technology available completed by sufficient information about risks threat in web services, there are a lot of things to be concerned. In this paper, we try to ...
متن کامل