Abstract : In this paper two mobile website authentication
schemes are proposed. The first enables authentication credentials
(username and password) to be stored and retrieved securely from a
mobile handset, and requires no changes to existing websites. The second
scheme, which may optionally be used with the first, utilises a one-time
password and is intended for applications requiring an enhanced level of
authentication, e.g. financial services. Both authentication schemes use
a Java SIM and ubiquitous mobile phone; with its familiar and convenient
form factor and high user acceptance. Both schemes also provide
protection against online phishing attacks.
Pierangela Samarati; Michael Tunstall; Joachim Posegga; Konstantinos Markantonakis; Damien Sauveron. 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices (WISTP), Apr 2010, Passau, Germany. Springer, Lecture Notes in Computer Science, LNCS-6033, pp.229-236, 2010, Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. 〈10.1007/978-3-642-12368-9_17〉
https://hal.inria.fr/hal-01056084
Contributeur : Hal Ifip
<>
Soumis le : jeudi 14 août 2014 - 17:54:17
Dernière modification le : vendredi 11 août 2017 - 15:13:01
Document(s) archivé(s) le : jeudi 27 novembre 2014 - 01:36:59
Jonathan Hart, Konstantinos Markantonakis, Keith Mayes. Website Credential Storage and Two-Factor Web
Authentication with a Java SIM. Pierangela Samarati; Michael Tunstall; Joachim Posegga; Konstantinos Markantonakis; Damien Sauveron. 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices (WISTP), Apr 2010, Passau, Germany. Springer, Lecture Notes in Computer Science, LNCS-6033, pp.229-236, 2010, Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. 〈10.1007/978-3-642-12368-9_17〉. 〈hal-01056084〉
