Enhancing CardSpace Authentication Using a Mobile Device

Abstract : In this paper we propose a simple, novel scheme for using a mobile device to enhance CardSpace authentication. During the process of user authentication on a PC using CardSpace, a random and short-lived one-time password is sent to the user’s mobile device; this must then be entered into the PC by the user when prompted. The scheme does not require any changes to login servers, the CardSpace identity selector, or to the mobile device itself. We specify the scheme and give details of a proof-of-concept prototype. Security and operational analyses are also provided.
Type de document :
Communication dans un congrès
Yingjiu Li. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. Springer, Lecture Notes in Computer Science, LNCS-6818, pp.201-216, 2011, Data and Applications Security and Privacy XXV. 〈10.1007/978-3-642-22348-8_16〉
Liste complète des métadonnées

Littérature citée [22 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01586573
Contributeur : Hal Ifip <>
Soumis le : mercredi 13 septembre 2017 - 08:55:45
Dernière modification le : mercredi 13 septembre 2017 - 14:28:21
Document(s) archivé(s) le : jeudi 14 décembre 2017 - 12:29:03

Fichier

978-3-642-22348-8_16_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Haitham Al-Sinani, Chris Mitchell. Enhancing CardSpace Authentication Using a Mobile Device. Yingjiu Li. 23th Data and Applications Security (DBSec), Jul 2011, Richmond, VA, United States. Springer, Lecture Notes in Computer Science, LNCS-6818, pp.201-216, 2011, Data and Applications Security and Privacy XXV. 〈10.1007/978-3-642-22348-8_16〉. 〈hal-01586573〉

Partager

Métriques

Consultations de la notice

22

Téléchargements de fichiers

6