Formalising Application-Driven Authentication & Access-Control based on Users’ Companion Devices

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security Pub Date : 2023-07-10 DOI:10.1145/3579856.3595800

C. Culnane, Ioana Boureanu, Jean Snyman, S. Wesemeyer, H. Treharne

引用次数: 0

Abstract

We define and formalise a generic cryptographic construction that underpins coupling of companion devices, e.g., biometrics-enabled devices, with main devices (e.g., PCs), in a user-aware manner, mainly for on-demand authentication and secure storage for applications running on the main device. We define the security requirements of such constructions, provide a full instantiation in a protocol-suite and prove its computational as well as Dolev-Yao security. Finally, we implement our protocol suite and one password-manager use-case.

查看原文本刊更多论文

形式化基于用户配套设备的应用驱动的身份验证和访问控制

我们定义并形式化了一种通用的加密结构，该结构以用户感知的方式支持伴侣设备(例如，支持生物识别的设备)与主设备(例如pc)的耦合，主要用于在主设备上运行的应用程序的按需认证和安全存储。我们定义了这种结构的安全需求，在协议套件中提供了一个完整的实例，并证明了它的计算安全性和Dolev-Yao安全性。最后，我们实现了协议套件和一个密码管理器用例。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security

自引率

0.00%

发文量