2-clickAuth Optical Challenge-Response Authentication

Anna Vapen, David Byers, N. Shahmehri
{"title":"2-clickAuth Optical Challenge-Response Authentication","authors":"Anna Vapen, David Byers, N. Shahmehri","doi":"10.1109/ARES.2010.85","DOIUrl":null,"url":null,"abstract":"Internet users today often have usernames and passwords at multiple web sites. To simplify things, many sites support some form of federated identity management, such as OpenID, that enables users to have a single account that allows them to log on to many different sites by authenticating to a single identity provider. Most identity providers perform authentication using a username and password. Should these credentials be compromised, e.g. captured by a key logger or malware on an untrusted computer, all the user’s accounts become compromised. Therefore a more secure authentication method is desirable. We have implemented 2-clickAuth, an optical challenge-response solution where a web camera and a camera phone are used for authentication. Two-dimensional barcodes are used for the communication between phone and computer, which allows 2-clickAuth to transfer relatively large amounts of data in a short period of time. 2-clickAuth is considerably more secure than passwords while still being easy to use and easy to distribute to users. This makes 2-clickAuth a viable alternative to passwords in systems where enhanced security is desired, but availability, ease-of-use, and cost cannot be compromised. We have implemented an identity provider in the OpenID federated identity management system that uses 2-clickAuth for authentication, making 2-clickAuth available to all users of sites that support OpenID, including Facebook, Sourceforge and MySpace.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"33","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2010.85","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 33

Abstract

Internet users today often have usernames and passwords at multiple web sites. To simplify things, many sites support some form of federated identity management, such as OpenID, that enables users to have a single account that allows them to log on to many different sites by authenticating to a single identity provider. Most identity providers perform authentication using a username and password. Should these credentials be compromised, e.g. captured by a key logger or malware on an untrusted computer, all the user’s accounts become compromised. Therefore a more secure authentication method is desirable. We have implemented 2-clickAuth, an optical challenge-response solution where a web camera and a camera phone are used for authentication. Two-dimensional barcodes are used for the communication between phone and computer, which allows 2-clickAuth to transfer relatively large amounts of data in a short period of time. 2-clickAuth is considerably more secure than passwords while still being easy to use and easy to distribute to users. This makes 2-clickAuth a viable alternative to passwords in systems where enhanced security is desired, but availability, ease-of-use, and cost cannot be compromised. We have implemented an identity provider in the OpenID federated identity management system that uses 2-clickAuth for authentication, making 2-clickAuth available to all users of sites that support OpenID, including Facebook, Sourceforge and MySpace.
2-clickAuth光挑战-响应认证
今天的互联网用户经常在多个网站上使用用户名和密码。为了简化工作,许多站点支持某种形式的联合身份管理,例如OpenID,它允许用户拥有一个帐户,允许他们通过对单个身份提供者进行身份验证来登录到许多不同的站点。大多数身份提供程序使用用户名和密码执行身份验证。如果这些凭证被泄露,例如被不受信任的计算机上的密钥记录器或恶意软件捕获,则所有用户的帐户都将受到威胁。因此,需要一种更安全的身份验证方法。我们已经实现了2-clickAuth,这是一种光学挑战响应解决方案,其中使用网络摄像头和照相手机进行身份验证。二维条形码用于手机和电脑之间的通信,它允许2-clickAuth在短时间内传输相对大量的数据。2-clickAuth比密码安全得多,同时仍然易于使用和分发给用户。这使得2-clickAuth在需要增强安全性,但不能损害可用性、易用性和成本的系统中成为密码的可行替代方案。我们在OpenID联合身份管理系统中实现了一个身份提供者,它使用2-clickAuth进行身份验证,使所有支持OpenID的网站用户都可以使用2-clickAuth,包括Facebook、Sourceforge和MySpace。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信