BetterAuth: web authentication revisited

Asia-Pacific Computer Systems Architecture Conference Pub Date : 2012-12-03 DOI:10.1145/2420950.2420977

Martin Johns, Sebastian Lekies, Bastian Braun, Benjamin Flesch

引用次数: 22

Abstract

This paper presents "BetterAuth", an authentication protocol for Web applications. Its design is based on the experiences of two decades with the Web. BetterAuth addresses existing attacks on Web authentication, ranging from network attacks to Cross-site Request Forgery up to Phishing. Furthermore, the protocol can be realized completely in standard JavaScript. This allows Web applications an early adoption, even in a situation with limited browser support.

查看原文本刊更多论文

BetterAuth:重新访问web认证

本文提出了一种用于Web应用程序的身份验证协议“BetterAuth”。它的设计是基于二十年的网络经验。BetterAuth解决了现有的Web认证攻击，从网络攻击到跨站点请求伪造再到网络钓鱼。此外，该协议完全可以在标准JavaScript中实现。这使得Web应用程序能够尽早被采用，即使在浏览器支持有限的情况下也是如此。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Asia-Pacific Computer Systems Architecture Conference

自引率

0.00%

发文量