{"title":"一种基于移动设备的Web强认证方法","authors":"G. Me, Daniele Pirro, Roberto Sarrecchia","doi":"10.1109/ICCGI.2006.8","DOIUrl":null,"url":null,"abstract":"The rapid increase of the phishing phenomenon states that the Web authentication systems not based on one time password (OTP) are definitively ineffective in providing financial services. Existent Web authentication systems have been developed on the classic username/password mechanism using a single channel, either mobile or Web, generating an expensive or inadequate authentication system. The proposed solution is a combined Web/mobile authentication system. The basic authentication mechanism is integrated with a challenge/response process and an OTP. The challenge is issued from an authentication server and has to authenticate a mobile device, typically a cell phone. This device can communicate with any other involved parts through a fixed terminal, typically a personal computer, via a Bluetooth connection. The mobile device, once accepted, performs the authentication with the web site or application. This final step is accomplished using a temporary one-time password","PeriodicalId":112974,"journal":{"name":"2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":"{\"title\":\"A mobile based approach to strong authentication on Web\",\"authors\":\"G. Me, Daniele Pirro, Roberto Sarrecchia\",\"doi\":\"10.1109/ICCGI.2006.8\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The rapid increase of the phishing phenomenon states that the Web authentication systems not based on one time password (OTP) are definitively ineffective in providing financial services. Existent Web authentication systems have been developed on the classic username/password mechanism using a single channel, either mobile or Web, generating an expensive or inadequate authentication system. The proposed solution is a combined Web/mobile authentication system. The basic authentication mechanism is integrated with a challenge/response process and an OTP. The challenge is issued from an authentication server and has to authenticate a mobile device, typically a cell phone. This device can communicate with any other involved parts through a fixed terminal, typically a personal computer, via a Bluetooth connection. The mobile device, once accepted, performs the authentication with the web site or application. This final step is accomplished using a temporary one-time password\",\"PeriodicalId\":112974,\"journal\":{\"name\":\"2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"20\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCGI.2006.8\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCGI.2006.8","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A mobile based approach to strong authentication on Web
The rapid increase of the phishing phenomenon states that the Web authentication systems not based on one time password (OTP) are definitively ineffective in providing financial services. Existent Web authentication systems have been developed on the classic username/password mechanism using a single channel, either mobile or Web, generating an expensive or inadequate authentication system. The proposed solution is a combined Web/mobile authentication system. The basic authentication mechanism is integrated with a challenge/response process and an OTP. The challenge is issued from an authentication server and has to authenticate a mobile device, typically a cell phone. This device can communicate with any other involved parts through a fixed terminal, typically a personal computer, via a Bluetooth connection. The mobile device, once accepted, performs the authentication with the web site or application. This final step is accomplished using a temporary one-time password
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
