利用结构多样性和用户友好性改进强移动认证

2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS) Pub Date : 2019-06-24 DOI:10.1109/NTMS.2019.8763821

Samy Kambou, A. Bouabdallah

{"title":"利用结构多样性和用户友好性改进强移动认证","authors":"Samy Kambou, A. Bouabdallah","doi":"10.1109/NTMS.2019.8763821","DOIUrl":null,"url":null,"abstract":"This paper introduces an original and strong authentication method using a two-factor scheme enhanced by network channels and devices diversity. The proposed solution combines an OTP-based approach using an IoT object as secondary device in addition to the mobile phone. Authentication factors are transmitted over different channels (LTE, LPWAN, ... ) via different devices thus greatly reducing the attack surface. To avoid depending on the protocol security specificities used to instantiate a channel, we use a security layer ensuring end-to- end encryption of the transferred sensitive contents. In addition, diversity can be leveraged by exploiting its inherent modularity to infer other approaches. We give an example of another authentication method equivalent for the robustness to the first one but which is more ergonomic and user friendly.","PeriodicalId":368680,"journal":{"name":"2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Improving Strong Mobile Authentication with Structural Diversity and User-Friendliness\",\"authors\":\"Samy Kambou, A. Bouabdallah\",\"doi\":\"10.1109/NTMS.2019.8763821\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper introduces an original and strong authentication method using a two-factor scheme enhanced by network channels and devices diversity. The proposed solution combines an OTP-based approach using an IoT object as secondary device in addition to the mobile phone. Authentication factors are transmitted over different channels (LTE, LPWAN, ... ) via different devices thus greatly reducing the attack surface. To avoid depending on the protocol security specificities used to instantiate a channel, we use a security layer ensuring end-to- end encryption of the transferred sensitive contents. In addition, diversity can be leveraged by exploiting its inherent modularity to infer other approaches. We give an example of another authentication method equivalent for the robustness to the first one but which is more ergonomic and user friendly.\",\"PeriodicalId\":368680,\"journal\":{\"name\":\"2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NTMS.2019.8763821\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NTMS.2019.8763821","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

本文介绍了一种新颖的强认证方法，该方法采用网络通道和设备多样性增强的双因素方案。提出的解决方案结合了基于otp的方法，使用物联网对象作为移动电话之外的辅助设备。身份验证因素通过不同的通道(LTE、LPWAN等)传输。通过不同的设备，从而大大减少了攻击面。为了避免依赖于用于实例化通道的协议安全特性，我们使用安全层来确保传输的敏感内容的端到端加密。此外，多样性可以通过利用其固有的模块化来推断其他方法。我们给出了另一种认证方法的例子，其鲁棒性与第一种方法相当，但更符合人体工程学和用户友好。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Improving Strong Mobile Authentication with Structural Diversity and User-Friendliness

This paper introduces an original and strong authentication method using a two-factor scheme enhanced by network channels and devices diversity. The proposed solution combines an OTP-based approach using an IoT object as secondary device in addition to the mobile phone. Authentication factors are transmitted over different channels (LTE, LPWAN, ... ) via different devices thus greatly reducing the attack surface. To avoid depending on the protocol security specificities used to instantiate a channel, we use a security layer ensuring end-to- end encryption of the transferred sensitive contents. In addition, diversity can be leveraged by exploiting its inherent modularity to infer other approaches. We give an example of another authentication method equivalent for the robustness to the first one but which is more ergonomic and user friendly.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)

自引率

0.00%

发文量