Abstract | ||
---|---|---|
People's increasingly relying on web applications to manage their digital assets makes web authentication a critical security issue. As most websites today still authenticate a user with only username and password, the authentication credentials can be easily compromised in a vulnerable browsing environment without the owner's notice. Considering the browsing in mobile devices is more secure than personal computers, in this paper we explore the One-Time Password web application running inside mobile browsers as a second authentication factor for high value websites in hostile browsing environments. We discuss the security and efficiency of this authentication method from both theory and practice. An implementation with performance evaluation is also provided to prove our concept. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1109/ISPA.2011.63 | ISPA |
Keywords | Field | DocType |
authentication factor,second factor,high value web,online front-ends,authentication method,mobile browser,one-time password web application,digital asset management,security issue,critical security issue,web authentication,web sites,authorisation,web application,vulnerable browsing environment,mobile computing,hostile browsing environment,authentication credential,internet,html,authentication,mobile communication,one time password,servers,mobile device | World Wide Web,Chip Authentication Program,Computer security,Computer science,Challenge–response authentication,S/KEY,Password policy,Authentication protocol,Password,Web application security,Multi-factor authentication | Conference |
ISBN | Citations | PageRank |
978-0-7695-4428-1 | 0 | 0.34 |
References | Authors | |
8 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zhi Guan | 1 | 76 | 10.75 |
Hu Xiong | 2 | 144 | 16.81 |
Suke Li | 3 | 15 | 4.37 |
Zhong Chen | 4 | 503 | 58.35 |