Sciweavers

ICSNC
2007
IEEE

Using the mobile phone as a security token for unified authentication

14 years 5 months ago
Using the mobile phone as a security token for unified authentication
- The number of different identities and credentials used for authentication towards services on the Internet has increased beyond the manageable. Still, the most common authentication scheme is based on usernames and passwords. This is a weak authentication mechanism, which can be broken by eavesdropping on the network connection or by sloppy handling by the users (e.g. re-use of the same password for different services, writing down the passwords on paper etc.). Also, management of user credentials is a costly task for most companies, estimated by IDC to around 200-300USD pr. user/year. Hence, better solutions for simplified, yet secure authentication, is required in the future. This paper proposes and describes an authentication scheme based on a One-Time Password (OTP) MIDlet running on a mobile phone for unified authentication towards any type of service on the Internet. Keywords-component; , authentcation, mobility
Steffen Hallsteinsen, Ivar Jørstad, Do Van
Added 03 Jun 2010
Updated 03 Jun 2010
Type Conference
Year 2007
Where ICSNC
Authors Steffen Hallsteinsen, Ivar Jørstad, Do Van Thanh
Comments (0)