UAuth: A Strong Authentication Method from Personal Devices to Multi-accounts

Wang, Yazhe and Mingming Hu, Mingming and Li, Chen (2015) UAuth: A Strong Authentication Method from Personal Devices to Multi-accounts. EAI Endorsed Transactions on Security and Safety, 2 (4). e5. ISSN 2032-9393

[img]
Preview
Text
eai.5-10-2015.150479.pdf
Available under License Creative Commons Attribution No Derivatives.

Download (1MB) | Preview

Abstract

In this paper we present UAuth, a two-layer authentication framework that provides more security assurances than two-factor authentication while offering a simpler authentication experience. When authenticating, users first verified their static credentials (such as password, fingerprint, etc.) on their devices to achieve the local-layer authentication, then submit the OTP-signed response generated by their device to the server to complete the server-layer authentication. We also propose the three-level account association mechanism, which establishes the association among devices, users and services, and then creates a mapping from user’s devices to user’s accounts. Users can gain access to different service via any device in the association easily. Our goal is to provide a quick and convenient SSO-like login process on the basis of security authentication. To meet the goal, we implement our UAuth, and evaluate our designs.

Item Type: Article
Uncontrolled Keywords: Authentication, Mobile terminal, Multi-accounts
Subjects: H Social Sciences > H Social Sciences (General)
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
QA75 Electronic computers. Computer science
Depositing User: EAI Editor IV
Date Deposited: 26 Mar 2021 13:50
Last Modified: 26 Mar 2021 13:50
URI: https://eprints.eudl.eu/id/eprint/2033

Actions (login required)

View Item View Item