A feasible and cost effective two-factor authentication for online transactions
暂无分享,去创建一个
Authentication is the process of verifying a user's identity when the user is requesting services from any secure IT system. By far, the most popular authentication is a basic username-password based method that is commonly considered to be a weak technique of authentication. A more secure method is the multi-factor authentication that verifies not only the username/password pair, but also requires a second or third unique physical or biological factor. However, the feasibility of multi-factor authentication is largely restricted by the deployment complexity and cost. In this paper, we propose a technique of two-factor authentication, called SofToken, that eases the deployment process and greatly reduces the cost, while maintaining the same level of security as achieved by current available techniques. A RFID application is also proposed to improve the portability of SofToken.
[1] Steven Furnell. Computer insecurity - risking the system , 2005 .
[2] Jose M. Oton,et al. Smart cards , 1994 .
[3] Dieter Gollmann,et al. Computer Security , 1979, Lecture Notes in Computer Science.
[4] Jon Postel,et al. Internet Protocol , 1981, RFC.
[5] Jim S. Tiller. Smart Cards , 2007, Information Security Management Handbook, 6th ed..
[6] Julie-Marie Foss,et al. Web Application Security , 2005 .