Title :
Mobile Browser as a Second Factor for Web Authentication
Author :
Guan, Zhi ; Xiong, Hu ; Li, Suke ; Chen, Zhong
Author_Institution :
Key Lab. of High Confidence Software Technol., Peking Univ., Beijing, China
Abstract :
People´s increasingly relying on web applications to manage their digital assets makes web authentication a critical security issue. As most websites today still authenticate a user with only username and password, the authentication credentials can be easily compromised in a vulnerable browsing environment without the owner´s notice. Considering the browsing in mobile devices is more secure than personal computers, in this paper we explore the One-Time Password web application running inside mobile browsers as a second authentication factor for high value websites in hostile browsing environments. We discuss the security and efficiency of this authentication method from both theory and practice. An implementation with performance evaluation is also provided to prove our concept.
Keywords :
Web sites; authorisation; mobile computing; online front-ends; Web authentication; Web sites; authentication credential; digital asset management; mobile browser; one-time password Web application; security issue; vulnerable browsing environment; Authentication; Browsers; Computers; HTML; Internet; Mobile communication; Servers;
Conference_Titel :
Parallel and Distributed Processing with Applications (ISPA), 2011 IEEE 9th International Symposium on
Conference_Location :
Busan
Print_ISBN :
978-1-4577-0391-1
Electronic_ISBN :
978-0-7695-4428-1
DOI :
10.1109/ISPA.2011.63
