Alqubaisi et al., 2020 - Google Patents
Should we rush to implement password-less single factor FIDO2 based authentication?Alqubaisi et al., 2020
View PDF- Document ID
- 11651417809998817095
- Author
- Alqubaisi F
- Wazan A
- Ahmad L
- Chadwick D
- Publication year
- Publication venue
- 2020 12th annual undergraduate research conference on applied computing (URC)
External Links
Snippet
Fast Identity Online (FIDO) Alliance and W3C have defined a set of specifications (called FIDO2) that allows a user to replace the password based authentication system. However, none of the high profile web sites have implemented FIDO2 yet as password-less single …
- 238000011084 recovery 0 abstract description 12
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0815—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network providing single-sign-on or federations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Alqubaisi et al. | Should we rush to implement password-less single factor FIDO2 based authentication? | |
| Dacosta et al. | Trust no one else: Detecting MITM attacks against SSL/TLS without third-parties | |
| Kaur et al. | A secure two‐factor authentication framework in cloud computing | |
| US9288195B2 (en) | Single sign on with multiple authentication factors | |
| US8627424B1 (en) | Device bound OTP generation | |
| US10333930B2 (en) | System and method for transparent multi-factor authentication and security posture checking | |
| US9860248B2 (en) | Computer implemented method, communications system and computer programs products for securing operations in authentication and authorization systems using biometric information | |
| Zhang et al. | EL PASSO: Efficient and lightweight privacy-preserving single sign on | |
| RU2713604C1 (en) | Registration and authentication of users without passwords | |
| JP2011515961A (en) | Authentication storage method and authentication storage system for client side certificate authentication information | |
| TW201426383A (en) | System and method for identifying users | |
| Alzuwaini et al. | An Efficient Mechanism to Prevent the Phishing Attacks. | |
| Fareed et al. | Privacy-preserving multi-factor authentication and role-based access control scheme for the E-healthcare system | |
| Zhang et al. | El passo: privacy-preserving, asynchronous single sign-on | |
| Khan et al. | A brief review on cloud computing authentication frameworks | |
| Priya et al. | Secure Key Management Based Mobile Authentication in Cloud. | |
| Heilman et al. | Openpubkey: Augmenting openid connect with user held signing keys | |
| JP5186648B2 (en) | System and method for facilitating secure online transactions | |
| Sarower et al. | SMFA: Strengthening Multi-Factor Authentication With Steganography for Enhanced Security | |
| Grassi et al. | Draft nist special publication 800-63b digital identity guidelines | |
| Abbas et al. | Identifying an OpenID anti‐phishing scheme for cyberspace | |
| Tan et al. | Securing password authentication for web-based applications | |
| Eldow et al. | Literature review of authentication layer for public cloud computing: a meta-analysis | |
| Rajamanickam et al. | Insider Attack Prevention: LAPUP—Lightweight Authentication Protocol Using PUF | |
| Dietz et al. | Hardening Persona-Improving Federated Web Login. |