• Title/Summary/Keyword: Mobile OOB Authentication

Search Result 2, Processing Time 0.015 seconds

Gesture Input as an Out-of-band Channel

  • Chagnaadorj, Oyuntungalag;Tanaka, Jiro
    • Journal of Information Processing Systems
    • /
    • v.10 no.1
    • /
    • pp.92-102
    • /
    • 2014

  • In recent years, there has been growing interest in secure pairing, which refers to the establishment of a secure communication channel between two mobile devices. There are a number of descriptions of the various types of out-of-band (OOB) channels, through which authentication data can be transferred under a user's control and involvement. However, none have become widely used due to their lack of adaptability to the variety of mobile devices. In this paper, we introduce a new OOB channel, which uses accelerometer-based gesture input. The gesture-based OOB channel is suitable for all kinds of mobile devices, including input/output constraint devices, as the accelerometer is small and incurs only a small computational overhead. We implemented and evaluated the channel using an Apple iPhone handset. The results demonstrate that the channel is viable with completion times and error rates that are comparable with other OOB channels.

  • https://doi.org/10.3745/JIPS.2014.10.1.092 인용 PDF KSCI KPUBS HTML

Two Factor Authentication for Cloud Computing

  • Lee, Shirly;Ong, Ivy;Lim, Hyo-Taek;Lee, Hoon-Jae
    • Journal of information and communication convergence engineering
    • /
    • v.8 no.4
    • /
    • pp.427-432
    • /
    • 2010

  • The fast-emerging of cloud computing technology today has sufficiently benefited its wide range of users from individuals to large organizations. It carries an attractive characteristic by renting myriad virtual storages, computing resources and platform for users to manipulate their data or utilize the processing resources conveniently over Internet without the need to know the exact underlying infrastructure which is resided remotely at cloud servers. However due to the loss of direct control over the systems/applications, users are concerned about the risks of cloud services if it is truly secured. In the literature, there are cases where attackers masquerade as cloud users, illegally access to their accounts, by stealing the static login password or breaking the poor authentication gate. In this paper, we propose a two-factor authentication framework to enforce cloud services' authentication process, which are Public Key Infrastructure (PKI) authentication and mobile out-of-band (OOB) authentication. We discuss the framework's security analysis in later session and conclude that it is robust to phishing and replay attacks, prohibiting fraud users from accessing to the cloud services.

  • https://doi.org/10.6109/jicce.2010.8.4.427 인용 PDF KSCI