Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags
Carregando...
Arquivos
Data
2017-07-06
Autores
Carvalho Ota, Fernando Kaway
Roland, Michael
Hölzl, Michael
Mayrhofer, René
Manacero, Aleardo [UNESP]
Título da Revista
ISSN da Revista
Título de Volume
Editor
Resumo
Traditional authentication methods (e.g., password, PIN) often do not scale well to the context of mobile devices in terms of security and usability. However, the adoption of Near Field Communication (NFC) on a broad range of smartphones enables the use of NFC-enabled tokens as an additional authentication factor. This additional factor can help to improve the security, as well as usability of mobile apps. In this paper, we evaluate the use of different types of existing NFC tags as tokens for establishing authenticated secure sessions between smartphone apps and web services. Based on this evaluation, we present two concepts for a user-friendly secure authentication mechanism for mobile apps, the Protecting Touch (PT) architectures. These two architectures are designed to be implemented with either end of the spectrum of inexpensive and widely-available NFC tags while maintaining a reasonable trade-off between security, availability and cost.
Descrição
Palavras-chave
Android, Mobile security, Near field communication (NFC), Secure channel, Two-factor authentication
Como citar
Information (Switzerland), v. 8, n. 3, 2017.