Web proxy servers
Mobile Application Development with SMS and the Sim Toolkit
Mobile Application Development with SMS and the Sim Toolkit
Mobile Messaging Technologies and Services: SMS, EMS and MMS
Mobile Messaging Technologies and Services: SMS, EMS and MMS
Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Beginning Windows CardSpace: From Novice to Professional
Beginning Windows CardSpace: From Novice to Professional
Understanding windows cardspace: an introduction to the concepts and challenges of digital identities
One-Time Password Access to Any Server without Changing the Server
ISC '08 Proceedings of the 11th international conference on Information Security
CardSpace-liberty integration for CardSpace users
Proceedings of the 9th Symposium on Identity and Trust on the Internet
Using a personal device to strengthen password authentication from an untrusted computer
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Website credential storage and two-factor web authentication with a java SIM
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Extending the Scope of cardspace
Proceedings of the 4th international conference on Security of information and networks
Hi-index | 0.00 |
In this paper we propose a simple, novel scheme for using a mobile device to enhance CardSpace authentication. During the process of user authentication on a PC using CardSpace, a random and shortlived one-time password is sent to the user's mobile device; this must then be entered into the PC by the user when prompted. The scheme does not require any changes to login servers, the CardSpace identity selector, or to the mobile device itself. We specify the scheme and give details of a proof-of-concept prototype. Security and operational analyses are also provided.