Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Shemp: secure hardware enhanced myproxy
Shemp: secure hardware enhanced myproxy
PorKI: Making User PKI Safe on Machines of Heterogeneous Trustworthiness
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Two methods of authenticated positioning
Proceedings of the 2nd ACM international workshop on Quality of service & security for wireless and mobile networks
Password sharing: implications for security design based on social practice
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Enhancing web browsing security on public terminals using mobile composition
Proceedings of the 6th international conference on Mobile systems, applications, and services
Trustworthy and personalized computing on public kiosks
Proceedings of the 6th international conference on Mobile systems, applications, and services
Attacks on public WLAN-based positioning systems
Proceedings of the 7th international conference on Mobile systems, applications, and services
Design of anti-GPS for reasons of security
CIS'09 Proceedings of the international conference on Computational and information science 2009
Hi-index | 0.00 |
Authenticating human users using public key cryptography provides a number of useful security properties, such as being able to authenticate to remote party without giving away a secret. However, in many scenarios, users need to authenticate from a number of client machines, of varying degrees of trustworthiness. In previous work, we proposed an approach to solving this problem by giving users portable devices which wirelessly issue temporary, limited-use proxy certificates to the clients. In this paper, we describe our complete prototype, enabling the use of proxy credentials issued from a mobile device to securely authenticate users to remote servers via a shared (or otherwise not trusted) device. In particular, our PorKI implementation combines out-of-band authentication (via 2D barcode images), standard Proxy Certificates, and platform attestation to provide usable and secure temporary credentials for web-based applications.