IEEE Security and Privacy
| Hi-index | 0.00 |
Traditional authentication methods such as passwords no longer meet all the security requirements of today's enterprise. Digital certificates provide a much more secure, resilient alternative solution. However, digital certificates are cumbersome to use for an end-user and are complex to implement for a resource provider. In this paper, we describe the Mobile Optimized Digital Identity (MODI) framework, which aims to solve the logistical issues of using certificates as an authentication method for both the end-user and the resource provider. The MODI framework consists of three tightly integrated components that work in concert: a mobile device application (MDA), an authentication toolkit, and a trusted third-party the security broker (SB). With a dedicated MODI MDA, certificate deployment, maintenance, and use are greatly simplified for the end-user. The MODI authentication toolkit enables resource providers to easily integrate with the framework, thus shielding developers from needing any knowledge of digital certificates and their implementation. Using mobile devices, the end-user authentication tool allows the MODI solution to expand its scope beyond conventional network access to novel physical access scenarios with the aid of proximity scanning technologies such as near-field communication (NFC).