Gene-certificate based model for user authentication and access control
WISM'10 Proceedings of the 2010 international conference on Web information systems and mining
Secure user authentication mechanism in digital home network environments
EUC'06 Proceedings of the 2006 international conference on Embedded and Ubiquitous Computing
Hi-index | 0.00 |
In this paper, we propose a novel integrated authentication and access control scheme using smart cards. A list of accessible resources with privileges is encrypted in the smart card issued to the user. Without storing access control information, a server can authenticate each user, realize resources to be accessed, and determine access privileges. We propose the use of card identifiers to prevent privilege elevation attacks and to protect the privacy of access requests. Our scheme has the following merits: low communication and computational cost, no access control information in the server, prevention of privilege elevation attack, multiple-access requests, privacy protection of access requests, mutual authentication, and session key agreement.