Abstract

In this paper we present UAuth, a two-layer authentication framework that provides more security assurances than two-factor authentication while offering a simpler authentication experience. When authenticating, users first verified their static credentials (such as password, fingerprint, etc.) on their devices to achieve the local-layer authentication, then submit the OTP-signed response generated by their device to the server to complete the server-layer authentication. We also propose the three-level account association mechanism, which establishes the association among devices, users and services, and then creates a mapping from user’s devices to user’s accounts. Users can gain access to different service via any device in the association easily. Our goal is to provide a quick and convenient SSO-like login process on the basis of security authentication. To meet the goal, we implement our UAuth, and evaluate our designs.

Details

Title
UAuth: A Strong Authentication Method from Personal Devices to Multi-accounts
Author
Wang, Yazhe; Mingming Mingming Hu; Chen, Li
Section
Journal_Article
Publication year
2015
Publication date
Oct 2015
Publisher
European Alliance for Innovation (EAI)
e-ISSN
20329393
Source type
Scholarly Journal
Language of publication
English
DOI
https://doi.org/10.4108/eai.5-10-2015.150479
ProQuest document ID
2306319553
Copyright
© 2015. This work is licensed under http://creativecommons.org/licenses/by/3.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.