Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags
Autor(a) principal: | |
---|---|
Data de Publicação: | 2017 |
Outros Autores: | , , , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Repositório Institucional da UNESP |
Texto Completo: | http://dx.doi.org/10.3390/info8030081 http://hdl.handle.net/11449/169908 |
Resumo: | Traditional authentication methods (e.g., password, PIN) often do not scale well to the context of mobile devices in terms of security and usability. However, the adoption of Near Field Communication (NFC) on a broad range of smartphones enables the use of NFC-enabled tokens as an additional authentication factor. This additional factor can help to improve the security, as well as usability of mobile apps. In this paper, we evaluate the use of different types of existing NFC tags as tokens for establishing authenticated secure sessions between smartphone apps and web services. Based on this evaluation, we present two concepts for a user-friendly secure authentication mechanism for mobile apps, the Protecting Touch (PT) architectures. These two architectures are designed to be implemented with either end of the spectrum of inexpensive and widely-available NFC tags while maintaining a reasonable trade-off between security, availability and cost. |
id |
UNSP_77af5b7fdcd5366a7953078eb442cdf5 |
---|---|
oai_identifier_str |
oai:repositorio.unesp.br:11449/169908 |
network_acronym_str |
UNSP |
network_name_str |
Repositório Institucional da UNESP |
repository_id_str |
2946 |
spelling |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tagsAndroidMobile securityNear field communication (NFC)Secure channelTwo-factor authenticationTraditional authentication methods (e.g., password, PIN) often do not scale well to the context of mobile devices in terms of security and usability. However, the adoption of Near Field Communication (NFC) on a broad range of smartphones enables the use of NFC-enabled tokens as an additional authentication factor. This additional factor can help to improve the security, as well as usability of mobile apps. In this paper, we evaluate the use of different types of existing NFC tags as tokens for establishing authenticated secure sessions between smartphone apps and web services. Based on this evaluation, we present two concepts for a user-friendly secure authentication mechanism for mobile apps, the Protecting Touch (PT) architectures. These two architectures are designed to be implemented with either end of the spectrum of inexpensive and widely-available NFC tags while maintaining a reasonable trade-off between security, availability and cost.Banco do Brasil S.AUniversity of Applied Sciences Upper AustriaInstitute of Networks and Security Johannes Kepler University LinzDepartment of Computer Science and Statistics São Paulo State University-UNESPDepartment of Computer Science and Statistics São Paulo State University-UNESPBanco do Brasil S.AUniversity of Applied Sciences Upper AustriaJohannes Kepler University LinzUniversidade Estadual Paulista (Unesp)Carvalho Ota, Fernando KawayRoland, MichaelHölzl, MichaelMayrhofer, RenéManacero, Aleardo [UNESP]2018-12-11T16:48:09Z2018-12-11T16:48:09Z2017-07-06info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://dx.doi.org/10.3390/info8030081Information (Switzerland), v. 8, n. 3, 2017.2078-2489http://hdl.handle.net/11449/16990810.3390/info80300812-s2.0-850221970672-s2.0-85022197067.pdfScopusreponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPengInformation (Switzerland)0,222info:eu-repo/semantics/openAccess2023-10-22T06:07:48Zoai:repositorio.unesp.br:11449/169908Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462024-08-05T15:37:27.009078Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false |
dc.title.none.fl_str_mv |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
title |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
spellingShingle |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags Carvalho Ota, Fernando Kaway Android Mobile security Near field communication (NFC) Secure channel Two-factor authentication |
title_short |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
title_full |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
title_fullStr |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
title_full_unstemmed |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
title_sort |
Protecting Touch: Authenticated App-To-Server channels for mobile devices using NFC tags |
author |
Carvalho Ota, Fernando Kaway |
author_facet |
Carvalho Ota, Fernando Kaway Roland, Michael Hölzl, Michael Mayrhofer, René Manacero, Aleardo [UNESP] |
author_role |
author |
author2 |
Roland, Michael Hölzl, Michael Mayrhofer, René Manacero, Aleardo [UNESP] |
author2_role |
author author author author |
dc.contributor.none.fl_str_mv |
Banco do Brasil S.A University of Applied Sciences Upper Austria Johannes Kepler University Linz Universidade Estadual Paulista (Unesp) |
dc.contributor.author.fl_str_mv |
Carvalho Ota, Fernando Kaway Roland, Michael Hölzl, Michael Mayrhofer, René Manacero, Aleardo [UNESP] |
dc.subject.por.fl_str_mv |
Android Mobile security Near field communication (NFC) Secure channel Two-factor authentication |
topic |
Android Mobile security Near field communication (NFC) Secure channel Two-factor authentication |
description |
Traditional authentication methods (e.g., password, PIN) often do not scale well to the context of mobile devices in terms of security and usability. However, the adoption of Near Field Communication (NFC) on a broad range of smartphones enables the use of NFC-enabled tokens as an additional authentication factor. This additional factor can help to improve the security, as well as usability of mobile apps. In this paper, we evaluate the use of different types of existing NFC tags as tokens for establishing authenticated secure sessions between smartphone apps and web services. Based on this evaluation, we present two concepts for a user-friendly secure authentication mechanism for mobile apps, the Protecting Touch (PT) architectures. These two architectures are designed to be implemented with either end of the spectrum of inexpensive and widely-available NFC tags while maintaining a reasonable trade-off between security, availability and cost. |
publishDate |
2017 |
dc.date.none.fl_str_mv |
2017-07-06 2018-12-11T16:48:09Z 2018-12-11T16:48:09Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://dx.doi.org/10.3390/info8030081 Information (Switzerland), v. 8, n. 3, 2017. 2078-2489 http://hdl.handle.net/11449/169908 10.3390/info8030081 2-s2.0-85022197067 2-s2.0-85022197067.pdf |
url |
http://dx.doi.org/10.3390/info8030081 http://hdl.handle.net/11449/169908 |
identifier_str_mv |
Information (Switzerland), v. 8, n. 3, 2017. 2078-2489 10.3390/info8030081 2-s2.0-85022197067 2-s2.0-85022197067.pdf |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
Information (Switzerland) 0,222 |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.source.none.fl_str_mv |
Scopus reponame:Repositório Institucional da UNESP instname:Universidade Estadual Paulista (UNESP) instacron:UNESP |
instname_str |
Universidade Estadual Paulista (UNESP) |
instacron_str |
UNESP |
institution |
UNESP |
reponame_str |
Repositório Institucional da UNESP |
collection |
Repositório Institucional da UNESP |
repository.name.fl_str_mv |
Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP) |
repository.mail.fl_str_mv |
|
_version_ |
1808128540085846016 |