Preview

Mobile Security

Powerful Essays
Open Document
Open Document
3398 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Mobile Security
2011 International Conference on Communication Systems and Network Technologies

Token Based Authentication using Mobile Phone
Parekh Tanvi SIMS, Indore tanvi.parekh@sims-indore.com Gawshinde Sonal SSSIST, Indore sonal209@yahoo.co.in Sharma Mayank Kumar IET-DAVV, Indore leomayank @yahoo.com

Abstract: Digital identity is the key representation of user and getting most crucial subject for information security. The password based authentication is weak solution and no longer adequate. User select static password which is easy to guess and remember, relevant information or common for all authentication process. This simplicity makes weak authentication scheme; as so far, static passwords are known as easiest target for attackers. Further, Security Token based runtime interaction could extend the strength of authentication control. Security tokens can be used for strong authentication but inconvenient for user and costly for the service providers. To avoid the user inconvenient and extra cost mobile phone is an emerging alternative. These papers comprise the study of various digital identification schemes and give motivation to integrate mobile token. In order to establish standard for mobile token, work starts with the review of current schemes and explores the security architecture for strong authentication with mobile token. Password algorithm is derived to generate dynamic password for token authentication. Thereafter explore various authentication mechanisms to implement mobile token on different prospective. At the end, it describes the various test cases and evolutionary result of various attacks on suggested schemes.

could be great solution. These solutions make cheaper and flexible strong authentication for user as well as for the service provider and reduces worry of carrying extra hardware for identification only. In this paper we have used mobile phone as security token and proposed an authentication model for strong digital identification. To increase


References: Fadi Aloul, Syed Zahidi, Wassim El-Hajj “Two Factor Authentication Using Mobile Phones” proceeding of 978-1-42443806-8/0 IEEE Conference in 2009. 2. SIMSON L. GARFINKEL “Email-Based Identification and Authentication: An Alternative to PKI?” published by The IEEE Computer Society proceeding 1540-7993/03 in 2003. 3. Ghassan Kbar “Wireless Network Token-Based Fast Authentication” published in proceeding of 17th International Conference on Telecommunication 978-1-4244-5247-7/09 in 2010. 4. Sharma M.K., Gawshinde S., Parekh T., “Values of Authentication in E-Business” published in proceeding of 1st International Conference in 2011. 5. Do van Thanh, Ivar Jorstad, Tore Jenvik “Strong Authentication with mobile phone as token” Proceeding of 978-1-4244-5113-5/09 IEEE Conference in 2009. 6. Haidong Xia, Jos´e Brustoloni “Virtual Prepaid Tokens for Wi-Fi Hotspot Access” Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks (LCN’04) 0742-1303-in 2004. 7. Hristo Bojinov, Dan Boneh “Mobile Token-Based Authentication on a Budget” in Proceeding ACM 978-1-4503-0649-2 in 2010. 8. L. E. Sebola and W.T. Penzhorn “A Secure Mobile Commerce System for the Vending of Prepaid Electricity Tokens”. 9. D. Ilett, “US Bank Gives Two-Factor Authentication to Millions of Customers” 2005. 10. A. Herzberg, “Payments and Banking with Mobile Personal Device” Communications of the ACM, 46(5), 53-58, May 2003. 11. “RSA Security Selected by National Bank of Abu Dhabi to ProtectvOnline Banking Customers” 2005 Available at http:// www.rsa.com/press reease.aspx: id=6092. 1. Table 1 Comparison of two factor Authentication VII. CONCLUSION Security is the mandatory key element to get success of any digital solution. Authentication is the way to prove that; the user, trying to access the account is authentic? This paper explores the possibilities to use of mobile phone instead of security tokens for strong authentication. Static password is no longer secure and easily vulnerable for attackers. Security token can be easily extending the authentication strength but extra cost, single use and server synchronization become most shortcoming issues. Further, hardware token is given to each user for the respective account which increases the number of carried tokens and the cost. For the manufacturing and maintaining them, has become a burden on both the client and 88
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Better Essays

    Cmgt400 Week3
    • 1493 Words
    • 6 Pages

    Cmgt400 Week3

    Security authentication is a hot topic in today 's business world. However, many people may have differing ideas when it comes to what security authentication actually is. This paper will address those perceptions in a straightforward and easy to understand manner.…

    • 1493 Words
    • 6 Pages
    Better Essays
    Read More
  • Powerful Essays

    cgmt 400 week 3 individual securing and protecting information
    • 1478 Words
    • 5 Pages

    cgmt 400 week 3 individual securing and protecting information

    Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. Consumer Electronics, IEEE Transactions on, 50(1), 231-…

    • 1478 Words
    • 5 Pages
    Powerful Essays
    Read More
  • Better Essays

    CMGT 400: Securing And Protecting Information
    • 1097 Words
    • 5 Pages

    CMGT 400: Securing And Protecting Information

    Various authentication methods are used and range from the simple to complex. The security level provided will vary depending on the utilized technique and deployment method. The most dominant method involves authentication with a password and username. However, this is also one of the most insecure methods. We can describe these devices and systems depending on the three factors:…

    • 1097 Words
    • 5 Pages
    Better Essays
    Read More
  • Powerful Essays

    Securing and Protecting Information
    • 1465 Words
    • 4 Pages

    Securing and Protecting Information

    Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. Consumer Electronics, IEEE Transactions on, 50(1), 231.…

    • 1465 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Pwdhash
    • 9759 Words
    • 40 Pages

    Pwdhash

    hackers to break into a low security site that simply stores username/passwords in the clear and use the retrieved passwords at a high security site, such as a bank. This attack, which requires little work, can lead to the theft of thousands of banking passwords. While password authentication could be abandoned in favor of hardware tokens or client certificates, both options are difficult to adopt because of the cost and inconvenience of hardware tokens and the overhead of managing client certificates. In this paper, we describe the design, user interface, and implementation of a browser extension, PwdHash, that strengthens web password authentication. We believe that by providing customized passwords, preferably over SSL, we can reduce the threat of password attacks with no server changes and little or no change to the user experience. Since…

    • 9759 Words
    • 40 Pages
    Powerful Essays
    Read More
  • Good Essays

    Password Protection
    • 4064 Words
    • 17 Pages

    Password Protection

    Today, everyone is having online banking account and e-mail account . Safety is an important aspect. If some intruder steal our password, then we have to pay high price for it. So protecting password is a significant factor for each and every one in this e-world. This speech provides mechanism to protect our online password.…

    • 4064 Words
    • 17 Pages
    Good Essays
    Read More
  • Better Essays

    Security Risk Associated with Mobile Devices
    • 1441 Words
    • 6 Pages

    Security Risk Associated with Mobile Devices

    Bibliography: Certic, S. (2013, February 18). The Future of Mobile Security. Computer Science - Cryptography and Security.…

    • 1441 Words
    • 6 Pages
    Better Essays
    Read More
  • Powerful Essays

    Credit Card Security System Using Gsm
    • 16993 Words
    • 68 Pages

    Credit Card Security System Using Gsm

    In this chapter introduction of the CREDIT CARD SECURITY SYSTEM USING GSM are discussed. It gives overall view of the project design and the related literature and the environment to be considered. Chapter wise organization discuss the main processing done using LPC 2148 microcontroller and then what is the process that can be automated which is within the scope of the work. Then we discuss the implementation aspects.…

    • 16993 Words
    • 68 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Octopus System in the Education Sector
    • 260 Words
    • 2 Pages

    Octopus System in the Education Sector

    With personal identification store in the Octopus cards and the server, we also have concerns regarding to the security and privacy of the system. We will analyze the current security measures and suggest changes to enhance the protection.…

    • 260 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    16 Mobile Devices and Social Networking Security Solution
    • 2535 Words
    • 11 Pages

    16 Mobile Devices and Social Networking Security Solution

    Abstract: Nowadays almost everyone is using smart phones. They are becoming an essential tool in human being’s everyday life. They are not only used for mere communication such as calling or sending text messages; however, they are also used in applications such as for accessing internet, receiving and sending emails and storing documents. As a result of this, not only phone numbers and addresses are stored in the mobile device but also financial information and business details which definitely should be kept private. And if the device is being stolen, each and every information is in the hands of the new owner. That’s why; the biggest challenge is the security. When it is necessary to confirm the user identity on systems to perform a given operation, the term User Authentication is used. Traditionally, people prove their identity by providing passwords. The average person today has about 25 password protected accounts (according to Microsoft study), more passwords than they can reasonably be expected to remember. People compensate by using the same password for multiple accounts, and by choosing passwords that are easy to remember. But, unfortunately easy to remember means easy to guess. Other user select difficult passwords but then write them down where unauthorized eyes can find them. That’s why, identity based on what you know (login and password) and what you have (ID cards) can be easily stolen. As we want trust (security), the notion what you are is a new opportunity to user authentication. Biometric Authentication is answer for that. Biometric is a characteristic of human being that distinguishes one person from another. For example, finger prints, retina, face recognition, etc. This can be used for identification or verification of identity. Keywords: FAR, FRR, ROC, EER, FTE, FTC. B.…

    • 2535 Words
    • 11 Pages
    Better Essays
    Read More
  • Better Essays

    Security
    • 3919 Words
    • 16 Pages

    Security

    • A “hash” is a short function of a message, f ti f sometimes called a “message digest” g g • BUT: a hash is not uniquely reversible • Many messages have the same hash…

    • 3919 Words
    • 16 Pages
    Better Essays
    Read More
  • Powerful Essays

    Authentication in VANET
    • 5048 Words
    • 22 Pages

    Authentication in VANET

    1286 IEEE LATIN AMERICA TRANSACTIONS, VOL. 11, NO. 6, DECEMBER 2013 An Improved Scheme for Key Management of RFID in Vehicular Adhoc Networks Q. Zhang, M. A. Almulla and A. Boukerche Abstract— Vehicular Ad hoc Networks (VANETs) are emerging as a promising approach to improving traffic safety and providing a wide range of wireless applications for all road users. This paper addresses an improved authentication scheme for Radio frequency identification (RFID) applied in VANETs.…

    • 5048 Words
    • 22 Pages
    Powerful Essays
    Read More
  • Good Essays

    Digital Jewelry
    • 473 Words
    • 2 Pages

    Digital Jewelry

    Digital jewellry is the fashion jewelry with embedded intelligence. “Digital jewellery”can help you solve problems like forgotten passwords and security badges. “Digital jewelry” is a nascent catchphrase for wearable ID devices that contain personal information like passwords, identification, and account information. They have the potential to be all-in-one replacements for your driver's license, key chain, business cards, credit cards, health insurance card, corporate security badge, and loose cash. They can also solve a common dilemma of today's wired world – the forgotten password.…

    • 473 Words
    • 2 Pages
    Good Essays
    Read More
  • Good Essays

    Sms Project
    • 5180 Words
    • 21 Pages

    Sms Project

    Nowadays mobile phone communications (phone calls) are used mostly by everyone due to the GSM technology. In mobile phones there are several services a person can use to communicate other than making a phone call such as; SMS, MMS, contact registry and cameras. The most commonly used service after phone calls is the SMS that most of us find it easier even faster to share or to communicate with one another. An SMS (short message service) is a text messaging service component in mobile phones that is offered by operators. Several companies presently are using SMS as a business tool/strategy in running their business. High authorities such as government organizations also make use of SMS technology. However, SMS technology is venerable to intruders or attackers whom threats the security of sensitive data transmitted through. In this paper we will show SMS security threats and the proposed solution to overcome such threats, by encrypting SMS messages using Diffie-Hellman. Telecommunication companies, E-marketers and banks are using SMS to run their business like; offering wallpapers, songs, mobile banking, hotel packages, etc... When the user subscribes to such services and interacts with them it will benefits those companies. In addition to that, banks and government departments uses SMS to provide their services in a convenient way. On the other hand there is a serious issue in SMS security because of several attacks that took place in the transmission medium. It is a great technology to use but it lacks security when sending our personal or sensitive information. That is because in GSM network the transmission channel is not secured allows intruders to intercept and keep record of any message passing through. In addition, telecommunication companies do not provide security service. Besides, there is no mandatory requirement for SMS system implantation which means confidentiality and…

    • 5180 Words
    • 21 Pages
    Good Essays
    Read More
  • Good Essays

    Zalora Case Study
    • 783 Words
    • 4 Pages

    Zalora Case Study

    Technology have changed and molded each and everyone of us. The habits we have now formed have never been seen half a century ago. Hence, it is time for our company to identify these new trends and secure the next generation of consumer. In recent years, Smartphone usage have skyrocketed, this is mainly due to the reason of the rising trend of low cost Smartphones (Srivastava, 2014). With more people having the access to Smartphones, internet usage on the go have also greatly increased and therefore sparked an increase in e-commerce due to the ease of access to the internet.…

    • 783 Words
    • 4 Pages
    Good Essays
    Read More

Related Topics