AN IDENTIFY AUTHENTICATION SYSTEM BASED ON MOBILE PHONE TOKEN
Anthentication is a mechanism to establish proof of identities. Traditional password authentication could not provide enough security for the information system when it faces the most modern means of attack. The problem could be solved by taking token authentication, but as a new authentication system, it is difficult connecting with existed authentication systems, especially in the authorized access control system. In this paper, we propose a new token authentication scheme, which can closely integrate with the traditional authentication system to form a seamless interface and directly use the corresponding authorization and the access control service, and realize a prototype system finally. In our model of authentication, we transform the challenge-response token authentication to password authentication, which solves the secure problem of the password authentication; develope a mobile phone token software based on the lightweight crypt package from Bouncy Castle and the J2ME platform, which solves schemes feasible problem; design a bluetooth communication model between the mobile phone token and the PC; complete the development of mobile phone token authentication prototype system finally.
Authentication Challenge-response Mobile phone Token
Kunyu Peng Jiande Zheng Jing Yang
Xiamen University, Xiamen Department of Computer Science
国际会议
北京
英文
570-575
2009-11-06(万方平台首次上网日期,不代表论文的发表时间)