%0 Conference Proceedings
%T Enhancing CardSpace Authentication Using a Mobile Device
%+ Goldsmiths, University of London (Goldsmiths College)
%A Al-Sinani, Haitham, S.
%A Mitchell, Chris, J.
%Z Part 8: Authentication and Secret Sharing
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 23th Data and Applications Security (DBSec)
%C Richmond, VA, United States
%Y Yingjiu Li
%I Springer
%3 Data and Applications Security and Privacy XXV
%V LNCS-6818
%P 201-216
%8 2011-07-11
%D 2011
%R 10.1007/978-3-642-22348-8_16
%K CardSpace
%K OTP
%K mobile device
%K authentication
%Z Computer Science [cs]Conference papers
%X In this paper we propose a simple, novel scheme for using a mobile device to enhance CardSpace authentication. During the process of user authentication on a PC using CardSpace, a random and short-lived one-time password is sent to the user’s mobile device; this must then be entered into the PC by the user when prompted. The scheme does not require any changes to login servers, the CardSpace identity selector, or to the mobile device itself. We specify the scheme and give details of a proof-of-concept prototype. Security and operational analyses are also provided.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01586573/document
%2 https://inria.hal.science/hal-01586573/file/978-3-642-22348-8_16_Chapter.pdf
%L hal-01586573
%U https://inria.hal.science/hal-01586573
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-6818