Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

User-Friendly Authentication and Authorization Using a Smartphone Proxy

  • Conference paper
Computer Aided Systems Theory - EUROCAST 2013 (EUROCAST 2013)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8112))

Included in the following conference series:

  • 2017 Accesses

Abstract

We present a novel approach to authenticate and authorize a user, using her personal smartphone. The presented architecture is complemented with a proof-of-concept implementation. The implemented system architecture is based on a single sign-on solution (SSO), extended to allow the usage of the smartphone as authentication and authorization device. We evaluated the system within real-world scenarios, observing users’ behavior using the novel technique. Based on our experiences, we summarize advances, made both in usability and security, for novel implementations using the proposed concept.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Hammer-Lahav, E.: RFC 5849 – The OAuth 1.0 protocol. Technical report, IETF (2010)

    Google Scholar 

  2. Recordon, D., Reed, D.: OpenID 2.0: A Platform for User-Centric Identity Management. In: Proceedings of the 2nd ACM workshop on Digital Identity Management, DIM 2006, pp. 11–16. ACM, New York (2006)

    Google Scholar 

  3. Miculan, M., Urban, C.: Formal analysis of Facebook Connect single sign-on authentication protocol. In: SOFSEM, vol. 11, pp. 22–28 (2011)

    Google Scholar 

  4. Erdos, M., Cantor, S.: Shibboleth-Architecture Draft v05. Internet2/MACE (May 2002)

    Google Scholar 

  5. Parker, T.: Single Sign-On Systems – The Technologies and the Products. In: European Convention on Security and Detection, pp. 151–155 (May 1995)

    Google Scholar 

  6. M’Raihi, D., Bellare, M., Hoornaert, F., Naccache, D., Ranen, O.: RFC 4226 – HOTP: An HMAC-Based One-Time Password Algorithm. Technical Report 4226, IETF (December 2005)

    Google Scholar 

  7. De Luca, A., Frauendienst, B., Boring, S., Hussmann, H.: My Phone is my Keypad: Privacy-Enhanced PIN-Entry on Public Terminals. In: Proceedings of the 21st Annual Conference of the Australian Computer-Human Interaction Special Interest Group: Design: Open 24/7, OZCHI 2009, pp. 401–404. ACM, New York (2009)

    Chapter  Google Scholar 

  8. Vapen, A., Byers, D., Shahmehri, N.: 2-clickAuth Optical Challenge-Response Authentication. In: IEEE International Conference on Availability, Reliability, and Security, pp. 79–86 (2010)

    Google Scholar 

  9. Mayrhofer, R., Fuss, J., Ion, I.: UACAP: A Unified Auxiliary Channel Authentication Protocol. IEEE Transactions on Mobile Computing 99 (2012)

    Google Scholar 

  10. Mizuno, S., Yamada, K., Takahashi, K.: Authentication Using Multiple Communication Channels. In: Proceedings of the 2005 Workshop on Digital Identity Management, DIM 2005, pp. 54–62. ACM, New York (2005)

    Chapter  Google Scholar 

  11. De Luca, A., Frauendienst, B.: A Privacy-Respectful Input Method for Public Terminals. In: Proceedings of the 5th Nordic Conference on Human-computer Interaction: Building Bridges. NordiCHI 2008, pp. 455–458. ACM, New York (2008)

    Google Scholar 

  12. Möller, A., Michahelles, F., Diewald, S., Roalter, L., Kranz, M.: Update Behavior in App Markets and Security Implications: A Case Study in Google Play. In: Poppinga, B. (ed.) Proceedings of the 3rd International Workshop on Research in the Large. Held in Conjunction with Mobile HCI, pp. 3–6 (September 2012)

    Google Scholar 

  13. Müller, J., Alt, F., Michelis, D.: Pervasive Advertising. Pervasive Advertising, 1–29 (2011)

    Google Scholar 

  14. Kranz, M., Holleis, P., Schmidt, A.: Ubiquitous Presence Systems. In: Proceedings of the 2006 ACM Symposium on Applied Computing, pp. 1902–1909. ACM, New York (2006)

    Chapter  Google Scholar 

  15. Davies, N., Langheinrich, M., Jose, R., Schmidt, A.: Open Display Networks: A Communications Medium for the 21st Century. Computer 45(5), 58–64 (2012)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Media Technology, Technische Universität München, Munich, Germany

    Luis Roalter, Stefan Diewald & Andreas Möller

  2. Lehrstuhl für Informatik mit Schwerpunkt Eingebettete Systeme, Universität Passau, Passau, Germany

    Tobias Stockinger & Matthias Kranz

Authors
  1. Luis Roalter
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefan Diewald
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andreas Möller
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tobias Stockinger
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Matthias Kranz
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Universidad de Las Palmas de Gran Canaria, Instituto Universitario de Ciencias y Tecnologías Cibernéticas, Campus de Tafira, 35017, Las Palmas de Gran Canaria, Spain

    Roberto Moreno-Díaz  & Alexis Quesada-Arencibia  & 

  2. Johannes Kepler Universität Linz, Altenbergerstrasse 69, 4040, Linz, Austria

    Franz Pichler

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Roalter, L., Diewald, S., Möller, A., Stockinger, T., Kranz, M. (2013). User-Friendly Authentication and Authorization Using a Smartphone Proxy. In: Moreno-Díaz, R., Pichler, F., Quesada-Arencibia, A. (eds) Computer Aided Systems Theory - EUROCAST 2013. EUROCAST 2013. Lecture Notes in Computer Science, vol 8112. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-53862-9_50

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-53862-9_50

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-53861-2

  • Online ISBN: 978-3-642-53862-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation