期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于WPKI的双因素认证方案

Dual-factor authentication scheme based on WPKI
下载PDF
导出
摘要 随着基于互联网的服务(电子商务、电子政务)的普及,为企业资源访问提供强认证的需求显得非常重要,因此双因素认证成为研究的重点。然而当前的双因素认证系统存在信道单一、部署成本昂贵的问题。利用STK技术设计了一个能够实现WPKI功能的安全SIM卡--PK-SIM卡,将WPKI引入基于SIM卡的认证系统中,利用加密短消息作为信息载体,设计并实现了一个双因素身份认证系统。重点介绍了该的组成原理、工作流程,并分析了系统的安全性。 The need for affordable stronger authentication for enterprise access is getting more urgent with the pervasion oflnternet- based service, such as E-commerce and E-government. Most of the studies focus on dual-factor authentication. However, existent authentication system based on dual-factor using a single channel generates an expensive authentication system. In this contribution, a PK-SIM card is designed and realized based on STK technology firstly, which is a regular SIM card with additional WPKI-functionality and is used in any mobile phone which support STK function. Using the encrypt-SMS, then, a secured remote access scheme based on the PK-SIM card is presented. The architecture and workflow of the authentication scheme is introduced in detail, and its security is analyzed as well.
作者 鹤荣育
机构地区 解放军信息工程大学电子技术学院
出处 《计算机工程与设计》 CSCD 北大核心 2009年第1期35-37,135,共4页 Computer Engineering and Design
基金 "金盾"工程基金项目(J1GAB23W013)
关键词 双因素 STK 身份认证 短消信(SMS) SIM卡 WPKI dual-factor STK authentication SMS SIMcard WPKI
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献10

  • 1WPKI specification-mandatory[R].http://www.wpki.net/filema/ WPKI_Specification_Mandatory_1.pdf.
  • 2Scott B Guthery, Cronin Mary J.Mobile application development with SMS and the SIM toolkit [M]. McGraw-Hill Companies Inc,2002.
  • 3Joris Claessens,Bart Preneel,Joos Vandewalle.Combining world wide web and wireless security [C]. Network Security, 2001: 153-172.
  • 4Torres J, Izquierdo A, Sierra J M. Advances in network smart cards authentication[J].Computer Networks, 2007,51(9):2249- 2261.
  • 5Vorapranee Khu-Smith,Chris J Mitchell.Enhancing E-commerce security using GSM authentication[C]. EC-Web,2003:72-83.
  • 6Wangensteen A,Lunde L, Jorstad I,et al.Secured enterprise access with strong SIM authentication[C]. 10th IEEE International on Enterprise Distributed Object Computing Conference, 2006: 463 -466.
  • 7Ali Mabrouk, Al-Qayedi A, Adi W, et al,Combined web/mobile authentication for secure web access control [C]. Proceedings of the WCNC Conference, IEEE Communications Society,2004: 677-681.
  • 8Me G,Pirro D,Sarrecchia R.A mobile based approach to strong authentication on web[C]. Proceedings of International Multi- Conference on Computing in the Global Information Technology, IEEE Computer Society press, 2006:67-71.
  • 9容晓峰,苏瑞丹,崔树鹏,汪宁,周利华.基于SIM卡的双因素认证方案[J].计算机工程与应用,2004,40(13):147-149. 被引量:8
  • 10Haverinen H,Salowey J.EAP-SIM authentication[Z].RFC 4186, IETF, 2006.

二级参考文献8

  • 1RSA Laboratories. PKCS #15 v1.0:Cryptographic Token Information Format Standard[S]
  • 2SIM-Basic Tutorial:The Technical Platform for Commercial Services.Available at: http://www.smarttrust.com/sim/default.asp
  • 3H Krawczyk,M Bellare,R Canetti.HMAC:Keyed-Hashing for Message Authentication[S].RFC2104,1997-02
  • 4Olle Kallstrom. Business solutions for mobile e-commerce. Available at: http://www.mcl.hu/mmrel/related/mobip_a.pdf
  • 5Hung-Yu Lin,Lein Harn,Vijay Kumar. Authentication Protocols in Wireless Communications. Available at:http://www.mcl.hu/mmrel/related/authentication-protocols-in-wircless.pdf
  • 6Tuomas Aura. Strategies against Replay Attacks. Available at:http://www.saturn.tcs.hut.fi/Publications/papers/aura/aura-csfws97.ps
  • 7International Organisation for Standardisation(ISO),JTC 1/SC 17.ISO/IEC 7816 Identification cards-Integrated circuit(s)cards with contacts[S]
  • 8Digital cellular telecommunications system(Phase 2+);Specification of the Subscriber Identity Module - Mobile Equipment(SIM-ME)interface(GSM 11.11 version 8.3.0 Release 1999)[S].Available at:http://www.etsi.org, 2000

共引文献7

计算机工程与设计
2009年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部