摘要
为了研究安全级别较高、用户满意度好、可操作性优良的安全密钥,提出一种基于浏览器在线服务的安全密钥。安全密钥是一种第二因子设备,提出的设计重点满足易于使用、易于开发和安全隐私性的特点。设计围绕注册、身份验证、设备认证和客户端数据展开。综合分析表明了提出的安全密钥能够提高安全等级和用户满意度。与一次性密码(OTP)相比,提出的设计平均身份验证时间更短。登录操作所需时间低于1 s,而注册操作时间在2 s以内,因而可以扩展到面向客户的网络应用。
To provide a security key with high security level, good user satisfaction and excellent operability, a security key based on web browser and online service is proposed. Security key is a kind of second-factor device, and the proposed design focuses on meeting the requirements of easy-to-use, easy-to-develop as well as security and privacy. The design is centered around registration, authentication, device authentication and client data deployment. Comprehensive analysis shows that the proposed security key leads to a higher security level and a better user satisfaction. Compared with One Time Password(OTP), the proposed design needs less time for average authentication. The operation time required for log in is less than 1 s, while the registration time is within 2 s, so it can be extended to customer-oriented network applications.
作者
高瑾
白亮
GAO Jin;BAI Liang(College of Informatics,Business College of Shanxi University,Taiyuan 030031,China;College of Computer and Information Technology,Shanxi University,Taiyuan 030006,China)
出处
《计算机工程与应用》
CSCD
北大核心
2018年第17期71-76,134,共7页
Computer Engineering and Applications
基金
山西省自然科学基金(No.2013011066-4)
山西省青年科技基金(No.2013021018-1)