search query: @keyword security token / total: 1
reference: 1 / 1
« previous | next »
Author: | Andrade, André |
Title: | Strong mobile authentication in single sign-on systems |
Publication type: | Master's thesis |
Publication year: | 2011 |
Pages: | ix + 92 Language: eng |
Department/School: | Tietotekniikan laitos |
Main subject: | Tietokoneverkot (T-110) |
Supervisor: | Aura, Tuomas ; Ferreira, Paulo |
Instructor: | Suoranta, Sanna |
OEVS: | Electronic archive copy is available via Aalto Thesis Database.
Instructions Reading digital theses in the closed network of the Aalto University Harald Herlin Learning CentreIn the closed network of Learning Centre you can read digital and digitized theses not available in the open network. The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/ You can read theses on the Learning Centre customer computers, which are available on all floors.
Logging on to the customer computers
Opening a thesis
Reading the thesis
Printing the thesis
|
Location: | P1 Ark Aalto 6732 | Archive |
Keywords: | strong authentication security token mobile phone credential SSO federation identity management PKI SIM ObC |
Abstract (eng): | With high risk services, such as online banking, coming to the Internet, traditional authentication schemes like username and password are no longer sufficient to cope with the latest security threats. Therefore, strong authentication methods that use two or more identification factors are becoming more relevant to web authentication. These methods often require an additional device to act as a security token. The mobile phone qualifies as a cheap, available and usable option. Moreover, single sign-on (SSO) authentication systems offer more usability and flexibility to authentication, and enhance identity management. Hence, SSO and strong authentication complement each other. SSO provides the advantages mentioned above and strong authentication offers a safer method for service providers to authenticate users. This thesis focuses on studying the state-of-the-art methods of strong web authentication, SSO technologies and the use of the mobile phone as a security token. The main contribution is a strong authentication protocol for SSO systems using the mobile phone as security token. It aims to be a secure, usable, flexible and cost-efficient user authentication platform that does not assume a direct connection between the device that accesses the services and the security token. The solution is based on PKI and mobile certificates, session management, and a hardware-based secure credential manager in the mobile phone. Furthermore, this thesis describes a proof-of-concept implementation of the protocol using the Shibboleth federated SSO system and On-board Credentials from Nokia. The prototype achieves usable strong authentication using the mobile phone, and integrates easily with the SSO platform. |
ED: | 2011-08-16 |
INSSI record number: 42646
+ add basket
« previous | next »
INSSI