Abstract
Due to the complexity and volume, memorizing static usernames and passwords is deemed to be one of the most cumbersome tasks for ordinary users. Nevertheless, verifying the access legitimacy of a user without using a verification table and securely granting permissions based on an access control policy assigned to the user are two critical challenges to build an authentication scheme which is practical and effective. Traditional approaches either completely ignore the importance of user-centric access control or rely on a single point of verification or a third party authority; but in practice, access control and distributed verifiers are important for enhancing security and dealing with the dynamics caused by the user online browsing activities. In this paper, we propose a threshold-based authentication system leveraging user computing devices and allowing users to designate various permissions. Various (t,n) physical or virtual devices can participate to run an authentication protocol and provide the user with a one-time credential to access an online banking system. Our evaluation and results show that the solution is not only practical, but it also minimizes the risks associated with traditional approaches.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
