Mobile authentication secure against Man-In-The-Middle attacks

Kemal Bicakci; Devrim Unal; Nadir Ascioglu; Oktay Adalier

doi:10.1016/j.procs.2014.07.031

Mobile authentication secure against Man-In-The-Middle attacks

Kemal Bicakci
, Devrim Unal
, Nadir Ascioglu^*
, Oktay Adalier

^*Bu çalışma için yazışmadan sorumlu yazar

Araştırma sonucu: Dergiye katkı › Konferans makalesi › bilirkişi

13 Atıf (Scopus)

Özet

Current mobile authentication solutions put a cognitive burden on users to detect and avoid Man-In-The-Middle attacks. In this paper, we present a mobile authentication protocol named Mobile-ID which prevents Man-In-The-Middle attacks without relying on a human in the loop. With Mobile-ID, the message signed by the secure element on the mobile device incorporates the context information of the connected service provider. Hence, upon receiving the signed message the Mobile-ID server could easily identify the existence of an on-going attack and notify the genuine service provider.

Orijinal dil	İngilizce
Sayfa (başlangıç-bitiş)	323-329
Sayfa sayısı	7
Dergi	Procedia Computer Science
Hacim	34
DOI'lar	https://doi.org/10.1016/j.procs.2014.07.031
Yayın durumu	Yayınlandı - 2014
Harici olarak yayınlandı	Evet
Etkinlik	9th International Conference on Future Networks and Communications, FNC 2014 and the 11th International Conference on Mobile Systems and Pervasive Computing, MobiSPC 2014 - Niagara Falls, ON, Canada Süre: 17 Ağu 2014 → 20 Ağu 2014

Belgeye Erişim

10.1016/j.procs.2014.07.031

Diğer Dosyalar ve Linkler

Link to publication in Scopus

Alıntı Yap

@article{26939e88de2345528d52d90794c16df1,

title = "Mobile authentication secure against Man-In-The-Middle attacks",

abstract = "Current mobile authentication solutions put a cognitive burden on users to detect and avoid Man-In-The-Middle attacks. In this paper, we present a mobile authentication protocol named Mobile-ID which prevents Man-In-The-Middle attacks without relying on a human in the loop. With Mobile-ID, the message signed by the secure element on the mobile device incorporates the context information of the connected service provider. Hence, upon receiving the signed message the Mobile-ID server could easily identify the existence of an on-going attack and notify the genuine service provider.",

keywords = "Authentication, Man-In-The-Middle attack, Mobile signature, Phishing, Secure element, Security protocol",

author = "Kemal Bicakci and Devrim Unal and Nadir Ascioglu and Oktay Adalier",

year = "2014",

doi = "10.1016/j.procs.2014.07.031",

language = "English",

volume = "34",

pages = "323--329",

journal = "Procedia Computer Science",

issn = "1877-0509",

publisher = "Elsevier B.V.",

note = "9th International Conference on Future Networks and Communications, FNC 2014 and the 11th International Conference on Mobile Systems and Pervasive Computing, MobiSPC 2014 ; Conference date: 17-08-2014 Through 20-08-2014",

}

TY - JOUR

T1 - Mobile authentication secure against Man-In-The-Middle attacks

AU - Bicakci, Kemal

AU - Unal, Devrim

AU - Ascioglu, Nadir

AU - Adalier, Oktay

PY - 2014

Y1 - 2014

N2 - Current mobile authentication solutions put a cognitive burden on users to detect and avoid Man-In-The-Middle attacks. In this paper, we present a mobile authentication protocol named Mobile-ID which prevents Man-In-The-Middle attacks without relying on a human in the loop. With Mobile-ID, the message signed by the secure element on the mobile device incorporates the context information of the connected service provider. Hence, upon receiving the signed message the Mobile-ID server could easily identify the existence of an on-going attack and notify the genuine service provider.

AB - Current mobile authentication solutions put a cognitive burden on users to detect and avoid Man-In-The-Middle attacks. In this paper, we present a mobile authentication protocol named Mobile-ID which prevents Man-In-The-Middle attacks without relying on a human in the loop. With Mobile-ID, the message signed by the secure element on the mobile device incorporates the context information of the connected service provider. Hence, upon receiving the signed message the Mobile-ID server could easily identify the existence of an on-going attack and notify the genuine service provider.

KW - Authentication

KW - Man-In-The-Middle attack

KW - Mobile signature

KW - Phishing

KW - Secure element

KW - Security protocol

UR - https://www.scopus.com/pages/publications/84906808148

U2 - 10.1016/j.procs.2014.07.031

DO - 10.1016/j.procs.2014.07.031

M3 - Conference article

AN - SCOPUS:84906808148

SN - 1877-0509

VL - 34

SP - 323

EP - 329

JO - Procedia Computer Science

JF - Procedia Computer Science

T2 - 9th International Conference on Future Networks and Communications, FNC 2014 and the 11th International Conference on Mobile Systems and Pervasive Computing, MobiSPC 2014

Y2 - 17 August 2014 through 20 August 2014

ER -

Mobile authentication secure against Man-In-The-Middle attacks

Özet

Belgeye Erişim

Diğer Dosyalar ve Linkler

Parmak izi

Alıntı Yap