A Tokenization-Based Communication Architecture for HCE-Enabled NFC Services

Özdenizci, Büşra; Ok, Kerem; Çoşkun, Vedat

doi:10.1155/2016/5046284

Cited by 9 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, connections to external authentication services can be realized in order to offer 1FA, 2FA or MFA for heightened security scenarios. In situations where additional security layers are needed, integration with OTP (one-time password) services via OTA (over-the air) [15,16] or biometric controls can be added. The infrastructure layer, in essence, provides the backbone, supporting and enhancing all functionalities of the BlockSSI-CRS system.…”

Section: System Architecturementioning

confidence: 99%

A Blockchain-Enhanced Self-Sovereign Identity Platform for Corporate Resource Security

Ozdenizci Kose,

Coskun,

Coskun

et al. 2023

ACPS

Self Cite

View full text Add to dashboard Cite

In an era dominated by concerns of data breaches, and identity theft, security of corporate resources and assets has become paramount. Centralized identity management systems traditionally present vulnerabilities that can fundamentally threaten corporate security. This paper introduces a novel platform to identity management in organizations, leveraging the principles of Self-Sovereign Identity (SSI) and the technological robustness of block- chain. By giving individuals unwavering control over their digital identities and reducing dependence on centralized intermediaries, SSI provides a transformative advancement in security and privacy. When combined with blockchain's immutable, decentralized, and transparent nature, this model ensures a verifiable, tamper-proof, and holistic iden- tity management system. Beyond individual identity man- agement, this paradigm provides corporations with a ro- bust mechanism to protect their assets, both digital and physical. We explore the architectural design and benefits of implementing the proposed system, BlockSSI-CRS, emphasizing its transformative potential for corporate resource protection. Through rigorous analysis, this paper highlights the feasibility of a blockchain-enhanced SSI platform in the context of corporate security needs.

show abstract

Section: System Architecturementioning

confidence: 99%

A Blockchain-Enhanced Self-Sovereign Identity Platform for Corporate Resource Security

Ozdenizci Kose,

Coskun,

Coskun

et al. 2023

ACPS

Self Cite

View full text Add to dashboard Cite

show abstract

“…Summary from [9]- [11], [13], [14], a TSP of centralized tokenization system generally has the following components:…”

Section: A Centralized Tokenization Technologiesmentioning

confidence: 99%

State of the Art: Secure Mobile Payment

Liu

Peng

2020

IEEE Access

View full text Add to dashboard Cite

With mobile payments popular around the world, payers can conduct a payment anytime and anywhere. While providing great convenience, mobile payment also brings many payment security issues. This paper is the first comprehensive review of secure mobile payment. We classify the mobile payment into TPC(third-party payment company)-led mobile payment and Bank-led mobile payment, and based on this, summarize the system structure of mobile payment. Then we discuss the mobile payment security technology framework from Tokenization, PAN(bank card primary account number) binding, and Secure Payment Authentication, respectively. Besides, this paper introduces secure technologies(hardware and software) used in these procedures, discusses and analyzes the security issues that they have been encountered, summarise open issues, and proposes future development directions. In the end, we give the discussion and comparison of popular and representative mobile payment applications, including Alipay, Wechat Pay, Apple Pay, Samsung Pay, and Google Pay. INDEX TERMS Tokenization, symmetric cryptosystem, hybrid cryptosystem, PAN binding, TOTP, remote payment, near-field payment.

show abstract

“…If the OTP verification succeeds, SP generates the Access Token ( Token ) for the user (step 6) and sends it to the smartwatch (step 7). Although we do not need specific assumptions on the token generation procedure, we suggest the usage of Random Number Generator algorithms for creating token values as described in the work of Ozdenizci et al…”

Section: Use Case Scenario: Smart Lock Access Controlmentioning

confidence: 99%

Securing PIN‐based authentication in smartwatches with just two gestures

Guerar

Migliardi

Palmieri

et al. 2019

Concurrency and Computation

View full text Add to dashboard Cite

Summary Smartwatches are becoming increasingly ubiquitous as they offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers. The services provided include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. Indeed, PINs and Pattern Lock have been widely used in smartwatches for user authentication. However, such authentication methods are not robust against various forms of cybersecurity attacks, such as side channel, phishing, smudge, shoulder surfing, and video‐recording attacks. Moreover, the recent adoption of hardware‐based solutions, like the Trusted Execution Environment (TEE), can mitigate only partially such problems. Thus, the user's security and privacy are at risk without a strong authentication scheme in place. In this work, we propose 2GesturePIN, a new authentication framework that allows users to authenticate securely to their smartwatches and related sensitive services through solely two gestures. 2GesturePIN leverages the rotating bezel or crown, which are the most intuitive ways to interact with a smartwatch, as a dedicated hardware. 2GesturePIN improves the resilience of the regular PIN authentication method against state‐of‐the‐art cybersecurity attacks while maintaining a high level of usability.

show abstract

A Tokenization-Based Communication Architecture for HCE-Enabled NFC Services

Cited by 9 publications

References 16 publications

A Blockchain-Enhanced Self-Sovereign Identity Platform for Corporate Resource Security

A Blockchain-Enhanced Self-Sovereign Identity Platform for Corporate Resource Security

State of the Art: Secure Mobile Payment

Securing PIN‐based authentication in smartwatches with just two gestures

Contact Info

Product

Resources

About