Extended HTTP Digest Access Authentication

Klevjer, Henning; Varmedal, Kent Are; Jøsang, Audun

doi:10.1007/978-3-642-37282-7_7

Cited by 10 publications

(12 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The OffPAD (Offline Personal Authentication Device) described by Klevjer et al [15] and Varmedal et al [16] is an enhanced version of the PAD, where an essential characteristic is to be offline, i.e. not connected to the Internet.…”

Section: Offpad -The Offline Personal Authentication Devicementioning

confidence: 99%

“…LastPass), the password is exposed in the computer's memory and is vulnerable to attacks such as key logging or memory inspection. A solution for password authentication using an OffPAD is proposed by Klevjer et al in [15], consisting of an extension to the original HTTP Digest Access Authentication scheme specified as a part of the HTTP standard in [27]. User credentials are stored in a hashed format on both the server and the OffPAD.…”

Section: User Authentication Supported By the Offpadmentioning

confidence: 99%

“…The advantage of our method is that it totally prevents exposure of passwords on potentially vulnerable client platforms, and thereby represents secure local user-centric identity management solution. A proof-ofconcept implementation of the method has been developed for the OffPAD prototype [28].…”

Section: User Authentication Supported By the Offpadmentioning

confidence: 99%

See 2 more Smart Citations

Local user-centric identity management

Jøsang

Rosenberger

Miralabé³

et al. 2015

J Trust Manag

Self Cite

View full text Add to dashboard Cite

Identity management is a rather general concept that covers technologies, policies and procedures for recognising and authenticating entities in ICT environments. Current identity management solutions often have inadequate usability and scalability, or they provide inadequate authentication assurance. This article describes local user-centric identity management as an approach to providing scalable, secure and user friendly identity management. This approach is based on placing technology for identity management on the user side, instead of on the server side or in the cloud. This approach strengthens authentication assurance, improves usability, minimizes trust requirements, and has the advantage that trusted online interaction can be upheld even in the presence of malware infection in client platforms. More specifically, our approach is based on using an OffPAD (Offline Personal Authentication Device) as a trusted device to support the different forms of authentication that are necessary for trusted interactions. A prototype OffPAD has been implemented and tested in user experiments.

show abstract

Section: Offpad -The Offline Personal Authentication Devicementioning

confidence: 99%

Section: User Authentication Supported By the Offpadmentioning

confidence: 99%

See 1 more Smart Citation

Local user-centric identity management

Jøsang

Rosenberger

Miralabé³

et al. 2015

J Trust Manag

Self Cite

View full text Add to dashboard Cite

show abstract

“…The PAD is the conceptual predecessor to the OffPAD. The OffPAD (Offline Personal Authentication Device) described by Klevjer et al [16] and Varmedal et al [26] is an enhanced version of the PAD, where an essential characteristic is to guarantee offline security (Machine to Machine communications). The OffPAD represents local user-centric identity management because it enables secure and user friendly management of digital identities and credentials locally on the user side.…”

Section: Offpad Conceptmentioning

confidence: 99%

One-Time Biometrics for Online Banking and Electronic Payment Authentication

Plateaux

Lacharme

Jøsang

et al. 2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract-Online banking and electronic payment systems on the Internet are becoming increasingly advanced. On the machine level, transactions take place between client and server hosts through a secure channel protected with SSL/TLS. User authentication is typically based on two or more factors. Nevertheless, the development of various malwares and social engineering attacks transform the user's PC in an untrusted device and thereby making user authentication vulnerable. This paper investigates how user authentication with biometrics can be made more robust in the online banking context by using a specific device called OffPAD. This context requires that authentication is realized by the bank and not only by the user (or by the personal device) contrary to standard banking systems. More precisely, a new protocol for the generation of one-time passwords from biometric data is presented, ensuring the security and privacy of the entire transaction. Experimental results show an excellent performance considering with regard to false positives. The security analysis of our protocol also illustrates the benefits in terms of strengthened security.

show abstract

“…In [17], Klevjer et al describe a more secure PAD, the physically decoupled OffPAD, which supports mutual authentication between user and server, as well as user-centric identity management, i.e. secure and usable management of digital identities and credentials on the OffPAD rather than in the user's brain.…”

Section: Class Authentication Of User Side Entities [U → P] Human Usementioning

confidence: 99%