| Presentation | 2017-03-14 A system architecture that prevents fraud issue using third parties to issue authentication information Masahiro Matsui, Akira Nagai, Tetsutaro Kobayashi, Hironobu Okuyama, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Nowadays, the leakages of authentication information such as password from web service are happened frequently. MILAGRO-MFA is user authentication that third parties issue user’s secret key and servicer can authenticate users without user’s authentication information. MILAGRO-MFA could prevent the leakages. However, on the previous key issue method of MILAGRO-MFA, servicer has to make issue request by key that the servicer holds. So, if an adversary gets or misuses the key for the issue request, he can issue user’s secret key freely. In this paper, I add a new server “issue request authority” to the previous system architecture of MILAGRO-MFA. I propose a new system architecture which user’s secret key is issued when a servicer and issue request authorities make an issue request. Then, I evaluate the safety of the proposal system architecture. As a result, the proposed system architecture has the safety of prevention of issue request that an adversary issue. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | authentication system / authentication information / information leakage / issue / third party / system architecture |
| Paper # | ICSS2016-72 |
| Date of Issue | 2017-03-06 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2017/3/13(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | University of Nagasaki |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | System Security, etc. |
| Chair | Yutaka Miyake(KDDI R&D Labs.) |
| Vice Chair | Yoshiaki Shiraishi(Kobe Univ.) / Takeshi Ueda(Mitsubishi Electric) |
| Secretary | Yoshiaki Shiraishi(NII) / Takeshi Ueda(Yokohama National Univ.) |
| Assistant | Kazunori Kamiya(NTT) / Takahiro Kasama(NICT) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A system architecture that prevents fraud issue using third parties to issue authentication information |
| Sub Title (in English) | |
| Keyword(1) | authentication system |
| Keyword(2) | authentication information |
| Keyword(3) | information leakage |
| Keyword(4) | issue |
| Keyword(5) | third party |
| Keyword(6) | system architecture |
| 1st Author's Name | Masahiro Matsui |
| 1st Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 2nd Author's Name | Akira Nagai |
| 2nd Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 3rd Author's Name | Tetsutaro Kobayashi |
| 3rd Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 4th Author's Name | Hironobu Okuyama |
| 4th Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| Date | 2017-03-14 |
| Paper # | ICSS2016-72 |
| Volume (vol) | vol.116 |
| Number (no) | ICSS-522 |
| Page | pp.pp.195-200(ICSS), |
| #Pages | 6 |
| Date of Issue | 2017-03-06 (ICSS) |