Presentation | 2007-07-19 A Mutual Authentication System for Web Server Access by Using Cellar Phone Yukiko SAWAYA, AKira YAMADA, Yutaka MIYAKE, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Password authentication is widely used for web accesses currently. However this authentication scheme becomes insecure, because attacks for stealing User ID and password are increasing, which use spyware or phishing sites. To resolve this problem, the safer server authentication and client authentication are required. We propose a mutual authentication system for web server access by using cellar phone. This system has four phases. The first phase is that the cellar phone of the user gets the server information by taking a picture of QR code, which is offered by web server, and verifies whether the server is legitimate. The second phase is that the client information is made by cellar phone ID number and sent to the server which is located in carrier of the cellar phone. The third phase is that the carrier server specifies the user by the client information, and sends the client ID, which is shared between web server and carrier server, to the web server. The fourth phase is that the web server verifies the client ID, and the authentication is finished. This paper describes the components of the proposed system and the framework of communication for the mutual authentication. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | client authentication / sever authentication / mutual authentication / spyware / phishing |
Paper # | ISEC2007-30,SITE2007-24 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2007/7/12(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Mutual Authentication System for Web Server Access by Using Cellar Phone |
Sub Title (in English) | |
Keyword(1) | client authentication |
Keyword(2) | sever authentication |
Keyword(3) | mutual authentication |
Keyword(4) | spyware |
Keyword(5) | phishing |
1st Author's Name | Yukiko SAWAYA |
1st Author's Affiliation | KDDI R&D Laboratories, Inc.() |
2nd Author's Name | AKira YAMADA |
2nd Author's Affiliation | KDDI R&D Laboratories, Inc. |
3rd Author's Name | Yutaka MIYAKE |
3rd Author's Affiliation | KDDI R&D Laboratories, Inc. |
Date | 2007-07-19 |
Paper # | ISEC2007-30,SITE2007-24 |
Volume (vol) | vol.107 |
Number (no) | 140 |
Page | pp.pp.- |
#Pages | 7 |
Date of Issue |