Research Article
KeyPocket - Improving Security and Usability for Provider Independent Login Architectures with Mobile Devices
@INPROCEEDINGS{10.1007/978-3-319-28865-9_3, author={Andr\^{e} Ebert and Chadly Marouane and Benno Rott and Martin Werner}, title={KeyPocket - Improving Security and Usability for Provider Independent Login Architectures with Mobile Devices}, proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2016}, month={2}, keywords={Multi-factor authentication Mobile-based login architectures Security Usability}, doi={10.1007/978-3-319-28865-9_3} }- André Ebert
Chadly Marouane
Benno Rott
Martin Werner
Year: 2016
KeyPocket - Improving Security and Usability for Provider Independent Login Architectures with Mobile Devices
SECURECOMM
Springer
DOI: 10.1007/978-3-319-28865-9_3
Abstract
Nowadays, many daily duties being of a private as well as of a business nature are handled with the help of online services. Due to migrating formerly local desktop applications into clouds (e.g., Microsoft Office Online, etc.), services become available by logging in into a user account through a web browser. But possibilities for authenticating a user in a web browser are limited and employing a username with a password is still de facto standard, disregarding open security or usability issues. Notwithstanding new developments on that subject, there is no sufficient alternative available. In this paper, we specify the requirements for a secure, easy-to-use, and third-party-independent authentication architecture. Moreover, we present KeyPocket, a user-centric approach aligned to these requirements with the help of the user’s smartphone. Subsequently, we present its state of implementation and discuss its individual capabilities and features.
