UAuth: A Strong Authentication Method from Personal Devices to Multi-accounts

Authors

DOI:

https://doi.org/10.4108/eai.5-10-2015.150479

Keywords:

Authentication, Mobile terminal, Multi-accounts

Abstract

In this paper we present UAuth, a two-layer authentication framework that provides more security assurances than two-factor authentication while offering a simpler authentication experience. When authenticating, users first verified their static credentials (such as password, fingerprint, etc.) on their devices to achieve the local-layer authentication, then submit the OTP-signed response generated by their device to the server to complete the server-layer authentication. We also propose the three-level account association mechanism, which establishes the association among devices, users and services, and then creates a mapping from user’s devices to user’s accounts. Users can gain access to different service via any device in the association easily. Our goal is to provide a quick and convenient SSO-like login process on the basis of security authentication. To meet the goal, we implement our UAuth, and evaluate our designs.

Downloads

Published

05-10-2015

How to Cite

Wang, Y. ., Mingming Hu, M. ., & Li, C. . (2015). UAuth: A Strong Authentication Method from Personal Devices to Multi-accounts. EAI Endorsed Transactions on Security and Safety, 2(4), e5. https://doi.org/10.4108/eai.5-10-2015.150479

Issue

Vol. 2 No. 4 (2015): EAI Endorsed Transactions on Security and Safety

Section

Research article

License

Copyright (c) 2022 EAI Endorsed Transactions on Security and Safety

Creative Commons License

This work is licensed under a Creative Commons Attribution 3.0 Unported License.

This is an open-access article distributed under the terms of the Creative Commons Attribution CC BY 3.0 license, which permits unlimited use, distribution, and reproduction in any medium so long as the original work is properly cited.

Funding data