2010 | OriginalPaper | Chapter
User Authentication for Online Applications Using a USB-Based Trust Device
Authors : Julian Jang, Dongxi Liu, Surya Nepal, John Zic
Published in: Security and Privacy in Mobile Information and Communication Systems
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We present a system that enables secure user authentication by leveraging a portable USB-based trusted device. The heart of our system runs a protocol which guarantees trusted behavior at multiple layers; from the hardware device itself, to the software executing on the hardware, and finally to the application hosted in the remote server. This combination assures end-to-end trust and makes our system resilient to physical attacks (e.g. to the device and wire tapping) as well as logical attacks (e.g. main-in-the-middle attack). Our system utilizes web-based proxy communication using standard HTML tags and JavaScript to coordinate communication amongst different components. This enables our system not having to install any extra drivers typically required for supporting communication in most existing technologies.