Software security token for authentication
In our security-conscious society today, two factor authentication has been widely deployed for user authentication. In particular, usage of software-based security tokens has been increasingly favoured among organisations because it is cheap and convenient. However, there are concerns that software...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/62676 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-62676 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-626762023-03-03T20:35:23Z Software security token for authentication Lim, Jason Alwen Fernanto Tiu School of Computer Engineering DRNTU::Engineering::Computer science and engineering In our security-conscious society today, two factor authentication has been widely deployed for user authentication. In particular, usage of software-based security tokens has been increasingly favoured among organisations because it is cheap and convenient. However, there are concerns that software-based tokens are not as secure compared to hardware-based tokens, as software-based tokens are vulnerable to duplication attacks and malware residing on the underlying computing device. Hence, this project aims to design a system that can address these issues. The current implementation of the two factor authentication for smartphone has been surveyed to determine how the implementation can be improved. Methods that can uniquely identify individual smartphones have been explored and discussed. An experiment based on the HTML5 fingerprinting canvas has been conducted to ascertain its feasibility as a novel method for two factor authentication. Despite not having favourable results, a two factor authentication system based on fingerprinting canvas was designed and carried out. The system is able to generate a one-time password consistently for a smartphone and protect itself against malware. However, it could only partially mitigate duplication attacks. Despite not being able to provide full protection against duplication attacks, there are still some advantages of employing the fingerprinting canvas for a two factor authentication system such as tying the generation of OTP to a physical device and serving as a deterrence to potential attackers. Bachelor of Engineering (Computer Science) 2015-04-27T03:52:34Z 2015-04-27T03:52:34Z 2015 2015 Final Year Project (FYP) http://hdl.handle.net/10356/62676 en Nanyang Technological University 68 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering Lim, Jason Software security token for authentication |
| description |
In our security-conscious society today, two factor authentication has been widely deployed for user authentication. In particular, usage of software-based security tokens has been increasingly favoured among organisations because it is cheap and convenient. However, there are concerns that software-based tokens are not as secure compared to hardware-based tokens, as software-based tokens are vulnerable to duplication attacks and malware residing on the underlying computing device. Hence, this project aims to design a system that can address these issues. The current implementation of the two factor authentication for smartphone has been surveyed to determine how the implementation can be improved. Methods that can uniquely identify individual smartphones have been explored and discussed. An experiment based on the HTML5 fingerprinting canvas has been conducted to ascertain its feasibility as a novel method for two factor authentication. Despite not having favourable results, a two factor authentication system based on fingerprinting canvas was designed and carried out. The system is able to generate a one-time password consistently for a smartphone and protect itself against malware. However, it could only partially mitigate duplication attacks. Despite not being able to provide full protection against duplication attacks, there are still some advantages of employing the fingerprinting canvas for a two factor authentication system such as tying the generation of OTP to a physical device and serving as a deterrence to potential attackers. |
| author2 |
Alwen Fernanto Tiu |
| author_facet |
Alwen Fernanto Tiu Lim, Jason |
| format |
Final Year Project |
| author |
Lim, Jason |
| author_sort |
Lim, Jason |
| title |
Software security token for authentication |
| title_short |
Software security token for authentication |
| title_full |
Software security token for authentication |
| title_fullStr |
Software security token for authentication |
| title_full_unstemmed |
Software security token for authentication |
| title_sort |
software security token for authentication |
| publishDate |
2015 |
| url |
http://hdl.handle.net/10356/62676 |
| _version_ |
1759857170113888256 |