Yasin et al., 2018 - Google Patents
Enhancing anti-phishing by a robust multi-level authentication technique (EARMAT).Yasin et al., 2018
View PDF- Document ID
- 917102382594105981
- Author
- Yasin A
- Abuhasan A
- Publication year
- Publication venue
- Int. Arab J. Inf. Technol.
External Links
Snippet
Phishing is a kind of social engineering attack in which experienced persons or entities fool novice users to share their sensitive information such as usernames, passwords, credit card numbers, etc. through spoofed emails, spams, and Trojan hosts. The proposed scheme …
- 238000000034 method 0 title abstract description 40
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or paths for security, e.g. using out of band channels
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190281028A1 (en) | System and method for decentralized authentication using a distributed transaction-based state machine | |
| Kaur et al. | A secure two‐factor authentication framework in cloud computing | |
| US9306905B2 (en) | Secure access to application servers using out-of-band communication | |
| CN102763111B (en) | Method and apparatus for trusted federated identity management and data access authorization | |
| KR101482564B1 (en) | Method and apparatus for trusted authentication and logon | |
| Lim et al. | Security issues and future challenges of cloud service authentication | |
| Bicakci et al. | Mobile authentication secure against man-in-the-middle attacks | |
| Tirfe et al. | A survey on trends of two-factor authentication | |
| Alnahari et al. | Authentication of IoT device and IoT server using security key | |
| Alzuwaini et al. | An efficient mechanism to prevent the phishing attacks | |
| CN106576050B (en) | Three-tier security and computing architecture | |
| Kassim et al. | Procurepass: A user authentication protocol to resist password stealing and password reuse attack | |
| Yasin et al. | Enhancing anti-phishing by a robust multi-level authentication technique (EARMAT). | |
| Karthiga et al. | Enhancing performance of user authentication protocol with resist to password reuse attacks | |
| Pashalidis et al. | Using GSM/UMTS for single sign-on | |
| Binu et al. | A mobile based remote user authentication scheme without verifier table for cloud based services | |
| Deeptha et al. | Extending OpenID connect towards mission critical applications | |
| Dietz et al. | Hardening Persona-Improving Federated Web Login. | |
| Li et al. | A cloud based dual-root trust model for secure mobile online transactions | |
| Weerasinghe et al. | Security framework for mobile banking | |
| Jenkinson et al. | I bought a new security token and all I got was this lousy phish—Relay attacks on visual code authentication schemes | |
| Ahmed et al. | Mutual authentication for mobile cloud computing: Review and suggestion | |
| Nosouhi et al. | Towards Availability of Strong Authentication in Remote and Disruption-Prone Operational Technology Environments | |
| Hsu et al. | WebCallerID: Leveraging cellular networks for Web authentication | |
| Xu et al. | Qrtoken: Unifying authentication framework to protect user online identity |