【摘要】：針對目前Web站點(diǎn)的身份認(rèn)證安全問題,提出了一種基于手機(jī)令牌和近距離無線通信(NFC,near field communication)技術(shù)的身份認(rèn)證方法,并在Android平臺上實(shí)現(xiàn)了該系統(tǒng).該系統(tǒng)利用手機(jī)使用手機(jī)令牌實(shí)現(xiàn)了USBKey的主要功能,當(dāng)用戶訪問站點(diǎn)進(jìn)行注冊時,將獲得惟一的手機(jī)令牌并存于帶有加解密功能的手機(jī)中.在下次訪問站點(diǎn)進(jìn)行身份認(rèn)證時,用戶可通過手機(jī)直接在Web站點(diǎn)進(jìn)行身份認(rèn)證,也可通過NFC技術(shù)將手機(jī)令牌傳于PC機(jī),使得用戶可在PC機(jī)上利用手機(jī)進(jìn)行身份認(rèn)證.該系統(tǒng)將手機(jī)作為類USBKey設(shè)備,在增強(qiáng)Web站點(diǎn)身份認(rèn)證安全的同時,省去了為用戶頒發(fā)USBKey的流程和成本,具有較強(qiáng)的實(shí)用價值.
[Abstract]:Aiming at the problem of authentication security of Web site, this paper presents an authentication method based on mobile phone token and NFC,near field communication) technology, and implements the system on Android platform. The system uses the mobile phone token to realize the main function of USBKey. When the user visits the site for registration, the unique mobile phone token will coexist in the mobile phone with encryption and decryption function. In the next visit to the site for identity authentication, the user can authenticate directly in the Web site through the mobile phone, or pass the mobile phone token to the PC machine through the NFC technology, so that the user can use the mobile phone to authenticate the identity on the PC machine. The system takes the mobile phone as a USBKey like device, which not only enhances the security of Web site identity authentication, but also saves the process and cost of issuing USBKey to the user. It has strong practical value.
【作者單位】： 武漢大學(xué)計算機(jī)學(xué)院;空天信息安全與可信計算教育部重點(diǎn)實(shí)驗(yàn)室;
【基金】：國家自然科學(xué)基金(61003268) 湖北省自然基金(2010CDB08601) 中央高校基本科研業(yè)務(wù)費(fèi)專項基金(211274629)資助項目
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前3條

1 張虎強(qiáng);洪佩琳;李津生;黃冠堯;;用戶名密碼認(rèn)證方案的安全性分析及解決方案[J];計算機(jī)工程與應(yīng)用;2006年33期

2 曹U，

本文編號：2405540