Bring Your Own Device For Authentication (BYOD4A) – The Xign–System - Prof. Dr. Norbert Pohlmann

Bring Your Own Device For Authentication (BYOD4A) – The Xign–System


M. Hertlein, P. Manaras, N. Pohlmann:,
“Bring Your Own Device For Authentication (BYOD4A) – The Xign-System“.
In Proceedings of the ISSE 2015 – Securing Electronic Business Processes – Highlights of the Information Security Solutions Europe 2015 Conference,
Eds.: N. Pohlmann, H. Reimer, W. Schneider;
Springer Vieweg Verlag,
Wiesbaden 2015

The paper proposes an innovative authentication system called Xign that is very easy to use, easily integrated in existing infrastructure, while offering strong multifactor-authentication for different domains of application, like web applications and physical access control. A QR code is all that is needed to provide an entry point of authentication to the user. The system comprises a smartphone application (Xign App), a server component (Xign Authentication Manager) and a smartcard-applet (Xign SC). A NFC token con-tains a special smartcard applet and a keypair which is protected through a user-selected PIN / Password. To use this token for authentication, it must be paired with the users smartphone. To achieve that, the smartphone is also equipped with corresponding certificates. The Xign system is backed by a Public Key Infrastructure (PKI). As trust-anchor the PKI depends on the attributes of the new German identity card or similar identity verification systems, which are used to generate a derived identity, that is subsequently stored into token. As a consequence the Xign-System also takes steps to ensure anonymity of the user, while preventing tracing over multiple authentications.

Weitere Informationen zum Thema “Authentifikation”:

„Smartphone Bürger-ID – IT-Sicherheit als Wegbereiter für die Digitalisierung“

“Risikobasierte und adaptive Authentifizierung”

„Smart Authentication, Identification and Digital Signatures as Foundation for the Next Generation of Eco Systems”

“An Usable Application for Authentication, Communication and Access Management in the Internet Of Things”

„Die Zeit nach dem Passwort – Handhabbare Multifaktor-Authentifizierung für ein gesundes Eco-System”

„Abschied vom Passwort – Authentifikation für ein gereiftes Internet“

“Bring Your Own Device For Authentication (BYOD4A) – The Xign–System“

“Ein OpenID-Provider mit Proxy-Funktionalität für den nPA”

„Smart Authentifikation, Identifikation und digitale Signaturen als Grundlage zukünftiger Ökosysteme“

„Restrisikoanalyse Online-Authentisierung“

Vorlesung: „Identifikation und Authentifikation“

Glossareintrag: „Authentifikation“

Studie für das BMI: “Restrisiken beim Einsatz der AusweisApp auf dem Bürger-PC zur Online Authentisierung mit Penetrations-Test”

Informationen über das Lehrbuch: „Cyber-Sicherheit“

kostenlos downloaden
Bring Your Own Device For Authentication (BYOD4A) – The Xign–System Prof. Dr. Norbert Pohlmann - Cyber-Sicherheitsexperten