Bring Your Own Device For Authentication (BYOD4A) – The Xign–System - Prof. Dr. Norbert Pohlmann
Bring Your Own Device For Authentication (BYOD4A) – The Xign–System
M. Hertlein, P. Manaras, N. Pohlmann:,
The paper proposes an innovative authentication system called Xign that is very easy to use, easily integrated in existing infrastructure, while offering strong multifactor-authentication for different domains of application, like web applications and physical access control. A QR code is all that is needed to provide an entry point of authentication to the user. The system comprises a smartphone application (Xign App), a server component (Xign Authentication Manager) and a smartcard-applet (Xign SC). A NFC token con-tains a special smartcard applet and a keypair which is protected through a user-selected PIN / Password. To use this token for authentication, it must be paired with the users smartphone. To achieve that, the smartphone is also equipped with corresponding certificates. The Xign system is backed by a Public Key Infrastructure (PKI). As trust-anchor the PKI depends on the attributes of the new German identity card or similar identity verification systems, which are used to generate a derived identity, that is subsequently stored into token. As a consequence the Xign-System also takes steps to ensure anonymity of the user, while preventing tracing over multiple authentications.
Weitere Informationen zum Thema “Authentifikation”:
Vorlesung: „Identifikation und Authentifikation“
Informationen über das Lehrbuch: „Cyber-Sicherheit“