3,925 research outputs found
Outflanking and securely using the PIN/TAN-System
The PIN/TAN-system is an authentication and authorization scheme used in
e-business. Like other similar schemes it is successfully attacked by
criminals. After shortly classifying the various kinds of attacks we accomplish
malicious code attacks on real World Wide Web transaction systems. In doing so
we find that it is really easy to outflank these systems. This is even
supported by the users' behavior. We give a few simple behavior rules to
improve this situation. But their impact is limited. Also the providers support
the attacks by having implementation flaws in their installations. Finally we
show that the PIN/TAN-system is not suitable for usage in highly secure
applications.Comment: 7 pages; 2 figures; IEEE style; final versio
IAMS framework: a new framework for acceptable user experiences for integrating physical and virtual identity access management systems
The modern world is populated with so many virtual and physical Identity Access Management Systems (IAMSs) that individuals are required to maintain numerous passwords and login credentials. The tedious task of remembering multiple login credentials can be minimised through the utilisation of an innovative approach of single sign-in mechanisms. During recent times, several systems have been developed to provide physical and virtual identity management systems; however, most have not been very successful. Many of the available systems do not provide the feature of virtual access on mobile devices via the internet; this proves to be a limiting factor in the usage of the systems. Physical spaces, such as offices and government entities, are also favourable places for the deployment of interoperable physical and virtual identity management systems, although this area has only been explored to a minimal level. Alongside increasing the level of awareness for the need to deploy interoperable physical and virtual identity management systems, this paper addresses the immediate need to establish clear standards and guidelines for successful integration of the two medium
- …