Projeto de um dispositivo de autenticação e assinatura. / Design and implementation of an authentication device.

AUTOR(ES)

Gustavo Yamasaki Martins Vieira

DATA DE PUBLICAÇÃO

2007

RESUMO

Currently, password-based authentication is the most widespread identity verification method for web pages access. However it presents security issues due to the growth of attacks based on spywares and phishing. The main purpose of both techniques is the digital identity theft, that is, stealing userspasswords in an unnoticed way. In order to counter this type of attack, many financial institutions have adopted strong authentication, a technique that employs a simultaneous use of different authentication factors. By synergistically combining the advantages of distinct factors, such arrangement results in the mutual mitigation of the vulnerabilities of each one, yielding an architecturally safer identity verification method. This work presents the design and implementation of an authentication device, which combines passwordbased and object-based authenticators. Its main distinguishing features are the reduced cost and the use of open sourced cryptographic algorithms. Open source algorithms have their security widely and independently verified, a characteristic that helps increase the systems reliability, since third parties may check the source code running on the device.

ASSUNTO(S)

autenticação de mensagens (dispositivos) authentication phishing security segurança na internet scam token

Documentos Relacionados

• Projeto e fabricação de um dispositivo automático de soldagem
• Personal authentication based on sound of signature
• Projeto e desenvolvimento de um sistema de controle para um dispositivo de ventilação mecânica pulmonar.
• Projeto de dispositivo supressor de surto de tensão
• AUTENTICAÇÃO E CONTROLE DE ACESSO INTERINSTITUCIONAL