计算机工程与应用 ›› 2018, Vol. 54 ›› Issue (17): 71-76.DOI: 10.3778/j.issn.1002-8331.1709-0135

• 网络、通信与安全 • 上一篇    下一篇

基于网页浏览器和在线服务的安全密钥设计

高  瑾1,白  亮2   

  1. 1.山西大学商务学院 信息学院,太原 030031
    2.山西大学 计算机与信息技术学院,太原 030006
  • 出版日期:2018-09-01 发布日期:2018-08-30

Design of secure keys based on Web browser and online service

GAO Jin1, BAI Liang2   

  1. 1.College of Informatics, Business College of Shanxi University, Taiyuan  030031, China
    2.College of Computer and Information Technology, Shanxi University, Taiyuan 030006, China
  • Online:2018-09-01 Published:2018-08-30

摘要: 为了研究安全级别较高、用户满意度好、可操作性优良的安全密钥,提出一种基于浏览器在线服务的安全密钥。安全密钥是一种第二因子设备,提出的设计重点满足易于使用、易于开发和安全隐私性的特点。设计围绕注册、身份验证、设备认证和客户端数据展开。综合分析表明了提出的安全密钥能够提高安全等级和用户满意度。与一次性密码(OTP)相比,提出的设计平均身份验证时间更短。登录操作所需时间低于1?s,而注册操作时间在2?s以内,因而可以扩展到面向客户的网络应用。

关键词: 浏览器, 安全密钥, 第二因子设备, 一次性密码, 用户满意度

Abstract: To provide a security key with high security level, good user satisfaction and excellent operability, a security key based on web browser and online service is proposed. Security key is a kind of second-factor device, and the proposed design focuses on meeting the requirements of easy-to-use, easy-to-develop as well as security and privacy. The design is centered around registration, authentication, device authentication and client data deployment. Comprehensive analysis shows that the proposed security key leads to a higher security level and a better user satisfaction. Compared with One Time Password(OTP), the proposed design needs less time for average authentication. The operation time required for log in is less than 1 s, while the registration time is within 2 s, so it can be extended to customer-oriented network applications.

Key words: web browser, secure keys, second factor device, one time password, user satisfaction