Security Testing of a User-Participating Authentication Scheme Implementation on Web-Based Login System

Security Testing of a User-Participating Authentication Scheme Implementation on Web-Based Login System

Authentication is part of the security services. From a variety of authentication methods available today, there is one scheme named user-participation authentication scheme (UPA Scheme) which not only focusing on user authentication, also provide a guarantee of human participation in the authentica...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IOP conference series. Materials Science and Engineering 2019-04, Vol.508 (1), p.12136
Hauptverfasser: Akmaluddin, Muhammad, Pramadiv, Yogha Restu
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Authentication
Distance learning
Participation
Security
Security services
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Authentication is part of the security services. From a variety of authentication methods available today, there is one scheme named user-participation authentication scheme (UPA Scheme) which not only focusing on user authentication, also provide a guarantee of human participation in the authentication process. The scheme intended for authentication in online applications such as e-learning, online polls, online ticket-order system, and more. In this study, the implementation of UPA scheme and security testing has been completed. Testing was carried out using OWASP-AT-008 with the result that the UPA scheme had guaranteed human participation, besides it also found weaknesses in the UPA scheme against man-in-the-middle (MITM) attack.
ISSN:1757-8981
1757-899X
1757-899X
DOI:10.1088/1757-899X/508/1/012136