Presentation is loading. Please wait.

Presentation is loading. Please wait.

Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).

Published byMarcelo Sergeant Modified over 10 years ago

Similar presentations

Presentation on theme: "Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011)."— Presentation transcript:

1 Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011). Integrating OAuth with Information Card Systems. In Proceedings of IAS '11: 7th International Conference on Information Assurance and Security, Malacca, Malaysia, 5-8 December 2011. IEEE.

2 Abstract The scheme using between the OAuth and Information Card System(CardSpace) (The Scheme in Mid-Term) The drawbacks of OAuth/OpenID and Information Card System The scheme in Smartphone-based authorization system The implementation - http://sng.mizzou1.comhttp://sng.mizzou1.com The Snap & Go App on Android System Red words are our contribution

3 In the Mid-term presentation: A scheme using between the OAuth and Information Card System (CardSpace) was presented.

4 Why dose the paper try to use this scheme? To mitigate identity-oriented attacks, a number of identity systems (e.g. CardSpace, OAuth, OpenID, etc.) have been proposed. An identity provider in such systems supplies a user agent with a security token that can be consumed by a relying party. Whilst one RP might support an Information Card system, another might only sup- port OAuth. To make these systems available to the largest possible group of users, interoperability between such systems is needed.

5 How CardSpace w/ OAuth works Policy 2. I would like a SAML 1.1 token, containing First Name, Surname, issued by *any* 3. UI filters cards that can satisfy policy 4. User picks a card 5. Token is requested 1.Access resource 6. Token is created 7. Token is presented Relying Party Identity Provider OAuthCard copied check hold & modified hold & modified

6 How OAuth works? User Token Request modified token Sign in Token Access_token Expire_time Refresh_token Info Request Access_token User Information RP-required user attributes Relying Party Identity Provider retrived &modify retrived &modify

7 The drawbacks of OAuth/Open-ID and Information Card System 1.The Information Card System requires different extensions installed on the different browsers.

8 The drawbacks of OAuth/Open-ID and Information Card System 2.The Information Card System has been abandoned. Microsoft announced that Windows CardSpace 2.0 will not be shipped.

9 The drawbacks of OAuth/Open-ID and Information Card System 3. Users still need to enter username and password when logging using OAuth / Open-ID (On the public computers or they didnt login)

10 Our scheme: Snap & Go User has some cards in their smart-phone. (the real information behind the cards is saved on the Identity Provider Server) User logs in the Snap & Go app on his smart-phone. User uses the app to shoot at the QR-code on the website. User logged in successfully into his account.

11 How Snap & Go works? Policy I would like some information, containing First Name, Surname, issued by snap&go 4. Scan the QR code on the page 5. User picks a card 1.Access resource Relying Party Identity Provider 2. 2. Login Snap&Go using any android device 2. Token is requested 3. Access token is presented 6. Information presented

12 Whats on where? In the App( On Smart-phone) All the cards that contain users information

13 Whats on where? On Identity Provider Server Users Accounts Information(Username & Password) All the cards that contain users information APIs(Relying Parties Information and keys) The relation between one authorized card and one relying party.

14 Whats on where? On Relying Party Server API key to connect to Identity Provider Server(IPS) QR-code generator The token got from the IPS The users information got from the IPS

15 How to use Snap & Go? sng.mizzou1.com Download the Snap n Go app from our website: sng.mizzou1.com Install the app

16 How to use Snap & Go? Register in the App Login The Account Username and Password will be saved on the Identity Provider Server.

17 How to use Snap & Go? Choose Enter Passcode(Create New Card)

18 How to use Snap & Go? Enter the information and save as a card The information card will be saved on the server as well as in the phone.

19 How to use Snap & Go? We can see, edit or create cards under my account

20 How to use Snap & Go? Open a relying party website that needed to login. For example: http://sng.mizzou1.com/http://sng.mizzou1.com/

21 How to use Snap & Go? Choose Scan QRcode button

22 How to use Snap & Go? Use the camera on the phone to scan the QRcode on the computer screen

23 How to use Snap & Go? Choose one card that you want to use

24 How to use Snap & Go? Login Succeed

25 How to use Snap & Go? Card Information Received by the Relying Party Server.

26 Thank You! Smartphone-based authorization system Zhou, Guanlong– Web & Database Developer Yilihamujiang, Ailiyasijiang – App Developer

Download ppt "Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011)."

Similar presentations

Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board

Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board
The How of OAuth OAuth Hackathon – Six Apart

The How of OAuth OAuth Hackathon – Six Apart
WebDT Content Manager 6.0 Pro

WebDT Content Manager 6.0 Pro
Register merchant 1.Registration 2.Add store 3.Add terminal 4.Installation and settings of FlexPOS 4S.

Register merchant 1.Registration 2.Add store 3.Add terminal 4.Installation and settings of FlexPOS 4S.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
SAM 2007 v3.0 The Student Experience Including SAM Projects and Course Assess assignments.

SAM 2007 v3.0 The Student Experience Including SAM Projects and Course Assess assignments.
IPad: Tips and Tricks. Overview of the iPad HomeVolume and Mute/Lock CameraDock/Speakers Power Button: Press/Hold.

IPad: Tips and Tricks. Overview of the iPad HomeVolume and Mute/Lock CameraDock/Speakers Power Button: Press/Hold.
Using Evernote and Google Docs in your web or mobile application (and potentially Dropbox and Skydrive) By Peter Messenger Senior Developer – Triple Point.

Using Evernote and Google Docs in your web or mobile application (and potentially Dropbox and Skydrive) By Peter Messenger Senior Developer – Triple Point.
Secure SharePoint mobile connectivity

Secure SharePoint mobile connectivity
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.

Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.
Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.

Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.
By: Ansuya Chauhan.

By: Ansuya Chauhan.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.

Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.

Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
Free Wi-Fi Zone. Detail Process of Free Wi-Fi Access Switch on Wi-Fi setup on your Wi-Fi enabled Device like Cell Phone, Tablet PC, Laptop & search for.

Free Wi-Fi Zone. Detail Process of Free Wi-Fi Access Switch on Wi-Fi setup on your Wi-Fi enabled Device like Cell Phone, Tablet PC, Laptop & search for.
Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.

Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.
CONFIGURING WINDOWS SERVER MIS 424 Professor Sandvig.

CONFIGURING WINDOWS SERVER MIS 424 Professor Sandvig.
Microsoft Azure Introduction ISYS 512. Microsoft Azure Microsoft Azure is a cloud.

Microsoft Azure Introduction ISYS 512. Microsoft Azure Microsoft Azure is a cloud.

Similar presentations

Ads by Google