• No results found

ก ก API Two-factor Authentication by Web Application API and J2ME. Software ก ก. : Two-factor Authentication, One Time Password, Packet Sniffer

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "ก ก API Two-factor Authentication by Web Application API and J2ME. Software ก ก. : Two-factor Authentication, One Time Password, Packet Sniffer"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

ก ก API

"#$ $ J2ME

Two-factor Authentication by Web Application API and J2ME

Software

1 ก ก 2

ก! " "

41/20 &'()* '+ก ,"-" 44150 /!: 0-4375-4322 & 2414

1 E-mail: [email protected] 2 E-mail: [email protected]

>?

ก กก !"# Username/Password 1ก2 Password 3445 ก "#ก 6User Knowledge6 : 2;;ก#ก4<ก 11#= 1#2>ก ?> ก3ก> Smart Card, RSA Secure ID Authentication =>L MUser Possession6 =>N>ก344 : 344O Smart Card Reader < RSA SecurID Tokens =>N OกRS5กก32ก# ก 2> 2กกก =>4< =O: < Nก2T<กก OกRSก! 4>1#2>กกU <=# "ก2 : <ก# Web Application API < J2ME Software =5ก< ก #> "#ก # Two Factor : ?>ก3# ก >=5 2>=Oก ;ก < ก# "# ก> ก# S"#"ก2 J2ME 1 "=L=S=> !<2 Web Application API Module ก Web server ก< ก

.

Abstract

Most of web applications rely on username/password to authenticate users. However, the password is an authentication factor by "user knowledge" that can be sniffed or leaked by many ways. Previous solutions to this problem (such as smart card or RSA Secure ID authentication) use "user possession" as the other factor. Yet, smart card readers and RSA secure tokens causes More cost to invest and more devices to carry. In this paper, we design, implement and test a web application API and J2ME software to enhance authentication to

web application. The new solution is cheaper. It requires only to preload J2ME software into users' mobile phone and a web application API module into the web server

AAB:

Two-factor Authentication, One Time

Password, Packet Sniffer

1.

>A

ก !""#$#" [7] (Authentication Factor) +!, -./012/345 678+$9:;"#$ .0<,078++=>?5 @?A7B0>?5:;" 3 6:D1 ?0"2E 1) User Knowledge +!, ก !""#$#" @?,Kก ?L<,0MN5345 :4B" Username/Password, PIN Code :;"#5" 2) User Possession +!, ก !"" #$#"12/:;"<,0T!,+ ,012/-9 T345 678#$78++=>?5 :4B" Smart Card, Secure Token, ก8UA :;"#5" 3) User Attribute +!, ก !""#$#"12/,K=กWX6<,0#$ 78++="E"Y :4B" =".E$9!, 9B"# =9!,4!/, :;"#5"

@?1/$>ก !""#$#"3":$Z7A,[=.:+4/"-B$" 3\UB,K User Knowledge :;"\=ก @?:][6,B0./0345 Username/Password 3"ก !""#$#" ^_/0928?,B," +!, Password "E"-9 T12/6 /$>\=\ !,TNก?ก7>?5 A=6 -9 T12/6=!9>?5 _01L3\5ก 67$"ก !""#$#"92+$9 :-2/0

3"87"92ก [`"^,a#bA$ b12/3453"ก ?ก7 <5,9N=,,ก9:;"L"$"9ก:4B" Ethereal [1], Wireshark

(2)

[3] :;"#5" ^_/0ก !""#$#"?5$ Username/Password :[20,B0:?2$กZ,92+$9:-2/0>?5

Smart Card Authentication [4], RSA SecurID Authentication [5] A=6 One Time Password [9] :;" #$,B0<,0<5,:-",3"ก Aก5U\?0ก=B$12/"L:-",9 กB,"\"50"$.]77"2E A#BMN5$.[7$Bก Aก5><U\12/ "L:-",9กB,":\=B"2E=5$"A=5$A#B928?,B," 3": !/,0+$9>9B :\96-9\= 6ก 1L3\5>9B>?5TNก"L>3450",B0 A[ B\=3"ก 67$"ก !""#$#"ก7:$Z7A,[=.:+4/"

0"$."2E _0:-",A"$+.?3"ก Aก5U\3\9B@? 345ก !""#$9กก$B\"_/0(User Knowledge A=6 User Possession) B$9ก"3"ก Aก5U\ @? User Knowledge 12/:=!,ก345+!, Username/Password -B$" User Possession 12/:=!,ก345+!, @1 K[1b9!,12/MN53451/$>[ก[,NB A=5$ @?>?592ก [`"@ Aก 9#5"A7712/:;" Module API 12/: 2ก$B Two Factor Authentication (TFA Module) :[!/, #.?#E012/:$Z7:^. ba:$, b A=6>?5- 50#5"A77@ Aก 9 J2ME :[!/,#.?#E012/9!,T!,<,0MN5345A#B=6+" 3"ก M-"0":[!/,12/692 Password -,010+!, Username/Password :?.9<,0 677 7$กก7 Password 12/:=2/"A=018ก 1 "12ก9!,T!, ",กก"E"0"$."2E0>?51Lก 1?=,03450" $9>T_0ก - 8M=ก 3450" 3"-B$"12/ 2 <,0:,ก- ]77"2E>?5ก=B$T_01lWm2A=6 0"$.12/:ก2/$<5,0>?5AกB Smart Card Authentication, RSA SecurID Authentication A=6 One time Password 3"-B$"12/ 3 ก=B$T_0 12/9A=6A 0N03<,0U\ -B$" =6:,2?ก [`">?5TNกก=B$3"-B$"12/ 4 A=6 3"-B$"12/ 5 A=6 6 ก=B$T_0 ก 1?-,7A=6M=ก 3450"[ 5,971- 8#9=L?7

2.

>FGH>HกH I

2.1

Smart Card Authentication [4]

Smart Card Authentication :;"ก 67$"ก !"" #$#"@?345,K User Possession ^_/0,NB3"=กWX6<,0 Smart Card 12/4B$:กZ7 ก8UA=7 (Private Key) @?,K ก 67$"ก :<5 \-A77,-99# (Public Key Encryption) 3"ก - 50A=6# $-,7ก8UA=7?0ก=B$ ^_/0ก8UA=712/

:กZ7,NB3" Smart Card 6TNก,B"+B>?5?5$:+ !/,0,B" Smart Card (Smart Reader) A=6"L+B<5,9N=?0ก=B$># $-,7 +$9TNก#5,03"ก 67$"ก !""#$#">?5 ^_/0A-?0 ก 67$"ก 1L0">?5?0 N12/ 1

O>H 1 A-?0ก 1L0"<,0 677 677 Smart Card Authentication

8?,B,"<,0 Smart Card Authentication +!, #5,0 =018":[./9ก7 Smart Card 69X 150 - 500 71/37 A=6 0#5,0=018"ก7 Smart Reader A=6 Software ^_/0 + 69X 1,000 - 30,000 71 ",กก"2E6:\Z">?5$B Smart Card Reader "E">9B:;"12/A[ B\= A=6:+ !/,0+,9[.$:#, b -B$"3\UB3"87"0>9B92:+ !/,0,B" Smart Card ก 67$"ก !""#$#"?5$ Smart Card _0ก12/6:;"> >?5

2.2

RSA SecurID Authentication [9]

RSA SecurID Authentication :;"ก 67$"ก !""#$#"<,07 .W1 RSA @?92ก 67$"ก !""#$#"12/ ,K User Possession @? RSA >?592ก [`",8ก Xb Secure Token 92=กWX6+=5[$0ก8UA12/:[./9,A-?0M= #$:=<A=6#$,กW ^_/0#$:=<A=6,กW ?0ก=B$-9 T "L>345:;" Password 3"ก 67$"ก !""#$#">?5 @? @+ 0- 50<,0 RSA SecurID authentication -9 TA-?0 ?0 N12/ 2

(3)

@?@+ 0- 50 RSA SecurID Authentication 6 6ก,7?5$ RSA SecurID (1) A=6 RSA ACE/Server (2) @?ก 1L0"<,0 RSA SecurID 6- 50 Password A-?0 7"\"5, @? Password 692ก 67$"ก - 50A77 :?2$ก"10st0 RSA AEC/Server A=6:;" Password 12/TNก - 503\9B18กY4B$0:$= 6:\Z"$B92<5,?212/ Password 6 :=2/",NB#=,?:$=A95TNก?ก7<5,9N=กZ>9B-9 T"L>345 >?5:9!/,:$=:=2/"> A#B8?,B,"<,0 RSA SecurID Authentication +!, #5,092ก =018"#.?#E0 AEC/Server A=6 ^!E, RSA SecurID Token ^_/0:;"+B345BL"$"9\K= 0 :[./9D 63"ก [ก[,8ก Xb3\5ก7MN53450":[./9:#.9,2ก\"_/0 4.E"?5$ 6:\Z">?5$B RSA SecurID Authentication กZ0>9B34B 67712/".93453" :$Z7A,[=.:+4/"@?1/$>3"87"

?5$U\10ก =018"<,01E0 Smart Card A=6 RSA SecurID 6:\Z"$B:$Z7A,[=.:+4/"-B$"3\UB3"87" 0+0,Kก !""#$#"?5$ Username/Password ^_/0 -9 TTNก?ก7>?5@?Auก:ก, b:1B"E"

2.3

Multi-factor Authentication [8]

Multi-factor Authentication +!, ก 67$"ก !"" #$#" @?3459กก$B\"_/0,B0 B$9ก" :4B" Knowledge Factor B$9ก7 Possession Factor :;"#5" กZ6 1L3\5ก !""#$#""E"+$9=,?D9ก<_E" 3"ก $."2E _0,KA"$+.?<,0 Multi-factor Authentication 93453" ก ,,ก 6773"ก Aก5U\ก TNก?ก7 Password 12/:;" U\3\UB<,0 Web Application 3"87"

2.4

One Time Password [9]

One Time Password (OTP) +!,ก 67$"ก 12/TNก [`"<_E":[!/,Aก5><U\ก 3450" Password ^_/0A"$+.?3" ก [`" OTP +!,+$9>9B#5,0ก 3\592ก 345 Password #$:?.9^ELY18ก+ E0:9!/,MB"ก 67$"ก Login \ !,!"" #$#"

0"$."2E>?5"LA"$+.?<,0 One Time Password 9345 @?1L3\5 Password <,0 User \"_/0+"-9 T12/ :=2/"A=0>>?5:9!/,:$=:=2/"> A=6:9!/, User 345 Password > X :$=3?Y :9!/,:$=:=2/" Password กZ6

:=2/"A=0 กZ6-9 T12/6345 Password >?5 69X 1 + E0:1B"E"

3.

>HVWOXWIYBZ

กU\12/:$Z7A,[=.:+4/"-B$"3\UB0+0345 :][6 Username/Password 3"ก !""#$#" A=6 -9 T12/6TNก?ก7 Password >?5 A=6A"$+.?3"ก Aก5U\@?345 Smart Card Authentication \ !, RSA SecurID Authentication กZ92+$9>9B:\96-93": !/,0<,0 +A=6,8ก Xb:[./9:#.912/3450" _0>?51Lก ,,กA77A=6 [`"#5"A773"ก Aก5U\ @?92 =6:,2?12/6ก=B$ 3"-B$"T?>

4.

Hก[

กU\12/[7 MN5$.>?5"L:-",A"$10ก Aก5U\ 92 =6:,2??0"2E +!,

1. >A Multi-factor Authentication @?,K Username/Password :?.9 ^_/0:;"10?5"<,0 User Knowledge B$9ก7 User Possession @?ก [`" @ Aก 9#5"A7712/:;" Module API 12/-9 T Plug in :<5 ก7:$Z7A,[=.:+4/"3?Y>?5 @?: 2ก$B Two-factor Authentication Module (TFA Module) A=6 @ Aก 9 J2ME :[!/,1L3\59!,T!,-9 T345:;" User Possession >?5:9!/, 1L0" $9ก7 TFA Module

2. \ก$>HZVV @?3459!,T!,:;",8ก Xb -L\ 7 User Possession ^_/0@?ก#.1/$>MN53450"3" 677 692@1 K[1b9!,T!,,NBA=5$ _0>9BL:;"#5,0#.?#E0:+ !/,0,B" Smart Card \ !, ^!E, RSA SecurID Token :[./9:#.9 1L3\5>9B 92D 61E03"?5"#5"18"A=6ก [ก[,8ก Xb,!/":[./9:#.9 1E0"2E9!,T!,?0ก=B$#5,092+$9-9 T-"7-"8"ก 1L0" <,0 J2ME >?5 (^_/0 5,=6-B$"3\UB<,09!,T!,3"87"92 +$9-9 T?0ก=B$)

3. Cost 6773\9B12/,,กA779:;" Software Module 12/-9 T"L>#.?#E0ก7:$Z7A,[=.:+4/"3?Y>?5 A=6 :;"@ Aก 9 J2ME 12/-9 T?$b"@\=?:<57"9!,T!,@?>9B #5,092ก =018"^!E,,8ก Xb:[./9:#.9

(4)

4. One Minute Password @? Password 12/345 3"ก !""#$3" 6776TNก:=2/"A=018กY 1 "12 T5 \ก92ก /$>\=<,0 Password 3" 677 กZ6-9 T345 Password "E">?5 69X 1 "12 :1B"E"

@? =6:,2?3"ก ,,กA77A=6[`"6>?5 ก=B$3"<5,T?>

4.1

ก>A Two-factor Authentication ? Vก

>]>$V^

ก 1L Two-factor Authentication B$9ก7 @1 K[1b9!,T!, 92<E"#,"?0 N12/ 3

O>H 3 ก 1LTwo Factor Authentication B$9ก7 @1 K[1b9!,T!,

1. กL\"? NA77ก -!/,- 6\$B0 Server ก7 Client @?ก -!/,- "E"#5,092ก :<5 \-<5,9N= 3"12/"2E,K SSL [1] (Secure Socket Layer) :[!/,x,0ก"ก ?ก7<5,9N=

2. กL\"? NA77ก 67$"ก !""#$#"3"-B$" <,0 Password #5,0,K Password -B$"\"_/012/:;" User Knowledge +!,:;" Password 12/ User #5,0?L>$5 :\9!," :$Z7A,[=.:+4/"1/$> A=6 Password ,2ก-B$"\"_/0 12/: 2ก$B yMobile Phone Passwordz ^_/0 User 6>?5กก 345 @ Aก 9 J2ME 12/9!,T!,:[!/,?N$B Password X "12"E"A-?0 :;"+B,6> 9 $9ก" ^_/0\ก User A[ B0[ Password 12/>?5L>$5 Auก:ก, bกZ0>9B-9 T:<5 677>?5:[ 6<? Password ,2ก-B$"\"_/012/- 507"9!,T!, \ !, \ก9!,T!,\ Auก:ก, bกZ0:<5 677>9B>?5:[ 6<? Password ,2ก-B$"12/ User L>$5

3. TFA Module 92 NA77:;" API Module @? Plug in :<5ก7:$Z7:^. ba:$, b :[!/,3\5:$Z7A,[=.:+4/"3?Y : 2ก3450" Two Factor Authentication Module MB"10 API ^_/01L3\5:$Z7A,[=.:+4/"92ก 67$"ก !""#$?5$ Password 12/>?5กก Ran @ Aก 9 J2ME 7"9!,T!,<,0MN5 345>?5

4. ก - 50 Mobile Phone Password 12/J2ME Software <,09!,T!,A#B=6 User 92ก - 50A77:?2$ก"ก7 TFA Module 12/:$Z7:^. ba:$, b:[!/, Run - 50 Password 3"+B :?2$ก"-L\ 7A#B=6 User A=6-L\ 7A#B=6:$=:?2$ก">?5 5. ก # $-,7 Password 1L>?5 3 A77 +!, A77 12/\"_/0345 Password B$9ก7 Mobile Phone Password \ !, :=!,ก345 Mobile Phone Password :[20,B0:?2$:[!/,>9B #5,0ก 3\5 User ?L Password := A#B3"ก X29!,T!,\ กZ6:ก.?+$9>9B=,?D>?5 NA7712/-9 +!, 345 Password A77?E0:?.93"ก X212/>9B>?5ก :[./9 TFA Module A#BA"B"," Password 6TNก?ก7A=692ก /$>\=>?5 @? 677A"6"L 3\5345 NA77A ก

6. :9!/, User MB" Password 12/:ก.?ก1E0 User Knowledge :?.9 A=6 Mobile Phone Password :[!/,1Lก !""#$#"ก7:$Z7:^. ba:$, b :^. ba:$, bกZ61Lก # $-,7 Password 12/:;" User Knowledge ก{"<5,9N= Password A=6 # $-,7 Mobile Phone Password ก TFA Module @?6# 0ก"ก7 Password 7" J2ME <,0A#B =6 User \ก$B Login >?5 กZ61Lก # $-,7-.1|.}A=63\5 -.1|.}ก 3450" 677(Authorization)

4.2

ก Mobile Phone Password

ก - 50 Mobile Phone Password [`"<_E"?5$ J2ME @? Password 12/- 50<_E"ก9!,T!,6# 0ก"ก7 TFA Module -L\ 7A#B=6 User X :$=3?Y @?12/"L9345 3"ก กL\"? Password 92?0#B,>"2E

1. Organization Serial Number (OSN) +!, Serial Number 12/ 678+$9A#ก#B03\5ก7 677\ !,\"B$0""E" @?:9!/, OSN #B0ก" Mobile Phone Password 12/TNก- 50 <_E"ก@ Aก 9กZ692+$9A#ก#B0ก"

(5)

2. Mobile Phone ID (MP ID) +!, ID 12/ 678+$9 A#ก#B0 A=6 345!"" Mobile Phone <,0MN5345 @? MP ID #B0ก" Password 12/กZ6A#ก#B0ก" ^_/0 OSN A=6 MP ID

3. Date/Time +!, $"A=6:$=87" 12/:=2/">กZ 61L3\5 Password :=2/"> :[ 6]6"E" Password ?0ก=B$กZ6>9B-9 T345^EL>?5\ก:$=:=2/"> กZ6:;" One Minute Password

^_/0:9!/,92ก 345 OSN B$9ก7 MP ID 6-9 T1L ก 678>?5$B Mobile Phone "E":;"<,0MN5345+"3?A=63450" ก7 6773?>?5750 @?MN53456>?5 7 OSN A=6 MP ID [ 5,9 ก7ก Download @ Aก 9 J2ME >?5\=กก<E"#,"ก =016:72"#B, 677:- Z-.E" ^_/092<E"#,"A=6$.|2ก - 50 ?0#B,>"2E

O>H 4 <E"#,"ก - 50Mobile Phone Password

_! aV?Z?ก +!,<E"#,"

3"ก - 50 Mobile Phone Password ^_/092<E"#,"?0#B,>"2E <E"#,"12/ 1 +!, ก Input <5,9N= >?5AกB OSN, MPID, Date A=6 Time @?<5,9N=12/ Input "E"92<"? 240 Bit <E"#,"12/ 2 "L<5,9N= 240 Bit ?0ก=B$:<5-NB Hash Function @?345 MD5 6>?5 Bit Digest <"? 128 Bit

<E"#,"12/ 3 "L Bit Digest :<5-NB 64th based On

Function :[!/,ก A=0 Bit Digest(128 Bit) 3\5>?5:;"#$ ,ก< 61E0\9?>?5 22 #$,ก< 6 (132 bit) :[!/,345:;" Mobile Phone Password @?ก 67$"ก 1L0"<,0 64th based

On Function TNกก=B$>$53"\$<5,T?>

1 A-?0,ก< 612/:;">>?5<,0 64th based On

Function

ก# 0 1 -9 Tก#$,B0<5,9N= Input A=6 <5,9N= Output <,0a0กb4"?0ก=B$ @? Output 12/>?5"E":;" ,ก< 612/-9 TA-?0>?57"@1 K[1b9!,T!,18กY 8B" ^_/0?N>?5ก #$,B0?0 N12/ 5

O>H 5 A-?0 Input A=6<5,9N= Output <,0 64th based On

Function

5.

ก>กX

:$Z7A,[=.:+4/"^_/0 Run ,NB7":$Z7:^. ba:$, b12/92 TFA Module #.?#E0,NB6-9 T: 2ก345 Two-factor Authentication Module >?5 @?ก Import API A=6: 2ก345 0" Module ^_/0ก : 2ก345 Module 63453"<E"#,"ก Login \ !,!""#$#"ก7:$Z7A,[=.:+4/"

(6)

O>H 6 :;"ก A-?0\"5 Login :[!/,6:<5-NB ก 67$"ก !""#$#"<,0:$Z7A,[=.:+4/"

ก N12/ 5 :;"ก A-?0\"5 Login 12/92ก : 2ก345 0" MFT Module :[!/,6:<5-NBก 67$"ก !""#$#"<,0 :$Z7A,[=.:+4/" ^_/01L3\5ก login :[!/,:<5345 67718ก+ E0 MN5345#5,0-B0<5,9N=1E0 3 -B$"3\5ก7 Server +!, Username, Password A=6 Mobile Phone Password :[!/,1Lก # $-,7@?-B0<5,9N=MB"10\"5 Login "2E ก"E" Server :,061Lก # $-,7+$9TNก#5,0

O>H 7 ก>AกeกV J2ME

ก N12/ 6 A-?0ก #.?#E0A=63450"@ Aก 9 J2ME :[!/,3453"ก - 50 Mobile Phone Password @?ก #.?#E0 #$@ Aก 9"E"92-B$"12/-L+U12/6#5,0กL\9?+BกB," ก 3"3450"+!,ก ก #E0+B Organization Serial Number (OSN ) A=6 +B Mobile Phone ID (MP ID) @?<5,9N=1E0-,0 "2EMN53450"6>?5 7\=0กก 67$"ก =016:72":<5345 677 A=6:9!/,92ก #.?#E0#$@ Aก 9: 27 5,A=5$18กY+ E012/92ก :‚?3450"@ Aก 9 @ Aก 96A-?0 Password 12/ :=2/"A=0>18กY 1 "12

5.1

ก >fgIXกก

กYBZ

1) 677-9 T1L Two-factor Authentication @? ,K Username/Password :?.9 ^_/0:;"10?5"<,0 User Knowledge B$9ก7 User Possession @?ก 345 TFA

Module A=6@1 K[1b9!,T!, 1L3\592 Password -,0-B$":[!/, 3"ก 67$"ก !""#$#"1L3\5 \ก92<5,9N=-B$"3?92ก TNก?ก7\ !, /$>\=Auก:ก, bกZ0>9B-9 T:<5-NB 677>?5

2)Password 12/A-?07"9!,T!,:=2/"A=018กY 1 "12 T5\ก92ก /$>\=<,0 Password 3" 677 กZ6 -9 T345 Password "E">?5 69X 1 "12 :1B"E"

5.2

ก >fgIV>Hก

V

1) @1 K[1b9!,T!,-9 T:;" User Possession :[!/,3453"ก 67$"ก !""#$#">?5 กก 345@ Aก 9 J2ME B$9ก7 MDT Module @?MN5345>9BL:;"#5,0[ก[ ,8ก Xb,!/"Y :[./9:#.9 ^_/0A#ก#B0ก"ก Smart Card Authentication A=6 RSA SeurID Authentication 12/MN5345#5,0 92D 6[ก[ Smart Card \ !, RSA SeurID Token

2) ก Plug in #$ TFA Module >12/ Server :[!/,345 # $-,7 Password 12/A-?07"@ Aก 9 J2ME <,0MN5345 @?:$Z7A,[=.:+4/": 2ก3450" Module MB"10 API 1L3\5 ก 1LMulti-factor Authentication :;">>?50B _0>9B L:;"#5,0^!E,\ !,#.?#E0,!/",8ก Xb:[./9:#.9:\9!,"ก7 Smart Card 12/#5,0#.?#E0:+ !/,0,B" Smart Card \ !, RAS SecuID 12/#5,0#.?#E0 ACE Server

6.

>\

0"$."2EA-?03\5:\Z"$B ก "L:1+".+ก M-9M-"ก !""#$#" 6\$B0 Knowledge Factor ^_/0:;"12/".9A=6345ก",B0A[ B\=3"ก 67$" ก 67$"ก !""#$#"3":$Z7A,[=.:+4/" 3\592ก 1L0" 0" B$9ก7 Possession Factor ^_/0:;"12/-,0 @? Possession Factor 12/:=!,ก345"E">?5:"5"+$9-L+U>12/ #5"18"A=6:;"12/[ก[,NBA=5$<,0MN53450" 677 ^_/0>?5:-", ?0ก=B$,NB3" NA77@1 K[1b9!,T!, ^_/0"7$B92#5"18" #/L\ก:127ก7 Possession Factor ,!/"Y 12/92,NB3"87" 1L3\5-9 TAก5><U\ก ?ก7<5,9N=A=6ก /$>\=<,0 <5,9N=>?5 :"!/,0ก Password 92T_0-,0-B$"?5$ก" A=6T5 <"?-B$"3?-B$"\"_/0กZ6>9B-9 T3453"ก 67$"ก !"" #$#">?5 B$9>T_0ก ,,กA77 TFA Module :[!/,:;" API

(7)

3"ก 1L Two Factor Authentication 3\5ก7:$Z7 A,[=.:+4/" 1L-9 T"L> 68ก#b3450">?50B@? 677:?.9>9B92+$9:-2\ A=6>9BL:;"#5,0#.?#E0\ !,^!E, ,8ก Xb,!/":[./9:#.9 1L3\54B$=?+B345B12/6:ก.?<_E"กก 1L Two-factor Authentication >?5,B09\K= A=6 -9 T:;"12/".9345ก",B0A[ B\=>?5:[ 6 +TNก

7.

[1] . "Ethereal." Retrieved January 2009, fromhttp://www.ethereal.com/.

[2] . "OpenSSL." Retrieved 13, 2009, from http://www.openssl.org/.

[3] . "Wireshark 1.0.5 Released." Retrieved January 2009, fromhttp://www.wireshark.org/.

[4] "Security token and smart card authentication."

Retrieved January 2009, from

http://searchsecurity.techtarget.com/tip/0,289483,s id14_gci1338503,00.html.

[5] Strong Two-Factor Authentication with RSA SecurID: 1-3.

[6] Paul A, H. (2006). "Two-factor authentication † a look behind the headlines." Network Security: 18-19.

[7] Simmom, G. J. (1998). "A Survey of Information Authentication." IEEE: 603-604.

[8] Tatum, M. "What is Multifactor Authentication?" Retrieved Janurary 2009, from http://www.wisegeek.com/what-is-multifactor-authentication.htm.

[9] Tom Sheldon, B. S. M. (2001). "One-Time Password Authentication." Retrieved 13, 2009, from

http://www.linktionary.com/o/one_time_password.ht ml.

References

Download now ( PDF - 7 Page - 609.00 KB )

Related documents