Loading [a11y]/accessibility-menu.js
Device-invisible two-factor authenticated key agreement protocol for BYOD | IEEE Conference Publication | IEEE Xplore

Device-invisible two-factor authenticated key agreement protocol for BYOD


Abstract:

“Bring Your Own Device” (BYOD) allows employees to bring their own mobile devices to their workplace and use them to access corporate information and applications. Howeve...Show More

Abstract:

“Bring Your Own Device” (BYOD) allows employees to bring their own mobile devices to their workplace and use them to access corporate information and applications. However, BYOD causes serious security issues against the data protection and device management obligations of corporations. To protect the corporate data and simplify the device management for BYOD, in this paper, we propose a device-invisible two-factor authenticated key agreement protocol (Dtaka) based on identity-based and password-based authentications. With BYOD, every device and the data server can mutually authenticate to each other and negotiate a session key for secure communications. During this process, the data server can learn the employee's identity rather than which device the employee uses to access the data. Thus, the data server only manages the employees' identities, instead of all mobile devices of employees, such that the overhead of mobile devices management for corporations is reduced. In addition, the data server is able to trace a lost or stolen device when it authenticates to the data server. Finally, we evaluate the computational and communication overheads to demonstrate the efficiency of Dtaka.
Date of Conference: 27-29 July 2016
Date Added to IEEE Xplore: 24 October 2016
ISBN Information:
Conference Location: Chengdu, China

References

References is not available for this document.