Αυθεντικοποίηση με τη χρήση των προτύπων FIDO
Χαβατζόπουλος, Παρασκευάς - Μάριος
Λέξεις κλειδιάΑυθεντικοποίηση ; Κωδικοί πρόσβασης ; Ασφάλεια διαδικτύου ; FIDO (Fast IDentity Online) ; eID
The society now has an existence in the electronic world. Each of us has an electronic identity, making people dependent on services offered online. This makes the security of these services critical and necessary to ensure that the service user is the one who says that is and not someone else. Nowadays, users authenticate themselves using a variety of methods. The most common of all is the simple introduction of a password, which is far the most unsafe one. In principle, users store passwords properly with the simplest example to record it in a paper. Nor providers manage their passwords right after many of them do not even use a simple hash algorithm before storing it. In addition to the problem of wrong storing of the password, there is the problem of the huge volume of users and an equally large number of services that makes it difficult to manage the online authentication. In 2007, the average user had 25 accounts, using 6.5 code and made 8 inputs the day. These numbers give us the opportunity to realize the number of authentications now and how difficult is the situation. In addition, simple methods of attack, such as phishing, fraud and exploitation of vulnerabilities (weaknesses in systems, but the word is used as such as mentioned throughout the literature) have even results. Last and most important is the fact that the current networks carry large volume of sensitive information which require greater protection, especially regarding corporate environments. As a result of all the above, it arises the need to start the authentication of the identity of someone which is unique to him and can be verified in the real world. In order to prevent deception and protection of any service by malicious users, there is a range of methods and technologies used, which includes biometrics (such as fingerprints, impressions iris, voice recognition and facial) and communication standards and existing technologies (USB security tokens, smartcards, Near Field Communication and embedded Secure Elements). There is a new standard called FiDO involving these methods. It separates the authentication method from the authentication protocol, defines the method in order to demonstrate the type of authentication of the interested party. The FIDO (Fast IDentity Online) meets the online authentication. The use FIDO devices offers the user the option to replace passwords with one authentication method is more safe, easier to use with biometrics as well as existing methods of authentication and communications protocols such as USB security tokens and one time passwords. This paper refers to existing authentication technologies that are incorporated in the specification of FiDO and similar advantages and disadvantages. In addition, there will be a hint to the possible application of FiDO in military environments, as well as in the public services.