Papers Proceedings »
BetterAuth: Web Authentication Revisited
Paper 356KB |
Martin Johns
SAP Research
Germany
Sebastian Lekies
SAP Research
Germany
Bastian Braun
University of Passau
Germany
Benjamin Flesch
SAP Research
Germany
Abstract:
This paper presents "BetterAuth", an authentication protocol for Web
applications. Its design is based on the experiences of two decades with
the Web. BetterAuth addresses existing attacks on Web authentication,
ranging from network attacks to Cross-site Request Forgery up to
Phishing. Furthermore, the protocol can be realized completely in
standard JavaScript. This allows Web applications an early adoption,
even in a situation with limited browser support.