Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

BetterAuth: Web Authentication Revisited

Paper
View File
pdf
356KB

Martin Johns
SAP Research
Germany

Sebastian Lekies
SAP Research
Germany

Bastian Braun
University of Passau
Germany

Benjamin Flesch
SAP Research
Germany

Abstract:
This paper presents "BetterAuth", an authentication protocol for Web
applications. Its design is based on the experiences of two decades with
the Web. BetterAuth addresses existing attacks on Web authentication,
ranging from network attacks to Cross-site Request Forgery up to
Phishing. Furthermore, the protocol can be realized completely in
standard JavaScript. This allows Web applications an early adoption,
even in a situation with limited browser support.

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC