Scholarly record
USING THE UNIVERSAL TWO FACTOR AUTHENTICATION METHOD IN WEB APPLICATIONS BY SOFTWARE EMULATED DEVICE
Abstract
The use of a qualified electronic signature has become more widespread in recent years, and one of the main prerequisites for this is the development of electronic services using a qualified electronic signature for authentication. Some of the services require additional entry of a username and password and they show that a qualified electronic signature complements the security of authentication by becoming the so-called "Second factor". All services provided by a qualified electronic signature in the browser are in fact web applications which used java applets or additional plug-ins. All of these are normally inconvenient for the end users. Electronic signatures, like the Universal Two Factor authentication method (U2F), implement the principle of asymmetric encryption when signing documents. In theory, a U2F device can be used for similar purposes if, instead of a random string of characters, the hash value of a file is encrypted. Although this cannot be done in practice, the Universal Two Factor authentication method is currently being developed and it is possible that in a future version the signing of documents is quite possible as a procedure. Technologies such as the Universal Two Factor authentication method meet the requirements of the modern user and could offer, in addition to the previously established USB interface, support for Near-Field Communication (NFC) - a protocol for wireless communication, often used for contactless payments or even data exchange. Only few of the manufacturers of U2F devices have built NFC support, and unfortunately, NFC support is limited to some modern mobile devices, so some manufacturers are turning to another wireless technology - Bluetooth. However, this is considered by many developers as a step backwards because Bluetooth technology requires device pairing, which adds another step to the authentication process. Another potential problem would be the range of the Bluetooth protocol, which often exceeds 50 meters - unacceptable for a U2F device, the main essence of which is to be extremely close to its owner. Unlike USB and NFC connectivity, Bluetooth technology also requires power.
Publication Impact Profile
- Citations
- Scopus - Citation Indexes: 9
- Captures
- Mendeley - Readers: 11
Publication details
References15
Pashev G., Rusenova L., Totkov G., Gaftandzhieva S. Adaptive Workplace E-Learning Model. TEM Journal, 2020, 9(2), pp.613-618.
Tarasyev A., Vasilev J., Turygina V., Kravchuk S., Strelchuk A. Methods for predicting the production of natural resources. In AIP Conference Proceedings. 2019, Vol.2186, No.1, p.050010.
Aleksandrova Y. Developing Business Intelligence System in a Building and Construction Company. Izvestia Journal of the Union of Scientists-Varna. Economic Sciences Series. 2017, issue 2, pp.217-224.
Dimitrov G.P., Panayotova G., Garvanov I., Os B., Petrov P., Angelov A. Performance analysis of the method for social search of information in university information systems. Third International Conference on Artificial Intelligence and Pattern Recognition (AIPR), 2016, pp.1-5, DOI: 10.1109/ICAIPR.2016.7585228.
Petrova S., Stefanov S., Ivanov S., Sergeev A., Getova I. Information Systems Used in Bulgarian University Libraries as Online Public Access Catalogs. 19 International Multidisciplinary Scientific Geoconference SGEM 2019: Conference Proceedings. 2019, 19(2.1), pp.353-360.
Radev M., Alexandrova Y. Combining Virtualization Technologies in SOA-applications. Proceedings of International Conference on Application of Information and Communication Technology and Statistics in Economy and Education (ICAICTSEE). 2013, pp.56-61.
Balfanz D. FIDO U2F Implementation Considerations, 2017. <https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-implementationconsiderations-v1.2-ps-20170411.pdf>
Barth A. The Web Origin Concept (RFC 6454), IETF, 2011. <http://www.ietf.org/rfc/rfc6454.txt>
Dimitrov, P. Methodological Problems with Using Qualified Electronic Signature and Universal 2 Factor in Web Applications. Scientific Conference of Young Researchers - 2018: Conference Proceedings, Varna: Steno, 2018, pp.126-131.
Georgiev G., Balabanova I., Kogias P., Sadinov S., Kostadinova, S. Identification of Sine, Squire, Triangle and Sawtooth Waveforms with Uniform White and Inverse F Noises by Adaptive Neuro - Fuzzy Interface System. Journal of Engineering Science and Technology Review. 2018, 11(3), pp.128–132.
Ovac?kl? A.K., P??j?rvi P., LeBlanc J.P., Carlson J.E. Recovering periodic impulsive signals through skewness maximization. IEEE Transactions on Signal Processing. 2015, 64(6), pp.1586-1596.
Valov N., Valova I. Drying process management laboratory with remote access. 16th International Conference on Information Technology Based Higher Education and Training (ITHET). 2017, pp. 1-6, DOI: 10.1109/ITHET.2017.8067800.
Sovetkin M. Considerations for Adding FIDO U2F to Your Security Protocol, 2017, <https://www.esecurityplanet.com/windows-security/considerations-for-addingfido-u2f-to-your-security-protocol-1.html>
Srinivas S., Balfanz D., Tiffany E. FIDO U2F Overview, 2017. <https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-overview-v1.2-ps20170411.pdf>
Todoranova L., Todoranova A. Incorrectly Transmitted Computer Terminology and Strategies to Overcome Non-Equivalence. Izvestia Journal of the Union of Scientists-Varna. Economic Sciences Series. 2017(2), pp.209-216.
Citing literature
Number of times cited according to Crossref: 1
View or Download full articleAccess options
SWS access login
Login as SWS Scientific CommitteeLogin as SWS Scientific PartnerLogin as SWS AuthorAuthors and approved SWS contributors will read and export their own linked papers after identity matching by SWS profile, email and SGEM GlobalID.
For librarian assistance: [email protected]
Purchase Instant Access
- Article can be downloaded after successful payment.
- Article may be used according to SWS library access terms.
- Article cannot be redistributed.