Kim et al., 2021 - Google Patents
Security analysis and bypass user authentication bound to device of windows hello in the wildKim et al., 2021
View PDF- Document ID
- 3981687267523034331
- Author
- Kim E
- Choi H
- Publication year
- Publication venue
- Security and Communication Networks
External Links
Snippet
Windows Hello is a Fast IDentity Online‐(FIDO‐) based new login system for Windows 10, which provides a single sign‐on (SSO) service to diverse online applications. Hardware protection is essential for Window Hello's security. This paper aims to examine the security …
- 238000004458 analytical method 0 title abstract description 27
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
- G06F21/608—Secure printing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10057282B2 (en) | Detecting and reacting to malicious activity in decrypted application data | |
| JP7545419B2 (en) | Ransomware Mitigation in Integrated and Isolated Applications | |
| US10404476B1 (en) | Systems and methods for providing authentication to a plurality of devices | |
| US9350548B2 (en) | Two factor authentication using a protected pin-like passcode | |
| US20190281028A1 (en) | System and method for decentralized authentication using a distributed transaction-based state machine | |
| US9686080B2 (en) | System and method to provide secure credential | |
| US20180082050A1 (en) | Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device | |
| US10187373B1 (en) | Hierarchical, deterministic, one-time login tokens | |
| CN101227468B (en) | Method, device and system for authenticating user to network | |
| JP2022545627A (en) | Decentralized data authentication | |
| Navas et al. | Understanding and mitigating OpenID Connect threats | |
| WO2012160421A1 (en) | Systems and methods for device based secure access control using encryption | |
| IL266535A (en) | System and method for transparent multi-factor authentication and security posture checking | |
| EP3687139B1 (en) | Secure provisioning and validation of access tokens in network environments | |
| EP3674938B1 (en) | Identifying computing processes on automation servers | |
| Panos et al. | A security evaluation of FIDO’s UAF protocol in mobile and embedded devices | |
| Dou et al. | Robust insider attacks countermeasure for Hadoop: Design and implementation | |
| Ghazizadeh et al. | Trusted computing strengthens cloud authentication | |
| US11616780B2 (en) | Security protection against threats to network identity providers | |
| Kim et al. | Security analysis and bypass user authentication bound to device of windows hello in the wild | |
| Binu et al. | A mobile based remote user authentication scheme without verifier table for cloud based services | |
| Ghazizadeh et al. | Secure OpenID authentication model by using Trusted Computing | |
| Dietz et al. | Hardening Persona-Improving Federated Web Login. | |
| Hon | Public key infrastructure; passwords | |
| Kuzminykh et al. | Mechanisms of ensuring security in Keystone service |