Visible to the public Biblio

Filters: Keyword is TOTP  [Clear All Filters]
2020-03-02
Gordin, Ionel, Graur, Adrian, Potorac, Alin.  2019.  Two-factor authentication framework for private cloud. 2019 23rd International Conference on System Theory, Control and Computing (ICSTCC). :255–259.
Authorizing access to the public cloud has evolved over the last few years, from simple user authentication and password authentication to two-factor authentication (TOTP), with the addition of an additional field for entering a unique code. Today it is used by almost all major websites such as Facebook, Microsoft, Apple and is a frequently used solution for banking websites. On the other side, the private cloud solutions like OpenStack, CloudStack or Eucalyptus doesn't offer this security improvement. This article is presenting the advantages of this new type of authentication and synthetizes the TOTP authentication forms used by major cloud providers. Furthermore, the article is proposing to solve this challenge by presenting a practical solution for adding two-factor authentication for OpenStack cloud. For this purpose, the web authentication form has been modified and a new authentication module has been developed. The present document covers as well the entire process of adding a TOTP user, generating and sending the secret code in QR form to the user. The study concludes with OpenStack tools used for simplifying the entire process presented above.
2019-02-08
Park, W., Hwang, D., Kim, K..  2018.  A TOTP-Based Two Factor Authentication Scheme for Hyperledger Fabric Blockchain. 2018 Tenth International Conference on Ubiquitous and Future Networks (ICUFN). :817-819.

In this paper, we propose a new authentication method to prevent authentication vulnerability of Claim Token method of Membership Service provide in Private BlockChain. We chose Hyperledger Fabric v1.0 using JWT authentication method of membership service. TOTP, which generate OTP tokens and user authentication codes that generate additional time-based password on existing authentication servers, has been applied to enforce security and two-factor authentication method to provide more secure services.