No more messes with passwords

No more messes with passwords https://i0.wp.com/www.eresviral.com/wp-content/uploads/2018/10/Se-acabaron-los-líos-con-las-contraseñas.png?fit=260%2C40&ssl=1

No more messes with passwords








Who does not have accounts on the network and faces the daily challenge of having to save and remember a plethora of usernames and passwords? An international team of researchers has unveiled a new secure authentication platform for mobile devices that links all accounts online with the user's identity, leaving the mobile phone to handle their management.





Most mobile devices are linked with hundreds of accounts and applications, which present all kinds of security settings, identities and passwords. The ReCRED project, funded by the European Union, has developed advanced software solutions to address the problem of password overloading so that we can securely access our accounts without having to remember multiple passwords.





ReCRED leaves behind the era of passwords by developing an advanced, secure and flexible access system. "The adoption of the authentication architecture based on the device is key to eliminating passwords as the main method of authentication on the web," says project coordinator, Christos Xenakis of the University of Piraeus (Greece).





This method improves the safety of the end user on the internet by using the mobile phone as an authorization intermediary or proxy. "Authentication and authorization are simplified by using the combined use of a short pin, biometric information (for example, voice, fingerprints or signature) and anonymous credentials (for example, a pseudonym)," says Rubén Cuevas, researcher at the Carlos III University of Madrid (UC3M) (Spain), one of the entities that have contributed to the project.










Cybersecurity (Image: ID Agency)





Most Internet users are registered in many online services, such as email providers, social networks, electronic banking or corporate applications. This makes it difficult to identify that there is a joint service property associated with a single user.





ReCRED provides secure access to these services as well as making it possible to manage accounts from a single device, regardless of the authentication method used in each service. The developed online identity acquisition module is responsible for horizontally linking the identities of the user that are fragmented in the network. The service allows the user to grant explicit authorization to ReCRED to access the information of each online account he owns.





Researchers have also created a physical identity acquisition module for those services that require a higher level of attribute guarantee. This service verifies all identity attributes included in the user's physical identity, such as their passport number or identity document, bank account number, photo, etc.





With all these services ReCRED improves the identity guarantee and reinforces the link between physical and virtual identities. "End users can now confirm that they own different accounts from different identity providers, link them together and consolidate their identity attributes," says Christos Xenakis.





A typical assumption that exemplifies everything related to the management of the identity of users in the network is associated with the diversity of services that require end users to log in to have access.





Given this habitual assumption, ReCRED is committed to data-based security. Researchers have achieved that unique user characteristics such as age, nationality or occupation can be used to access data, resources or services. "We prioritize an authentication that requires using only essential data that act as anonymous credentials. It is not necessary to verify the e-mail, for example, since it would reveal the identity of the user, "explains Antonio Fernández Anta, researcher at IMDEA Networks Institute, collaborator of UC3M in ReCRED.





The device that becomes the main authentication gateway presents its own security problems. This can become a single point of failure in case of loss or damage, or be vulnerable to being hacked after user authentication.





ReCRED (From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control, H2020 Grant Agreement 653417) has avoided these problems by creating additional security measures with blocking and recovery capabilities. In particular, researchers have taken advantage of an entity called Identity Consolidator (IDC) as well as behavioral and physiological signatures of the user and security protocols based on SIM cards to verify the identity of the user. The IDC allows for the consolidation and management of identities, while favoring efficient recovery in the event of failures. "In the event that a user loses their device, they can regain access to services by providing two-factor authentication, such as personal attributes scanned from physical characteristics or biometric behavioral data," Xenakis says.





Eliminating the need to use different passwords will make internet-based services safer and easier to use. In addition to the end users, other beneficiaries of this new open platform will be telecommunications operators, web hosting companies and manufacturers of mobile devices. (Source: IMDEA Networks / DICYT)



        .
    .


SOURCE LINK ERESVIRAL.COM 
https://www.beviral.online

Comentarios

Publicar un comentario

Entradas populares de este blog

Grupos de privacidad que reclaman anuncios en línea pueden dirigirse a víctimas de abuso

Imagen
Grupos de privacidad que reclaman anuncios en línea pueden dirigirse a víctimas de abuso https://media.wired.com/photos/5c4bd1aaf254572cc21b81f8/191:100/pass/TrackerAdsAreBad%20(1).jpg Grupos de privacidad que reclaman anuncios en línea pueden dirigirse a víctimas de abuso Defensores europeos de la privacidad dicen que el complejo proceso de licitación detrás de la publicidad conductual en línea amenaza la privacidad de los consumidores. Para colocar anuncios en las páginas web, las empresas difunden ampliamente lo que saben sobre un usuario que visita la página, incluidos datos potencialmente confidenciales sobre el tipo de contenido que la persona ve, escucha o lee. Los nuevos documentos presentados el lunes ante los reguladores en Polonia, el Reino Unido e Irlanda afirman que la forma en que se manejan los datos personales durante el proceso de hacer coincidir los anuncios con los espacios publicitarios no cumple con los requisitos de la Unión Europea. Reglamento general de p...
Leer más

¿Puede Apple Watch prevenir los golpes? Nuevo estudio pretende descubrir

Imagen
¿Puede Apple Watch prevenir los golpes? Nuevo estudio pretende descubrir https://static.foxnews.com/foxnews.com/content/uploads/2018/09/dcd037e4-Apple-Event_Vros.jpg ¿Puede Apple Watch prevenir los golpes? Nuevo estudio pretende descubrir Foto del archivo: El CEO de Apple, Tim Cook, habla sobre el nuevo Apple Watch durante un evento de Apple el lunes 9 de marzo de 2015 en San Francisco. (Foto AP / Eric Risberg) manzana El reloj ya ha sido acreditado con salvando vidas alertando a los portadores sobre las condiciones del corazón. ¿Pero puede el smartwatch prevenir golpes? Un nuevo estudio de Johnson & Johnson pretende descubrirlo. La compañía farmacéutica se está asociando con Apple para estudiar si las notificaciones de ritmo irregular del wearable y la aplicación de ECG en el Apple Watch Serie 4 pueden ayudar a acelerar el diagnóstico de fibrilación auricular (una enfermedad cardíaca que puede provocar un accidente cerebrovascular) y mejor...
Leer más

Las empresas ofrecen regalos gratuitos, ofertas especiales de cierre y asistencia a los trabajadores...

Imagen
Las empresas ofrecen regalos gratuitos, ofertas especiales de cierre y asistencia a los trabajadores... https://www.gannett-cdn.com/presto/2019/01/10/USAT/55317dbc-b9c3-4865-aa96-228ae272a325-fazoli.jpg?crop=1240,698,x0,y0&width=3200&height=1680&fit=bounds Las empresas ofrecen regalos gratuitos, ofertas especiales de cierre y asistencia a los trabajadores federales CERRAR Los empleados federales sin permiso recurren a las clases de improvisación durante el cierre del gobierno en el Washington Improv Theatre. Jack Gruber, USA HOY Llámalos "ofertas especiales de apagado" y "regalos gratuitos". Mientras que un acuerdo para poner fin al cierre de gobierno más largo parece estar muy lejos Algunas empresas están ofreciendo a los trabajadores federales con licencia un poco de alivio que va desde comidas gratis, descuentos en restaurantes, aplazamiento de pagos y préstamos sin interés. Alrededor de 800,000 empleados federales han estado sin...
Leer más